launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #13268
Re: lp:~adeuring/launchpad/authentication-for-private-products into lp:launchpad
the "real" changes:
=== modified file 'lib/lp/registry/configure.zcml'
--- lib/lp/registry/configure.zcml 2012-10-09 10:28:02 +0000
+++ lib/lp/registry/configure.zcml 2012-10-10 18:04:36 +0000
@@ -1229,8 +1229,9 @@
class="lp.registry.model.product.Product">
<allow
interface="lp.registry.interfaces.product.IProductPublic"/>
- <allow
- interface="lp.registry.interfaces.pillar.IPillar"/>
+ <require
+ permission="launchpad.View"
+ interface="lp.registry.interfaces.product.IPillar"/>
<require
permission="launchpad.View"
interface="lp.registry.interfaces.product.IProductLimitedView"/>
@@ -1371,8 +1372,9 @@
<!-- IStructuralSubscriptionTarget -->
- <require
- permission="launchpad.View"
+ <!-- XXX bug=1065162 Abel Deuring 2012-10-10:
+ This interface should require the permission launchpad.View. -->
+ <allow
interface="lp.bugs.interfaces.structuralsubscription.IStructuralSubscriptionTargetRead" />
<require
permission="launchpad.AnyAllowedPerson"
=== modified file 'lib/lp/registry/interfaces/product.py'
--- lib/lp/registry/interfaces/product.py 2012-10-09 10:28:02 +0000
+++ lib/lp/registry/interfaces/product.py 2012-10-10 18:04:36 +0000
@@ -430,6 +430,24 @@
def userCanView(user):
"""True if the given user has access to this product."""
+ # bug=1065162 Abel Deuring 2012-10-10:
+ # name and displayname should be defined in IProductLimitedView
+ name = exported(
+ ProductNameField(
+ title=_('Name'),
+ constraint=name_validator,
+ description=_(
+ "At least one lowercase letter or number, followed by "
+ "letters, numbers, dots, hyphens or pluses. "
+ "Keep this name short; it is used in URLs as shown above.")))
+
+ displayname = exported(
+ TextLine(
+ title=_('Display Name'),
+ description=_("""The name of the project as it would appear in a
+ paragraph.""")),
+ exported_as='display_name')
+
class IProductLimitedView(
IBugTarget, ICanGetMilestonesDirectly, IHasAppointedDriver, IHasBranches,
@@ -491,22 +509,6 @@
"required because there might be a project driver and also a "
"driver appointed in the overarching project group.")
- name = exported(
- ProductNameField(
- title=_('Name'),
- constraint=name_validator,
- description=_(
- "At least one lowercase letter or number, followed by "
- "letters, numbers, dots, hyphens or pluses. "
- "Keep this name short; it is used in URLs as shown above.")))
-
- displayname = exported(
- TextLine(
- title=_('Display Name'),
- description=_("""The name of the project as it would appear in a
- paragraph.""")),
- exported_as='display_name')
-
title = exported(
Title(
title=_('Title'),
=== modified file 'lib/lp/registry/tests/test_product.py'
--- lib/lp/registry/tests/test_product.py 2012-10-09 10:28:02 +0000
+++ lib/lp/registry/tests/test_product.py 2012-10-10 18:04:36 +0000
@@ -597,18 +597,25 @@
expected_permissions[permission] - attribute_names)))
expected_get_permissions = {
+ # bug=1065162 Abel Deuring 2012-10-10:
+ # name, displayname
+ # should be defined in IProductLimitedView
CheckerPublic: set((
- 'active', 'id', 'information_type', 'pillar_category', 'private',
- 'userCanView',)),
+ 'id', 'information_type', 'userCanView', 'private',
+ 'name', 'displayname', 'bug_subscriptions', 'getSubscription',
+ 'getSubscriptions', 'parent_subscription_target',
+ 'target_type_display', 'userCanAlterBugSubscription',
+ 'userCanAlterSubscription', 'userHasBugSubscriptions'
+ )),
'launchpad.View': set((
'_getOfficialTagClause', '_all_specifications',
- '_valid_specifications', 'active_or_packaged_series',
+ '_valid_specifications', 'active', 'active_or_packaged_series',
'aliases', 'all_milestones',
'allowsTranslationEdits', 'allowsTranslationSuggestions',
'announce', 'answer_contacts', 'answers_usage', 'autoupdate',
'blueprints_usage', 'branch_sharing_policy',
'bug_reported_acknowledgement', 'bug_reporting_guidelines',
