launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #27591
[Merge] ~cjwatson/launchpad:access-token-rename-context-to-target into launchpad:master
Colin Watson has proposed merging ~cjwatson/launchpad:access-token-rename-context-to-target into launchpad:master.
Commit message:
Rename AccessToken.context to AccessToken.target
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/410144
Exporting a "context" attribute over the webservice turns out to be awkward, because it clashes with internals of lazr.restful. Let's just rename this now while it isn't too inconvenient to do so.
--
Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:access-token-rename-context-to-target into launchpad:master.
diff --git a/lib/lp/security.py b/lib/lp/security.py
index 02f2816..0c871fc 100644
--- a/lib/lp/security.py
+++ b/lib/lp/security.py
@@ -505,11 +505,11 @@ class EditAccessToken(AuthorizationBase):
if user.inTeam(self.obj.owner):
return True
# Being able to edit the token doesn't allow extracting the secret,
- # so it's OK to allow the owner of the context to do so too. This
- # allows context owners to exercise some control over access to
- # their object.
+ # so it's OK to allow the owner of the target to do so too. This
+ # allows target owners to exercise some control over access to their
+ # object.
adapter = queryAdapter(
- self.obj.context, IAuthorization, 'launchpad.Edit')
+ self.obj.target, IAuthorization, 'launchpad.Edit')
if adapter is not None and adapter.checkAuthenticated(user):
return True
return False
diff --git a/lib/lp/services/auth/interfaces.py b/lib/lp/services/auth/interfaces.py
index 9394cec..b8e3e7a 100644
--- a/lib/lp/services/auth/interfaces.py
+++ b/lib/lp/services/auth/interfaces.py
@@ -77,13 +77,13 @@ class IAccessToken(Interface):
class IAccessTokenSet(Interface):
"""The set of all personal access tokens."""
- def new(secret, owner, description, context, scopes):
+ def new(secret, owner, description, target, scopes):
"""Return a new access token with a given secret.
:param secret: A text string.
:param owner: An `IPerson` who is creating the token.
:param description: A short description of the token.
- :param context: An `IGitRepository` for which the token is being
+ :param target: An `IAccessTokenTarget` for which the token is being
issued.
:param scopes: A list of `AccessTokenScope`s to be granted by the
token.
@@ -101,10 +101,10 @@ class IAccessTokenSet(Interface):
:param owner: An `IPerson`.
"""
- def findByContext(context):
- """Return all access tokens for this context.
+ def findByTarget(target):
+ """Return all access tokens for this target.
- :param context: An `IGitRepository`.
+ :param target: An `IGitRepository`.
"""
diff --git a/lib/lp/services/auth/model.py b/lib/lp/services/auth/model.py
index c1228d1..437be7e 100644
--- a/lib/lp/services/auth/model.py
+++ b/lib/lp/services/auth/model.py
@@ -78,20 +78,20 @@ class AccessToken(StormBase):
resolution = timedelta(minutes=10)
- def __init__(self, secret, owner, description, context, scopes):
+ def __init__(self, secret, owner, description, target, scopes):
"""Construct an `AccessToken`."""
self._token_sha256 = hashlib.sha256(secret.encode()).hexdigest()
self.owner = owner
self.description = description
- if IGitRepository.providedBy(context):
- self.git_repository = context
+ if IGitRepository.providedBy(target):
+ self.git_repository = target
else:
- raise TypeError("Unsupported context: {!r}".format(context))
+ raise TypeError("Unsupported target: {!r}".format(target))
self.scopes = scopes
self.date_created = UTC_NOW
@property
- def context(self):
+ def target(self):
"""See `IAccessToken`."""
return self.git_repository
@@ -139,10 +139,10 @@ class AccessToken(StormBase):
@implementer(IAccessTokenSet)
class AccessTokenSet:
- def new(self, secret, owner, description, context, scopes):
+ def new(self, secret, owner, description, target, scopes):
"""See `IAccessTokenSet`."""
store = IStore(AccessToken)
- token = AccessToken(secret, owner, description, context, scopes)
+ token = AccessToken(secret, owner, description, target, scopes)
store.add(token)
return token
@@ -156,11 +156,11 @@ class AccessTokenSet:
"""See `IAccessTokenSet`."""
return IStore(AccessToken).find(AccessToken, owner=owner)
- def findByContext(self, context):
+ def findByTarget(self, target):
"""See `IAccessTokenSet`."""
