Launchpad itself

Merge lp:~adeuring/launchpad/sec-adapter-projectgroup-milestone into lp:launchpad

sec-adapter-projectgroup-milestone
Merge into devel

Proposed by Abel Deuring on 2012-10-22

Status:

Merged

Approved by:

Aaron Bentley on 2012-10-22

Approved revision:

no longer in the source branch.

Merged at revision:

16180

Proposed branch:

lp:~adeuring/launchpad/sec-adapter-projectgroup-milestone

Merge into:

lp:launchpad

Diff against target:

175 lines (+137/-2)

3 files modified

lib/lp/registry/configure.zcml (+2/-1)
lib/lp/registry/tests/test_milestone.py (+126/-1)
lib/lp/security.py (+9/-0)

To merge this branch:

bzr merge lp:~adeuring/launchpad/sec-adapter-projectgroup-milestone

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Aaron Bentley (community)		2012-10-22	Approve on 2012-10-22
Review via email: mp+130800@code.launchpad.net

Commit Message

privacy aware security adapter for IProjectGroupMilestone

Description of the Change

This branch adds a security adapter for project milestones.

We want to keep data from private products completely private,
this includes also class ProjectMilestone, the "project
representation" of milestones for products.

The changes are simple:

- require the permission launchpad.View for all properties of
IProjectGroupMilestone
- delegate the authorization to the parent product.

tests:

./bin/test -vvt lp.registry.tests.test_milestone.ProjectMilestoneSecurityAdaperTestCase

no lint

Aaron Bentley (abentley) on 2012-10-22:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to status/vote changes:

