Subversion (SVN) Protected Directories are SVN's way to control access to sensitive and mission-critical code, data, and assets. They add an Access Control List (ACL) to your SVN repository based on a path-based authorization to limit permissions for certain users to certain directories/files.
By protecting your SVN directories, you can control which users are allowed to contribute new code to your repository or restrict them from accessing certain directories at all.
Path-based Authorization Permission Levels
With Assembla Protected SVN Directories, you can set directory permissions to read-only access, or restrict access completely.
NOTE: Permissions apply to all users in the repository. To exempt certain users from the default protections settings you set, you must whitelist them by adding their usernames under "Grant permissions to".
- Default: the default setting for Assembla SVN repos allows for Read + Write privileges.
- Read-only: restricts all users to Read-only privileges for the specified directories in your protection setting, except those users explicitly named under "Grant permission to".
- NEW! No access: hides specified directories completely for all users in the repository except those whitelisted under "Grant permission to", in both the Assembla WebApp and any client/command-line tools used to access your SVN repo.
Example: In this Demo SVN repo, the default permissions set for the directory
/trunk/projects have been changed to "No access" for all users in the repository. Only the user krogalski has been granted the permissions read and write to the directory
/trunk/projects and any children directories it contains. No other users will be able to view the files under
/trunk/project from the Assembla WebApp or check out those files with their local client.
NEW! Path directory wildcards. To set permissions for a specific directory or directory path regardless of what branch or directory it belongs to, use a
* wildcard when setting the directory path permissions. For example, permissions set for
*/projectA will grant the same level of permissions for both
How to change default repository access permissions:
- Select the SVN repo you would like to protect directories within from the tools dropdown menu.
- Go to the Settings sub-tab on the SVN repository tab, then click the Protected Directories link on the left side. (You must be an "Owner" on the project to view the Settings sub-tab.)
- Under Directory Path, enter the directory path for which you would like to change the default access permissions levels (for example, /trunk/projectA), or use a wildcard to specify a sub-path regardless of branch (for example, */projectA). To add path-based auth to multiple directories at the same time, simply add each relative path on a new line. This will set permissions for the directory path and all its children.
- From the Permission dropdown, select the type of permission you would like to set as the default for the directory.
- In the “Grant permission to…” text input box, type the usernames for the team members who should be whitelisted and granted write permissions to the directory (exempted from the new default level of access).
- Finally, click “Protect Directory.”
To edit or remove directory protections
If you are an “Owner” of the project space, you can add or remove protections on directories in an SVN repo at any time.
Simply navigate to the Protected Directories menu of the SVN repo’s Settings tab and click on the pencil (edit) icon next to the directory you want to change. Add more users by starting to type in their name (or Assembla username), or remove users by deleting them from the list and clicking Submit.
(Remember: if protections are not specified for a user, they will be granted the default level of permissions on the directory.)
Finally, to remove directory protection from a directory completely, click the wastebasket icon to the right.
Viewing protected directories in the web browser
Team members who are allowed access to the protected directory will see the directory marked with a green lock icon when viewing from the Assembla WebApp. Other team members will see it marked with a red lock icon, and will not be able to view the contents of the restricted directory in the browser or from their local client.