launchpad-reviewers team mailing list archive

[Steve Kowalik <stevenk@xxxxxxxxxx>]

Steve Kowalik has proposed merging lp:~stevenk/launchpad/new-perm-for-archive-subscribers-fixed into lp:launchpad.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~stevenk/launchpad/new-perm-for-archive-subscribers-fixed/+merge/149464

Fix SubscriberView for archives. Rewrite ViewSPPH to respect either SubscriberView or View, rather than delegating to Archive entirely. Shift IArchive.archive_url and IArchive.dependencies to SubscriberView.
-- 
https://code.launchpad.net/~stevenk/launchpad/new-perm-for-archive-subscribers-fixed/+merge/149464
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~stevenk/launchpad/new-perm-for-archive-subscribers-fixed into lp:launchpad.

=== modified file 'lib/lp/security.py'
--- lib/lp/security.py	2013-02-18 09:14:26 +0000
+++ lib/lp/security.py	2013-02-20 04:36:23 +0000
@@ -2690,13 +2690,22 @@
         yield self.obj.archive
 
 
-class ViewSourcePackagePublishingHistory(DelegatedAuthorization):
+class ViewSourcePackagePublishingHistory(AuthorizationBase):
     """Restrict viewing of source publications."""
     permission = "launchpad.View"
     usedfor = ISourcePackagePublishingHistory
 
-    def iter_objects(self):
-        yield self.obj.archive
+    def checkUnauthenticated(self):
+        return (
+            check_permission('launchpad.View', self.obj.archive) or
+            check_permission('launchpad.SubscriberView', self.obj.archive))
+
+    def checkAuthenticated(self, user):
+        return (
+            self.forwardCheckAuthenticated(
+                user, self.obj.archive, 'launchpad.View') or
+            self.forwardCheckAuthenticated(
+                user, self.obj.archive, 'launchpad.SubscriberView'))
 
 
 class EditPublishing(DelegatedAuthorization):

=== modified file 'lib/lp/soyuz/interfaces/archive.py'
--- lib/lp/soyuz/interfaces/archive.py	2013-02-18 12:42:17 +0000
+++ lib/lp/soyuz/interfaces/archive.py	2013-02-20 04:36:23 +0000
@@ -358,6 +358,13 @@
 
 class IArchiveSubscriberView(Interface):
 
+    archive_url = Attribute("External archive URL.")
+    dependencies = exported(
+        CollectionField(
+            title=_("Archive dependencies recorded for this archive."),
+            value_type=Reference(schema=Interface),
+            # Really IArchiveDependency
+            readonly=True))
     description = exported(
         Text(
             title=_("Description"), required=False,
@@ -512,8 +519,6 @@
             "The default component for this archive. Publications without a "
             "valid component will be assigned this one."))
 
-    archive_url = Attribute("External archive URL.")
-
     is_partner = Attribute("True if this archive is a partner archive.")
 
     number_of_sources = Attribute(
@@ -1029,13 +1034,6 @@
         description=_(
             "The password used by the build farm to access the archive."))
 
-    dependencies = exported(
-        CollectionField(
-            title=_("Archive dependencies recorded for this archive."),
-            value_type=Reference(schema=Interface),
-            # Really IArchiveDependency
-            readonly=True))
-
     signing_key_fingerprint = exported(
         Text(
             title=_("Archive signing key fingerprint"), required=False,

=== modified file 'lib/lp/soyuz/tests/test_archive_subscriptions.py'
--- lib/lp/soyuz/tests/test_archive_subscriptions.py	2013-02-18 05:20:56 +0000
+++ lib/lp/soyuz/tests/test_archive_subscriptions.py	2013-02-20 04:36:23 +0000
@@ -136,6 +136,7 @@
         with person_logged_in(self.owner):
             self.archive = self.factory.makeArchive(
                 private=True, owner=self.private_team)
+        self.factory.makeSourcePackagePublishingHistory(archive=self.archive)
         self.subscriber = self.factory.makePerson()
 
     def test_traverse_view_private_team_archive_subscriber(self):