launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #03852
[Merge] lp:~bac/launchpad/bug-789383 into lp:launchpad
Brad Crittenden has proposed merging lp:~bac/launchpad/bug-789383 into lp:launchpad.
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
Related bugs:
Bug #789383 in Launchpad itself: "Oops calling findSimilarBugs api anonymously"
https://bugs.launchpad.net/launchpad/+bug/789383
For more details, see:
https://code.launchpad.net/~bac/launchpad/bug-789383/+merge/63695
= Summary =
Anonymous API users attempting to get a list of bugs via findSimilarBugs
were OOPSing. The method to check visibility was incorrectly asserting
that the user was not anonymous.
== Proposed fix ==
Remove the assertion and return True for anonymous users and public bugs.
== Pre-implementation notes ==
None
== Implementation details ==
As above.
== Tests ==
bin/test -vvm lp.bugs -t '(webservice/xx-bug.txt|test_bugvisibility)'
== Demo and Q/A ==
= Launchpad lint =
Lots of (pre-existing) lint! I'll try to fix them before landing as I
didn't want to pollute the review.
Checking for conflicts and issues in changed files.
Linting changed files:
lib/lp/registry/browser/product.py
lib/lp/bugs/stories/webservice/xx-bug.txt
lib/lp/bugs/tests/test_bugvisibility.py
lib/lp/bugs/model/bug.py
./lib/lp/bugs/stories/webservice/xx-bug.txt
13: source has bad indentation.
53: want exceeds 78 characters.
61: source has bad indentation.
67: source has bad indentation.
74: source has bad indentation.
165: source has bad indentation.
170: source exceeds 78 characters.
176: source exceeds 78 characters.
182: source has bad indentation.
194: source has bad indentation.
205: source has bad indentation.
211: source has bad indentation.
221: source has bad indentation.
232: source has bad indentation.
250: source has bad indentation.
253: source has bad indentation.
260: source has bad indentation.
265: source exceeds 78 characters.
265: source has bad indentation.
271: source has bad indentation.
281: source has bad indentation.
292: source has bad indentation.
301: source has bad indentation.
316: source has bad indentation.
322: source has bad indentation.
349: want exceeds 78 characters.
354: source has bad indentation.
359: source has bad indentation.
364: source has bad indentation.
370: source has bad indentation.
374: source has bad indentation.
378: source has bad indentation.
385: source has bad indentation.
389: source has bad indentation.
395: source has bad indentation.
398: source has bad indentation.
402: source has bad indentation.
408: source has bad indentation.
414: source has bad indentation.
418: source has bad indentation.
426: source has bad indentation.
429: source has bad indentation.
434: source has bad indentation.
440: source has bad indentation.
446: source has bad indentation.
452: source has bad indentation.
460: source has bad indentation.
473: source has bad indentation.
482: source has bad indentation.
492: source has bad indentation.
502: source has bad indentation.
512: source has bad indentation.
523: source has bad indentation.
549: source has bad indentation.
559: source has bad indentation.
568: source has bad indentation.
578: source has bad indentation.
827: source has bad indentation.
851: source has bad indentation.
863: source exceeds 78 characters.
863: source has bad indentation.
1057: source has bad indentation.
1062: source has bad indentation.
1066: source has bad indentation.
1085: source has bad indentation.
1091: source has bad indentation.
1096: source has bad indentation.
1099: source has bad indentation.
1103: source has bad indentation.
1109: source has bad indentation.
1122: source has bad indentation.
1136: source has bad indentation.
1160: source has bad indentation.
1162: source has bad indentation.
1175: want exceeds 78 characters.
1180: source has bad indentation.
1204: source has bad indentation.
1214: source has bad indentation.
1219: want exceeds 78 characters.
1255: source has bad indentation.
1265: source has bad indentation.
1278: source has bad indentation.
1297: source has bad indentation.
1311: source has bad indentation.
1319: source has bad indentation.
1321: source has bad indentation.
1328: source has bad indentation.
1331: source has bad indentation.
1334: source has bad indentation.
1340: source has bad indentation.
1342: want exceeds 78 characters.
1355: source has bad indentation.
1366: source has bad indentation.
1372: source has bad indentation.
1384: source has bad indentation.
1390: source has bad indentation.
1393: want exceeds 78 characters.
1648: source exceeds 78 characters.
2021: source exceeds 78 characters.
2081: narrative exceeds 78 characters.
2126: source has bad indentation.
2137: source has bad indentation.
./lib/lp/bugs/model/bug.py
1066: Line exceeds 78 characters.
