launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #32214
Re: [Merge] ~ruinedyourlife/launchpad:sourcecraft-private-builds into launchpad:master
Diff comments:
> diff --git a/lib/lp/crafts/model/craftrecipe.py b/lib/lp/crafts/model/craftrecipe.py
> index 9f2071f..3500de0 100644
> --- a/lib/lp/crafts/model/craftrecipe.py
> +++ b/lib/lp/crafts/model/craftrecipe.py
> @@ -1088,10 +1095,32 @@ class CraftRecipeBuildRequest:
>
> def get_craft_recipe_privacy_filter(user):
> """Return a Storm query filter to find craft recipes visible to `user`."""
> + from storm.expr import And, Exists, Or, Select
> +
> public_filter = CraftRecipe.information_type.is_in(
> PUBLIC_INFORMATION_TYPES
> )
>
> - # XXX ruinedyourlife 2024-10-02: Flesh this out once we have more privacy
> - # infrastructure.
> - return [public_filter]
> + if user is None:
> + return [public_filter]
> +
> + # Users can see private recipes they own or are part of the owning team
> + private_filter = And(
this is only a "visibility access" right?
ive added the fact it should check for the git_ref too, but the edit access is reserved to the owner most likely? i wouldnt remember the access rights on that
> + CraftRecipe.information_type.is_in(PRIVATE_INFORMATION_TYPES),
> + Or(
> + CraftRecipe.owner == user,
> + CraftRecipe.registrant == user,
> + # If the user is in the owning team
> + Exists(
> + Select(
> + (TeamParticipation.team_id,),
> + And(
> + TeamParticipation.person == user.id,
> + TeamParticipation.team == CraftRecipe.owner_id,
> + ),
> + )
> + ),
> + ),
> + )
> +
> + return [Or(public_filter, private_filter)]
--
https://code.launchpad.net/~ruinedyourlife/launchpad/+git/launchpad/+merge/481029
Your team Launchpad code reviewers is requested to review the proposed merge of ~ruinedyourlife/launchpad:sourcecraft-private-builds into launchpad:master.
References