kwargs = {}
- if IGitRepository.providedBy(context):
- kwargs["git_repository"] = context
+ if IGitRepository.providedBy(target):
+ kwargs["git_repository"] = target
else:
- raise TypeError("Unsupported context: {!r}".format(context))
+ raise TypeError("Unsupported target: {!r}".format(target))
return IStore(AccessToken).find(AccessToken, **kwargs)
diff --git a/lib/lp/services/auth/tests/test_model.py b/lib/lp/services/auth/tests/test_model.py
index 77ce073..f97d498 100644
--- a/lib/lp/services/auth/tests/test_model.py
+++ b/lib/lp/services/auth/tests/test_model.py
@@ -49,11 +49,11 @@ class TestAccessToken(TestCaseWithFactory):
login_person(owner)
self.assertTrue(check_permission("launchpad.Edit", token))
- def test_context_owner_can_edit(self):
- context_owner = self.factory.makePerson()
- repository = self.factory.makeGitRepository(owner=context_owner)
- _, token = self.factory.makeAccessToken(context=repository)
- login_person(context_owner)
+ def test_target_owner_can_edit(self):
+ target_owner = self.factory.makePerson()
+ repository = self.factory.makeGitRepository(owner=target_owner)
+ _, token = self.factory.makeAccessToken(target=repository)
+ login_person(target_owner)
self.assertTrue(check_permission("launchpad.Edit", token))
def test_other_user_cannot_edit(self):
@@ -173,15 +173,15 @@ class TestAccessTokenSet(TestCaseWithFactory):
self.assertEqual(64, len(secret))
owner = self.factory.makePerson()
description = "Test token"
- context = self.factory.makeGitRepository()
+ target = self.factory.makeGitRepository()
scopes = [AccessTokenScope.REPOSITORY_BUILD_STATUS]
_, token = self.factory.makeAccessToken(
- secret=secret, owner=owner, description=description,
- context=context, scopes=scopes)
+ secret=secret, owner=owner, description=description, target=target,
+ scopes=scopes)
self.assertThat(
removeSecurityProxy(token), MatchesStructure.byEquality(
_token_sha256=hashlib.sha256(secret.encode()).hexdigest(),
- owner=owner, description=description, context=context,
+ owner=owner, description=description, target=target,
scopes=scopes))
def test_getBySecret(self):
@@ -206,17 +206,16 @@ class TestAccessTokenSet(TestCaseWithFactory):
self.assertContentEqual(
[], getUtility(IAccessTokenSet).findByOwner(owners[2]))
- def test_findByContext(self):
- contexts = [self.factory.makeGitRepository() for _ in range(3)]
+ def test_findByTarget(self):
+ targets = [self.factory.makeGitRepository() for _ in range(3)]
tokens = [
- self.factory.makeAccessToken(context=contexts[0])[1],
- self.factory.makeAccessToken(context=contexts[0])[1],
- self.factory.makeAccessToken(context=contexts[1])[1],
+ self.factory.makeAccessToken(target=targets[0])[1],
+ self.factory.makeAccessToken(target=targets[0])[1],
+ self.factory.makeAccessToken(target=targets[1])[1],
]
self.assertContentEqual(
- tokens[:2], getUtility(IAccessTokenSet).findByContext(contexts[0]))
+ tokens[:2], getUtility(IAccessTokenSet).findByTarget(targets[0]))
self.assertContentEqual(
- [tokens[2]],
- getUtility(IAccessTokenSet).findByContext(contexts[1]))
+ [tokens[2]], getUtility(IAccessTokenSet).findByTarget(targets[1]))
self.assertContentEqual(
- [], getUtility(IAccessTokenSet).findByContext(contexts[2]))
+ [], getUtility(IAccessTokenSet).findByTarget(targets[2]))
diff --git a/lib/lp/services/webapp/tests/test_servers.py b/lib/lp/services/webapp/tests/test_servers.py
index a551f78..aa5123f 100644
--- a/lib/lp/services/webapp/tests/test_servers.py
+++ b/lib/lp/services/webapp/tests/test_servers.py
@@ -892,7 +892,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
def test_checkRequest_valid(self):
repository = self.factory.makeGitRepository()
self._makeAccessTokenVerifiedRequest(
- context=repository,
+ target=repository,
scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
getUtility(IWebServiceConfiguration).checkRequest(
repository,
@@ -901,7 +901,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
def test_checkRequest_bad_context(self):
repository = self.factory.makeGitRepository()
self._makeAccessTokenVerifiedRequest(
- context=repository,
+ target=repository,
scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
self.assertRaisesWithContent(
Unauthorized,
@@ -912,7 +912,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
def test_checkRequest_unscoped_method(self):
repository = self.factory.makeGitRepository()
self._makeAccessTokenVerifiedRequest(
- context=repository,
+ target=repository,
scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
self.assertRaisesWithContent(
Unauthorized,
@@ -923,7 +923,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
def test_checkRequest_wrong_scope(self):
repository = self.factory.makeGitRepository()
self._makeAccessTokenVerifiedRequest(
- context=repository,
+ target=repository,
scopes=[
AccessTokenScope.REPOSITORY_BUILD_STATUS,
AccessTokenScope.REPOSITORY_PUSH,
diff --git a/lib/lp/services/webservice/configuration.py b/lib/lp/services/webservice/configuration.py
index f52918a..8b56842 100644
--- a/lib/lp/services/webservice/configuration.py
+++ b/lib/lp/services/webservice/configuration.py
@@ -102,7 +102,7 @@ class LaunchpadWebServiceConfiguration(BaseWebServiceConfiguration):
access_token = get_interaction_extras().access_token
if access_token is None:
return
- if access_token.context != context:
+ if access_token.target != context:
raise Unauthorized(
"Current authentication does not allow access to this object.")
if not required_scopes:
diff --git a/lib/lp/testing/factory.py b/lib/lp/testing/factory.py
index 3ba8333..4fccdec 100644
--- a/lib/lp/testing/factory.py
+++ b/lib/lp/testing/factory.py
@@ -4519,7 +4519,7 @@ class BareLaunchpadObjectFactory(ObjectFactory):
return request_token.createAccessToken()
def makeAccessToken(self, secret=None, owner=None, description=None,
- context=None, scopes=None):
+ target=None, scopes=None):
"""Create a personal access token.
:return: A tuple of the secret for the new token and the token
@@ -4531,12 +4531,12 @@ class BareLaunchpadObjectFactory(ObjectFactory):
owner = self.makePerson()
if description is None:
description = self.getUniqueUnicode()
- if context is None:
- context = self.makeGitRepository()
+ if target is None:
+ target = self.makeGitRepository()
if scopes is None:
scopes = []
token = getUtility(IAccessTokenSet).new(
- secret, owner, description, context, scopes)
+ secret, owner, description, target, scopes)
return secret, token
def makeCVE(self, sequence, description=None,