573: E225 missing whitespace around operator
745: E225 missing whitespace around operator
749: E225 missing whitespace around operator
764: E225 missing whitespace around operator
1066: E501 line too long (83 characters)
1469: E225 missing whitespace around operator
1682: E261 at least two spaces before inline comment
1684: E261 at least two spaces before inline comment
1695: E261 at least two spaces before inline comment
1697: E261 at least two spaces before inline comment
1715: E225 missing whitespace around operator
2297: E225 missing whitespace around operator
2312: E225 missing whitespace around operator
2322: E261 at least two spaces before inline comment
2340: E261 at least two spaces before inline comment
2378: E225 missing whitespace around operator
2640: E225 missing whitespace around operator
2681: E225 missing whitespace around operator
--
https://code.launchpad.net/~bac/launchpad/bug-789383/+merge/63695
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~bac/launchpad/bug-789383 into lp:launchpad.
=== modified file 'lib/lp/bugs/model/bug.py'
--- lib/lp/bugs/model/bug.py 2011-06-07 06:24:04 +0000
+++ lib/lp/bugs/model/bug.py 2011-06-07 12:31:45 +0000
@@ -1847,20 +1847,24 @@
def userCanView(self, user):
"""See `IBug`.
- Note that Editing is also controlled by this check,
- because we permit editing of any bug one can see.
+ This method is called by security adapters but only in the case for
+ authenticated users. It is also called in other contexts where the
+ user may be anonymous.
If bug privacy rights are changed here, corresponding changes need
to be made to the queries which screen for privacy. See
Bug.searchAsUser and BugTask.get_bug_privacy_filter_with_decorator.
"""
- assert user is not None, "User may not be None"
-
- if user.id in self._known_viewers:
- return True
if not self.private:
# This is a public bug.
return True
+ # This method may be called for anonymous users. For private bugs
+ # always return false for anonymous.
+ if user is None:
+ return False
+ if user.id in self._known_viewers:
+ return True
+
elif IPersonRoles(user).in_admin:
# Admins can view all bugs.
return True
@@ -2568,7 +2572,7 @@
# Transaction.iterSelect() will try to listify the results.
# This can be fixed by selecting from Bugs directly, but
# that's non-trivial.
- # ---: Robert Collins 20100818: if bug_tasks implements IResultSset
+ # ---: Robert Collins 2010-08-18: if bug_tasks implements IResultSet
# then it should be very possible to improve on it, though
# DecoratedResultSets would need careful handling (e.g. type
# driven callbacks on columns)
=== modified file 'lib/lp/bugs/stories/webservice/xx-bug.txt'
--- lib/lp/bugs/stories/webservice/xx-bug.txt 2011-05-20 07:56:37 +0000
+++ lib/lp/bugs/stories/webservice/xx-bug.txt 2011-06-07 12:31:45 +0000
@@ -575,7 +575,7 @@
its findSimilarBugs() method. As it happens, there aren't any bugs
similar to bug 1 for Firefox.
- >>> print webservice.named_get(
+ >>> print anon_webservice.named_get(
... firefox_bugtask['self_link'],
... 'findSimilarBugs')
HTTP/1.1 200 Ok...
@@ -598,7 +598,7 @@
... webservice.getAbsoluteUrl('/firefox/+bug/%s' % new_bug['id'])
... ).jsonBody()
- >>> print webservice.named_get(
+ >>> print anon_webservice.named_get(
... new_bug_task['self_link'],
... 'findSimilarBugs')
HTTP/1.1 200 Ok...
=== modified file 'lib/lp/bugs/tests/test_bugvisibility.py'
--- lib/lp/bugs/tests/test_bugvisibility.py 2011-03-21 20:27:13 +0000
+++ lib/lp/bugs/tests/test_bugvisibility.py 2011-06-07 12:31:45 +0000
@@ -21,8 +21,8 @@
self.bug = self.factory.makeBug(owner=owner)
def test_publicBugAnonUser(self):
- # userCanView does not get called for anonymous users.
- self.assertRaises(AssertionError, self.bug.userCanView, None)
+ # Since the bug is public, the anonymous user can see it.
+ self.assertTrue(self.bug.userCanView(None))
def test_publicBugRegularUser(self):
# A regular (non-privileged) user can view a public bug.
@@ -78,3 +78,7 @@
with person_logged_in(self.product.owner):
self.bug.default_bugtask.transitionToAssignee(bug_assignee)
self.assertTrue(self.bug.userCanView(bug_assignee))
+
+ def test_publicBugAnonUser(self):
+ # Since the bug is private, the anonymous user cannot see it.
+ self.assertFalse(self.bug.userCanView(None))
=== modified file 'lib/lp/registry/browser/product.py'
--- lib/lp/registry/browser/product.py 2011-05-27 21:12:25 +0000
+++ lib/lp/registry/browser/product.py 2011-06-07 12:31:45 +0000
@@ -1150,7 +1150,7 @@
self.context.name).css_id(),
edit_view='+review-license',
tag='span',
- false_text='Deactivted',
+ false_text='Deactivated',
true_text='Active',
header='Is this project active and usable by the community?')
Follow ups
