launchpad-reviewers team mailing list archive

[Abel Deuring <abel.deuring@xxxxxxxxxxxxx>]

The proposal to merge lp:~adeuring/launchpad/productseries-sec-adapter into lp:launchpad has been updated.

Description changed to:

This branch adds a "sharing aware" security adapter for IProductSeries.

Serieses of private products are now only shown to persons
with policy grants for the product; the only exception are some
attributes that do not leak any "real" information: the database ID,
and the method userCanView().

Details of the change:

lp/registry/configure.zcml:

Access to most attributes and to "partial" interfaces that were public
now requires the permission launchpad.View; the permission
launchpad.AnyPerson is replaced with launchapd.AnyAllowedPerson.

(lp.services.webapp.authorization.LaunchpadSecurityPolicy.checkPermission()
has a "shortcut" for the permission launchpad.AnyPerson: no
dedicated security adapters are looked up for this permission,
so the new rule "data for serieses of private products should only
be visible for persons having a policy grant" cannot be implemented
with this permission.)

lp/security.py:

The existing class ViewProductSeries derived AnonymousAuthorization.
This does not make sense anymore, instead the class now derives
AuthorizationBase and calls the new method ProductSeries,userCanView()
for real authorization check.

The new class ChangeProductSeries does the authorization check for
the permission launchpad.AnyAllowedPerson.

lp/registry/interfaces/productseries.py

The existing interface IProductSeriesPublic now defines only the DB ID
and the method userCanView(), all other attributes are defined in
the new class IProductSeriesView.

lp/registry/model/productseries.py:

The new method userCanView(). The actual permission check is done
by IProduct.userCanView().

lp/registry/tests/test_productseries.py:

Tests for the permissions.

The test class properties expected_get_permissions and
expected_set_permissions are also intended to document which permissions
are acutally used for IProductSeries.

test:

./bin/test registry -vvt lp.registry.tests.test_productseries.ProductSeriesSecurityAdaperTestCase

no lint

Update:

I'm running an EC2 test for this branch; several failures are
fixed in r 10250.

The tests lp.registry.tests.test_packaging.TestCreatePackaging.test_createPackaging_refuses_EMBARGOED
and lp.registry.tests.test_packaging.TestCreatePackaging.test_createPackaging_refuses_PROPRIETARY
failed in lp.registry.packaging.PackagingUtil.createPackaging() because
productseries.product is no longer available. To fix these tests, I added
the interfaces IInformationType to IProduct.

The other failures were either Unauthorized execption, or, in browser
tests, "AttributeError: 'thread._local' object has no attribute 'interaction'".

WHen a borwser instance is created, an existing interaction in terminated,
so that thread._local.interaction is no longer available outside a
a browser call -- but the current user is stored as an attribute of
interaction, and the new security tests require a check if this user has
access rights. The most easy fix is to access some required attribute
the broswer object is created.


additional tests:

lp.registry.tests.test_productseries.TestProductSeriesInformationType
lp.code.browser.tests.test_branchlisting.TestProductSeriesTemplate.test_product_series_link
lp.registry.browser.tests.test_sourcepackage_views.TestSourcePackageChangeUpstreamView.test_error_on_proprietary_productseries
lp.registry.tests.test_packaging.TestCreatePackaging.test_createPackaging_refuses_EMBARGOED
lp.registry.tests.test_packaging.TestCreatePackaging.test_createPackaging_refuses_PROPRIETARY
lp.registry.tests.test_sourcepackage.TestSourcePackage.test_refuses_PROPRIETARY


For more details, see:
https://code.launchpad.net/~adeuring/launchpad/productseries-sec-adapter/+merge/130305
-- 
https://code.launchpad.net/~adeuring/launchpad/productseries-sec-adapter/+merge/130305
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~adeuring/launchpad/productseries-sec-adapter into lp:launchpad.