launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #29470
[Merge] ~lgp171188/launchpad:allow-launchpad-team-to-view-mirror-prober-logs into launchpad:master
Guruprasad has proposed merging ~lgp171188/launchpad:allow-launchpad-team-to-view-mirror-prober-logs into launchpad:master.
Commit message:
Allow Launchpad team members to view mirror prober logs
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~lgp171188/launchpad/+git/launchpad/+merge/434409
--
Your team Launchpad code reviewers is requested to review the proposed merge of ~lgp171188/launchpad:allow-launchpad-team-to-view-mirror-prober-logs into launchpad:master.
diff --git a/lib/lp/registry/browser/configure.zcml b/lib/lp/registry/browser/configure.zcml
index 80a57d0..22096c8 100644
--- a/lib/lp/registry/browser/configure.zcml
+++ b/lib/lp/registry/browser/configure.zcml
@@ -2598,7 +2598,7 @@
name="+prober-logs"
for="lp.registry.interfaces.distributionmirror.IDistributionMirror"
class="lp.registry.browser.distributionmirror.DistributionMirrorProberLogView"
- permission="launchpad.Edit"
+ permission="launchpad.Moderate"
template="../templates/distributionmirror-prober-logs.pt">
</browser:page>
<browser:menus
diff --git a/lib/lp/registry/security.py b/lib/lp/registry/security.py
index 14866a0..7d0a6a7 100644
--- a/lib/lp/registry/security.py
+++ b/lib/lp/registry/security.py
@@ -384,6 +384,17 @@ class EditDistributionMirrorByOwnerOrDistroOwnerOrMirrorAdminsOrAdmins(
)
+class ModerateDistributionMirror(AuthorizationBase):
+ permission = "launchpad.Moderate"
+ usedfor = IDistributionMirror
+
+ def checkAuthenticated(self, user):
+ return (
+ self.forwardCheckAuthenticated(user, self.obj, "launchpad.Edit")
+ or user.in_launchpad_developers
+ )
+
+
class ViewDistributionMirror(AnonymousAuthorization):
"""Anyone can view an IDistributionMirror."""
diff --git a/lib/lp/registry/stories/distributionmirror/xx-distributionmirror-prober-logs.rst b/lib/lp/registry/stories/distributionmirror/xx-distributionmirror-prober-logs.rst
index 8b9ae98..a0460f1 100644
--- a/lib/lp/registry/stories/distributionmirror/xx-distributionmirror-prober-logs.rst
+++ b/lib/lp/registry/stories/distributionmirror/xx-distributionmirror-prober-logs.rst
@@ -3,7 +3,7 @@ Distribution mirror prober logs
Every time we probe a mirror for its contents we keep a log of the probe.
All these logs can be seen by the mirror owner or the mirror admin of
-that mirror's distribution.
+that mirror's distribution or Launchpad team members.
>>> browser.addHeader("Authorization", "Basic mark@xxxxxxxxxxx:test")
>>> browser.open("http://launchpad.test/ubuntu/+mirror/archive-mirror2/";)
@@ -18,6 +18,39 @@ that mirror's distribution.
>>> print(extract_text(navigation.decode_contents()))
1...→...1...of...1...result
+ >>> login("admin@xxxxxxxxxxxxx")
+ >>> user = factory.makePerson(
+ ... name="launchpad-developer",
+ ... displayname="Launchpad Developer",
+ ... email="launchpad-developer@xxxxxxxxxxx",
+ ... )
+
+ >>> from zope.component import getUtility
+ >>> from lp.app.interfaces.launchpad import ILaunchpadCelebrities
+ >>> from lp.registry.interfaces.person import IPersonSet
+
+ >>> launchpad_developers = getUtility(
+ ... ILaunchpadCelebrities
+ ... ).launchpad_developers
+
+ >>> mark = getUtility(IPersonSet).getByName("mark")
+ >>> launchpad_developers.addMember(user, reviewer=mark)
+ (True, <DBItem TeamMembershipStatus.APPROVED, (2) Approved>)
+
+ >>> from lp.testing import logout
+ >>> logout()
+
+ >>> from lp.testing.pages import setupBrowserForUser
+ >>> lp_dev_browser = setupBrowserForUser(user)
+ >>> lp_dev_browser.open(
+ ... "http://launchpad.test/ubuntu/+mirror/archive-mirror2/+prober-logs";
+ ... )
+ >>> navigation = find_tags_by_class(
+ ... lp_dev_browser.contents, "batch-navigation-index"
+ ... )[0]
+ >>> print(extract_text(navigation.decode_contents()))
+ 1...→...1...of...1...result
+
A random logged in user won't have the rights to see that page.
>>> user_browser.open(
diff --git a/lib/lp/registry/tests/test_distributionmirror.py b/lib/lp/registry/tests/test_distributionmirror.py
index 4e301c5..eeeaf3f 100644
--- a/lib/lp/registry/tests/test_distributionmirror.py
+++ b/lib/lp/registry/tests/test_distributionmirror.py
@@ -6,6 +6,7 @@ from zope.component import getUtility
from zope.security.interfaces import Unauthorized
from zope.security.proxy import removeSecurityProxy
+from lp.app.interfaces.launchpad import ILaunchpadCelebrities
from lp.registry.interfaces.distribution import IDistributionSet
from lp.registry.interfaces.distributionmirror import (
IDistributionMirrorSet,
@@ -18,10 +19,12 @@ from lp.registry.interfaces.person import IPersonSet
from lp.registry.interfaces.pocket import PackagePublishingPocket
from lp.services.database.sqlbase import flush_database_updates
from lp.services.mail import stub
+from lp.services.webapp.authorization import check_permission
from lp.services.webapp.interfaces import OAuthPermission
from lp.services.worlddata.interfaces.country import ICountrySet
from lp.testing import (
TestCaseWithFactory,
+ admin_logged_in,
api_url,
login,
login_as,
@@ -57,6 +60,31 @@ class TestDistributionMirror(TestCaseWithFactory):
)
removeSecurityProxy(bin_mirror).freshness = freshness
+ def test_distributionmirror_moderate_permission(self):
+ with admin_logged_in():
+ self.assertTrue(
+ check_permission("launchpad.Moderate", self.archive_mirror)
+ )
+
+ with person_logged_in(self.archive_mirror.distribution.owner):
+ self.assertTrue(
+ check_permission("launchpad.Moderate", self.archive_mirror)
+ )
+
+ launchpad_dev = self.factory.makePerson()
+ launchpad_developers = getUtility(
+ ILaunchpadCelebrities
+ ).launchpad_developers
+ with person_logged_in(launchpad_developers.teamowner):
+ launchpad_developers.addMember(
+ launchpad_dev, launchpad_developers.teamowner
+ )
+
+ with person_logged_in(launchpad_dev):
+ self.assertTrue(
+ check_permission("launchpad.Moderate", self.archive_mirror)
+ )
+
def test_archive_mirror_without_content_should_be_disabled(self):
self.assertTrue(self.archive_mirror.shouldDisable())
