Do not permit open and delegated team to be project owners or security contacts
Bug #879103 reported by
Curtis Hovey
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Fix Released
|
High
|
Ian Booth | ||
Bug Description
Lp must have a constraint to prevent open and delegated teams from owning project or being the principle security contact. Lp currently sends private or security bug information to the project maintainer or security contact. In the future, the default access policy rules for privacy and security will place the maintainer/
A separate bug will track the 233 product and 1 distro that anyone can get access to confidential data or deface the project pages.
Related branches
lp:~wallyworld/launchpad/no-open-pillar-owners-879103
- Curtis Hovey (community): Approve (code)
-
Diff: 847 lines (+384/-44)20 files modifiedlib/lp/bugs/interfaces/securitycontact.py (+6/-5)
lib/lp/bugs/model/tests/test_personsubscriptioninfo.py (+6/-2)
lib/lp/registry/doc/vocabularies.txt (+23/-1)
lib/lp/registry/errors.py (+6/-0)
lib/lp/registry/interfaces/distribution.py (+6/-2)
lib/lp/registry/interfaces/person.py (+15/-2)
lib/lp/registry/interfaces/product.py (+4/-3)
lib/lp/registry/interfaces/projectgroup.py (+4/-3)
lib/lp/registry/model/distribution.py (+3/-2)
lib/lp/registry/model/product.py (+3/-2)
lib/lp/registry/model/projectgroup.py (+5/-2)
lib/lp/registry/tests/test_distribution.py (+36/-1)
lib/lp/registry/tests/test_errors.py (+92/-0)
lib/lp/registry/tests/test_person_vocabularies.py (+43/-13)
lib/lp/registry/tests/test_product.py (+33/-0)
lib/lp/registry/tests/test_projectgroup.py (+19/-0)
lib/lp/registry/vocabularies.py (+17/-0)
lib/lp/registry/vocabularies.zcml (+11/-0)
lib/lp/services/fields/__init__.py (+19/-4)
lib/lp/services/fields/tests/test_fields.py (+33/-2)
lp:~wallyworld/launchpad/pillar-owners-cannot-become-open-879103
- Curtis Hovey (community): Approve (code)
-
Diff: 1078 lines (+499/-98)18 files modifiedlib/lp/answers/stories/webservice.txt (+5/-1)
lib/lp/app/browser/tests/test_vocabulary.py (+7/-2)
lib/lp/bugs/browser/tests/test_bugtarget_configure.py (+7/-2)
lib/lp/bugs/browser/tests/test_securitycontact.py (+9/-3)
lib/lp/bugs/model/tests/test_bugtask.py (+3/-1)
lib/lp/bugs/model/tests/test_bugtask_status.py (+4/-1)
lib/lp/registry/browser/team.py (+29/-0)
lib/lp/registry/browser/tests/test_distroseries.py (+3/-1)
lib/lp/registry/browser/tests/test_team_view.py (+95/-1)
lib/lp/registry/doc/private-team-roles.txt (+9/-3)
lib/lp/registry/doc/teammembership-email-notification.txt (+5/-9)
lib/lp/registry/interfaces/person.py (+76/-59)
lib/lp/registry/model/person.py (+143/-8)
lib/lp/registry/stories/webservice/xx-derivedistroseries.txt (+4/-1)
lib/lp/registry/tests/test_person.py (+40/-0)
lib/lp/registry/tests/test_product.py (+1/-4)
lib/lp/registry/tests/test_team.py (+57/-0)
utilities/sourcedeps.cache (+2/-2)
| Changed in launchpad: | |
| status: | Triaged → In Progress |
| assignee: | nobody → Ian Booth (wallyworld) |
Revision history for this message
| Launchpad QA Bot (lpqabot) wrote | #1 |
| tags: | added: qa-needstesting |
| Changed in launchpad: | |
| status: | In Progress → Fix Committed |
| tags: |
added: qa-ok removed: qa-needstesting |
| Changed in launchpad: | |
| status: | Fix Committed → Fix Released |
| visibility: | private → public |
To post a comment you must log in.
Fixed in stable r14298 <http://