launchpad-reviewers team mailing list archive

Thread
Date

Re: [Merge] ~ilasc/launchpad:add-vulnerability-orm into launchpad:master

To: mp+415966@xxxxxxxxxxxxxxxxxx
From: Guruprasad <mp+415966@xxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Feb 2022 12:59:10 -0000
In-reply-to: <164562080737.11921.2603486850236921588.launchpad@ackee.canonical.com>
Reply-to: mp+415966@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx


Diff comments:

> diff --git a/lib/lp/security.py b/lib/lp/security.py
> index 22bc140..98e6f26 100644
> --- a/lib/lp/security.py
> +++ b/lib/lp/security.py
> @@ -3781,3 +3782,12 @@ class EditCIBuild(AdminByBuilddAdmin):
>          if auth_repository.checkAuthenticated(user):
>              return True
>          return super().checkAuthenticated(user)
> +
> +
> +class EditVulnerability(AuthorizationBase):
> +    permission = 'launchpad.Edit'
> +    usedfor = IVulnerability
> +
> +    def checkAuthenticated(self, user):
> +        return (

Do we want to allow roles other than admins and commercial admins to edit a vulnerability? I am not sure that team members from the security team, who will be using this, have admin roles.

> +            user.in_commercial_admin or user.in_admin)


-- 
https://code.launchpad.net/~ilasc/launchpad/+git/launchpad/+merge/415966
Your team Launchpad code reviewers is requested to review the proposed merge of ~ilasc/launchpad:add-vulnerability-orm into launchpad:master.

References

[Merge] ~ilasc/launchpad:add-vulnerability-orm into launchpad:master
From: Ioana Lasc, 2022-02-23