launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #05510
Re: Private page style test (was RFD: Should Launchpad lie to its users?)
On Mon, 2010-11-08 at 16:06 +0000, Julian Edwards wrote:
>
> Have you considered the case where a page is made up of private and
> non-
> private objects? The /builders page has this situation (among
> others).
Not with a privacy stripe. There was discussion in the past of
decorating private items in a page with a lock. Private bugs have a lock
badge on them, but there was no decision to make it uniform since badges
are not a universal Launchpad concept.
In the case of private teams, you cannot access anything on the object
if you do not have permission, so we use a tales formatter to ensure
access to displayname and url do not cause a 403 for the whole page. We
then changed queries that could return private teams to only include
them when the user has permission. The SQL is often like:
public=True UNION private=False AND user in (TeamParticipation).
--
__Curtis C. Hovey_________
http://launchpad.net/
Attachment:
signature.asc
Description: This is a digitally signed message part
Follow ups
References