Defect #6311
closedSubversion : anonymous access rights unexpected behavior
0%
Description
(Ubuntu 10.04 install)
Redmine: 0.9.3
Postgresql 8.4
Ruby 1.8.7
Subversion 1.6.6
It may not be a bug but it still remains an "unexpected behavior". In project configuration, if "public" attribute is checked it bypasses the svn access rights set in the "Role and permission" section for (anonymous users).
That means that if you set (anonymous users) not to have rights to browse repository and if you check the public setting, they will still have rights to checkout the project anonymously.
As a redmine administrator in a company, a wrong configuration making the code public could be a really big mistake. As a consequences, I would suggest not to use this "public" project attribute for redmine/Svn but just use the regular Role & Permissions section.