Tzaddi

Tzaddi Belding

 === modified file 'lib/lp/registry/configure.zcml'
 --- lib/lp/registry/configure.zcml	2012-10-19 19:09:35 +0000
 +++ lib/lp/registry/configure.zcml	2012-10-22 14:01:21 +0000
@@ -1102,7 +1102,8 @@
      <class
          class="lp.registry.model.milestone.ProjectMilestone">
--        <allow
++        <require
++            permission="launchpad.View"
              interface="lp.registry.interfaces.milestone.IProjectGroupMilestone"/>
      </class>
      <adapter
 === modified file 'lib/lp/registry/tests/test_milestone.py'
 --- lib/lp/registry/tests/test_milestone.py	2012-10-19 14:51:41 +0000
 +++ lib/lp/registry/tests/test_milestone.py	2012-10-22 14:01:21 +0000
@@ -220,7 +220,7 @@
              self.assertRaises(Unauthorized, setattr, obj, name, None)
      def test_access_for_anonymous(self):
--        # Anonymous users have access to to public attributes of
++        # Anonymous users have access to public attributes of
          # milestones for private and public products.
          with person_logged_in(ANONYMOUS):
              self.assertAccessAuthorized(
@@ -549,3 +549,128 @@
              self.assertEqual(
                  IInformationType(milestone).information_type,
                  information_type)
++
++
++class ProjectMilestoneSecurityAdaperTestCase(TestCaseWithFactory):
++    """A TestCase for the security adapter of IProjectGroupMilestone."""
++
++    layer = DatabaseFunctionalLayer
++
++    def setUp(self):
++        super(ProjectMilestoneSecurityAdaperTestCase, self).setUp()
++        project_group = self.factory.makeProject()
++        public_product = self.factory.makeProduct(project=project_group)
++        self.factory.makeMilestone(
++            product=public_product, name='public-milestone')
++        self.proprietary_product_owner = self.factory.makePerson()
++        self.proprietary_product = self.factory.makeProduct(
++            project=project_group,
++            owner=self.proprietary_product_owner,
++            information_type=InformationType.PROPRIETARY)
++        self.factory.makeMilestone(
++            product=self.proprietary_product, name='proprietary-milestone')
++        with person_logged_in(self.proprietary_product_owner):
++            milestone_1, milestone_2 = project_group.milestones
++            if milestone_1.name == 'public-milestone':
++                self.public_projectgroup_milestone = milestone_1
++                self.proprietary_projectgroup_milestone = milestone_2
++            else:
++                self.public_projectgroup_milestone = milestone_2
++                self.proprietary_projectgroup_milestone = milestone_1
++
++    expected_get_permissions = {
++        'launchpad.View': set((
++            '_getOfficialTagClause', 'active', 'addBugSubscription',
++            'addBugSubscriptionFilter', 'addSubscription',
++            'bug_subscriptions', 'bugtasks', 'closeBugsAndBlueprints',
++            'code_name', 'createProductRelease', 'dateexpected',
++            'destroySelf', 'displayname', 'distribution', 'distroseries',
++            'getBugTaskWeightFunction', 'getSpecifications',
++            'getSubscription', 'getSubscriptions',
++            'getUsedBugTagsWithOpenCounts', 'id', 'name',
++            'official_bug_tags', 'parent_subscription_target', 'product',
++            'product_release', 'productseries', 'removeBugSubscription',
++            'searchTasks', 'series_target', 'summary', 'target',
++            'target_type_display', 'title', 'userCanAlterBugSubscription',
++            'userCanAlterSubscription', 'userHasBugSubscriptions')),
++        }
++
++    def test_get_permissions(self):
++        checker = getChecker(self.public_projectgroup_milestone)
++        self.checkPermissions(
++            self.expected_get_permissions, checker.get_permissions, 'get')
++
++    # Project milestones are read-only objects, so no set permissions.
++    expected_set_permissions = {
++        }
++
++    def test_set_permissions(self):
++        checker = getChecker(self.public_projectgroup_milestone)
++        self.checkPermissions(
++            self.expected_set_permissions, checker.set_permissions, 'set')
++
++    def assertAccessAuthorized(self, attribute_names, obj):
++        # Try to access the given attributes of obj. No exception
++        # should be raised.
++        for name in attribute_names:
++            # class Milestone does not implement all attributes defined by
++            # class IMilestone. AttributeErrors caused by attempts to
++            # access these attribues are not relevant here: We simply
++            # want to be sure that no Unauthorized error is raised.
++            try:
++                getattr(obj, name)
++            except AttributeError:
++                pass
++
++    def assertAccessUnauthorized(self, attribute_names, obj):
++        # Try to access the given attributes of obj. Unauthorized
++        # should be raised.
++        for name in attribute_names:
++            self.assertRaises(Unauthorized, getattr, obj, name)
++
++    def test_access_for_anonymous(self):
++        # Anonymous users have access to public project group milestones.
++        with person_logged_in(ANONYMOUS):
++            self.assertAccessAuthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.public_projectgroup_milestone)
++
++            # ...but not to private project group milestones.
++            self.assertAccessUnauthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.proprietary_projectgroup_milestone)
++
++    def test_access_for_ordinary_user(self):
++        # Regular users have to public project group milestones.
++        user = self.factory.makePerson()
++        with person_logged_in(user):
++            self.assertAccessAuthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.public_projectgroup_milestone)
++
++            # ...but not to private project group milestones.
++            self.assertAccessUnauthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.proprietary_projectgroup_milestone)
++
++    def test_access_for_user_with_grant_for_private_product(self):
++        # Users with a policy grant for a private product have access
++        # to private project group milestones.
++        user = self.factory.makePerson()
++        with person_logged_in(self.proprietary_product_owner):
++            getUtility(IService, 'sharing').sharePillarInformation(
++                self.proprietary_product, user, self.proprietary_product_owner,
++                {InformationType.PROPRIETARY: SharingPermission.ALL})
++
++        with person_logged_in(user):
++            self.assertAccessAuthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.proprietary_projectgroup_milestone)
++
++    def test_access_for_product_owner(self):
++        # The owner of a private product can access a rpivate project group
++        # milestone.
++        with person_logged_in(self.proprietary_product_owner):
++            self.assertAccessAuthorized(
++                self.expected_get_permissions['launchpad.View'],
++                self.proprietary_projectgroup_milestone)
 === modified file 'lib/lp/security.py'
 --- lib/lp/security.py	2012-10-19 12:58:33 +0000
 +++ lib/lp/security.py	2012-10-22 14:01:21 +0000
@@ -718,6 +718,15 @@
                  user.in_admin)
++class ViewProjectMilestone(DelegatedAuthorization):
++    permission = 'launchpad.View'
++    usedfor = IProjectGroupMilestone
++
++    def __init__(self, obj):
++        super(ViewProjectMilestone, self).__init__(
++            obj, obj.product, 'launchpad.View')
++
++
  class EditProjectMilestoneNever(AuthorizationBase):
      permission = 'launchpad.Edit'
      usedfor = IProjectGroupMilestone