- 'bug_sharing_policy', 'bug_subscriptions', 'bug_supervisor',
+ 'bug_sharing_policy', 'bug_supervisor',
'bug_tracking_usage', 'bugtargetdisplayname', 'bugtargetname',
'bugtracker', 'canUserAlterAnswerContact',
'checkPrivateBugsTransitionAllowed', 'codehosting_usage',
@@ -617,7 +624,7 @@
'createCustomLanguageCode', 'custom_language_codes',
'date_next_suggest_packaging', 'datecreated', 'description',
'development_focus', 'development_focusID',
- 'direct_answer_contacts', 'displayname', 'distrosourcepackages',
+ 'direct_answer_contacts', 'distrosourcepackages',
'downloadurl', 'driver', 'drivers', 'enable_bug_expiration',
'enable_bugfiling_duplicate_search', 'findReferencedOOPS',
'findSimilarFAQs', 'findSimilarQuestions', 'freshmeatproject',
@@ -635,8 +642,8 @@
'getFAQ', 'getFirstEntryToImport', 'getLinkedBugWatches',
'getMergeProposals', 'getMilestone', 'getMilestonesAndReleases',
'getQuestion', 'getQuestionLanguages', 'getPackage', 'getRelease',
- 'getSeries', 'getSpecification', 'getSubscription',
- 'getSubscriptions', 'getSupportedLanguages', 'getTimeline',
+ 'getSeries', 'getSpecification',
+ 'getSupportedLanguages', 'getTimeline',
'getTopContributors', 'getTopContributorsGroupedByCategory',
'getTranslationGroups', 'getTranslationImportQueueEntries',
'getTranslators', 'getUsedBugTagsWithOpenCounts',
@@ -647,13 +654,13 @@
'invitesTranslationSuggestions',
'isUsingInheritedBranchVisibilityPolicy',
'license_info', 'license_status', 'licenses', 'logo', 'milestones',
- 'mugshot', 'name', 'name_with_project', 'newCodeImport',
+ 'mugshot', 'name_with_project', 'newCodeImport',
'obsolete_translatable_series', 'official_answers',
'official_anything', 'official_blueprints', 'official_bug_tags',
'official_codehosting', 'official_malone', 'owner',
- 'parent_subscription_target', 'packagedInDistros', 'packagings',
+ 'packagedInDistros', 'packagings',
'past_sprints', 'personHasDriverRights', 'pillar',
- 'primary_translatable', 'private_bugs',
+ 'pillar_category', 'primary_translatable', 'private_bugs',
'programminglang', 'project', 'qualifies_for_free_hosting',
'recipes', 'redeemSubscriptionVoucher', 'registrant', 'releases',
'remote_product', 'removeCustomLanguageCode',
@@ -662,12 +669,11 @@
'series', 'setBranchVisibilityTeamPolicy', 'setPrivateBugs',
'sharesTranslationsWithOtherSide', 'sourceforgeproject',
'sourcepackages', 'specification_sharing_policy', 'specifications',
- 'sprints', 'summary', 'target_type_display', 'title',
+ 'sprints', 'summary', 'title',
'translatable_packages', 'translatable_series',
'translation_focus', 'translationgroup', 'translationgroups',
'translationpermission', 'translations_usage', 'ubuntu_packages',
- 'userCanAlterBugSubscription', 'userCanAlterSubscription',
- 'userCanEdit', 'userHasBugSubscriptions', 'uses_launchpad',
+ 'userCanEdit', 'uses_launchpad',
'wikiurl')),
'launchpad.AnyAllowedPerson': set((
'addAnswerContact', 'addBugSubscription',
@@ -882,6 +888,22 @@
self.assertEqual(
queries_for_first_user_access, len(recorder.queries))
+ def test_access_to_deactivated_product(self):
+ # XXX bug=1065162 Abel Deuring 2012-10-10:
+ # The properties name, displayname, parent_subscription_target must
+ # be visible for inactive products.
+ product = self.factory.makeProduct()
+ removeSecurityProxy(product).active = False
+ user = self.factory.makePerson()
+ with person_logged_in(user):
+ product.name
+ product.displayname
+ product.parent_subscription_target
+ # Access to other attributes, including those defined in
+ # IPillar, is not possible.
+ self.assertRaises(Unauthorized, getattr, product, 'active')
+ self.assertRaises(Unauthorized, getattr, product, 'title')
+
class TestProductBugInformationTypes(TestCaseWithFactory):
--
https://code.launchpad.net/~adeuring/launchpad/authentication-for-private-products/+merge/129014
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~adeuring/launchpad/authentication-for-private-products into lp:launchpad.
References
