Merge lp:~adeuring/launchpad/product-lp-limitedview-2 into lp:launchpad
Status: | Merged |
---|---|
Approved by: | Abel Deuring |
Approved revision: | no longer in the source branch. |
Merged at revision: | 16257 |
Proposed branch: | lp:~adeuring/launchpad/product-lp-limitedview-2 |
Merge into: | lp:launchpad |
Diff against target: |
290 lines (+109/-55) 4 files modified
lib/lp/bugs/browser/tests/test_bug_views.py (+23/-0) lib/lp/registry/configure.zcml (+31/-1) lib/lp/registry/interfaces/product.py (+41/-41) lib/lp/registry/tests/test_product.py (+14/-13) |
To merge this branch: | bzr merge lp:~adeuring/launchpad/product-lp-limitedview-2 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
j.c.sackett (community) | Approve | ||
Review via email: mp+133481@code.launchpad.net |
Commit message
Require the permission launchpad.
Description of the change
This branch changes the permision required to access a number
of IProduct attributes from launchpad.View to
launchpad.
The changes are necessary to let a user with an artifact grant on
a bug of a private product view the main bug page. This is tested in
test_bugtask_
For some attributes, this means that an attribute definition
is moved from the interface class IProductView to IProductLimited
Other attributes are defined in classes which IProductView inherited from.
If these classes defined just the attributes required to let the test pass
(IHasLogo and IHasOnwer) or if the attributes do not provide any data that
might be considered "really confidential", those of ILaunchpadUsage,
these classes are inherited by IProductLimited
Permissions for IBugTarget and IStructuralSubs
defined attribute by attribute.
These changes are not sufficient to let a user with a grant on a bug
view bug pages: LP's traversal machinery still return a 404 error
because it checks if the current user has the permission lp.View for
the bug's target. I'll fix this in another branch.
tests:
./bin/test bugs -vvt test_bugtask_
./bin/test registry -vvt lp.registry.
./bin/test registry -vvt lp.registry.
no lint
Abel--
This looks ok, just one nitpick you can address before landing.
#16: It seems odd to have a test with no assertions--I believe this may throw
off some test machinery. At a minimum, probably worth testing that the bug
does show in contents:
contents = view.render() assertTrue( bug.title in contents)
self.