Changing upload/queue admin permissions is broken
Bug #828894 reported by
Julian Edwards
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
High
|
Julian Edwards |
Bug Description
There are a number of problems in this area:
1. Adding or deleting per-package uploader, component uploader and queue admin permissions require you to be the owner of the main_archive for a distro (for Ubuntu that's ubuntu-archive)
2. Adding or deleting a packageset uploader requires you to be an admin or a member of ubuntu-techboard (hard-coded!)
This is bad because someone who makes a new derived distro cannot change permissions. What we need is:
* Adding or deleting any permissions tied to the distro owner, which can be easily changed. It's already techboard for Ubuntu and Colin says it's fine to move the operations in #1 above to this new person.
Related branches
lp:~julian-edwards/launchpad/perms-for-changing-uploaders--bug-828894
- Curtis Hovey (community): Approve (code)
-
Diff: 478 lines (+144/-131)7 files modifiedlib/canonical/launchpad/security.py (+16/-9)
lib/lp/soyuz/configure.zcml (+1/-25)
lib/lp/soyuz/doc/archivepermission.txt (+3/-40)
lib/lp/soyuz/interfaces/archive.py (+41/-41)
lib/lp/soyuz/interfaces/archivepermission.py (+9/-0)
lib/lp/soyuz/stories/webservice/xx-archive.txt (+67/-11)
lib/lp/soyuz/tests/test_archive.py (+7/-5)
Changed in launchpad: | |
status: | Triaged → In Progress |
assignee: | nobody → Julian Edwards (julian-edwards) |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is part caused by the insane declaration for IArchivePermiss ionSet in soyuz/configure .zxcl and part by the security adapter EditArchivePerm issionSet (which is currently used for packageset changes as above).