launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #13457
[Merge] lp:~abentley/launchpad/user-blueprints-privacy into lp:launchpad
Aaron Bentley has proposed merging lp:~abentley/launchpad/user-blueprints-privacy into lp:launchpad with lp:~abentley/launchpad/user-blueprints as a prerequisite.
Commit message:
Use privacy filter for Person.specifications.
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
Related bugs:
Bug #1063275 in Launchpad itself: "user blueprints page cannot be viewed"
https://bugs.launchpad.net/launchpad/+bug/1063275
For more details, see:
https://code.launchpad.net/~abentley/launchpad/user-blueprints-privacy/+merge/129967
= Summary =
Fix bug #1063275: user blueprints page cannot be viewed
== Proposed fix ==
Use get_specification_privacy_filter
== Pre-implementation notes ==
None
== LOC Rationale ==
Part of Private Projects
== Implementation details ==
Reinstated privacy tests from r16149, added privacy filter
== Tests ==
bin/test test_product -t Specifications
== Demo and Q/A ==
Create a proprietary blueprint. It should be listed on blueprints.launchpad.net/~USER. Log out. It should no longer be listed.
= Launchpad lint =
Checking for conflicts and issues in changed files.
Linting changed files:
lib/lp/testing/factory.py
lib/lp/blueprints/model/specification.py
lib/lp/blueprints/model/sprint.py
lib/lp/registry/model/person.py
lib/lp/registry/tests/test_person.py
--
https://code.launchpad.net/~abentley/launchpad/user-blueprints-privacy/+merge/129967
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~abentley/launchpad/user-blueprints-privacy into lp:launchpad.
=== modified file 'lib/lp/registry/model/person.py'
--- lib/lp/registry/model/person.py 2012-10-16 19:27:29 +0000
+++ lib/lp/registry/model/person.py 2012-10-16 19:27:31 +0000
@@ -127,6 +127,7 @@
)
from lp.blueprints.model.specification import (
get_specification_filters,
+ get_specification_privacy_filter,
HasSpecificationsMixin,
Specification,
)
@@ -864,7 +865,7 @@
Select(SpecificationSubscription.specificationID,
[SpecificationSubscription.person == self]
)))
- clauses = [Or(*role_clauses)]
+ clauses = [Or(*role_clauses), get_specification_privacy_filter(user)]
clauses.extend(get_specification_filters(filter))
results = Store.of(self).find(Specification, *clauses)
# The default sort is priority descending, so only explictly sort for
=== modified file 'lib/lp/registry/tests/test_person.py'
--- lib/lp/registry/tests/test_person.py 2012-10-16 19:27:29 +0000
+++ lib/lp/registry/tests/test_person.py 2012-10-16 19:27:31 +0000
@@ -1763,3 +1763,31 @@
self.assertEqual([blueprint1], result)
result = list_result(owner, ['def'])
self.assertEqual([blueprint2], result)
+
+ def test_proprietary_not_listed(self):
+ # Proprietary blueprints are not listed for random users
+ blueprint1 = self.makeSpec(
+ information_type=InformationType.PROPRIETARY)
+ self.assertEqual([], list_result(blueprint1.owner))
+
+ def test_proprietary_listed_for_artifact_grant(self):
+ # Proprietary blueprints are listed for users with an artifact grant.
+ blueprint1 = self.makeSpec(
+ information_type=InformationType.PROPRIETARY)
+ grant = self.factory.makeAccessArtifactGrant(
+ concrete_artifact=blueprint1)
+ self.assertEqual(
+ [blueprint1],
+ list_result(blueprint1.owner, user=grant.grantee))
+
+ def test_proprietary_listed_for_policy_grant(self):
+ # Proprietary blueprints are listed for users with a policy grant.
+ blueprint1 = self.makeSpec(
+ information_type=InformationType.PROPRIETARY)
+ policy_source = getUtility(IAccessPolicySource)
+ (policy,) = policy_source.find(
+ [(blueprint1.product, InformationType.PROPRIETARY)])
+ grant = self.factory.makeAccessPolicyGrant(policy)
+ self.assertEqual(
+ [blueprint1],
+ list_result(blueprint1.owner, user=grant.grantee))
Follow ups
