Launchpad itself

Merge lp:~al-maisan/launchpad/ppa-visibility-514824 into lp:launchpad

  1. ppa-visibility-514824
  2. Merge into devel
Proposed by Muharem Hrnjadovic
Status: Merged
Merged at revision: not available
Proposed branch: lp:~al-maisan/launchpad/ppa-visibility-514824
Merge into: lp:launchpad
Diff against target: 116 lines (+42/-11)
4 files modified
lib/canonical/launchpad/security.py (+3/-9)
lib/lp/registry/model/distributionsourcepackage.py (+1/-0)
lib/lp/registry/stories/distribution/xx-distribution-packages.txt (+16/-2)
lib/lp/soyuz/stories/soyuz/xx-person-packages.txt (+22/-0)
To merge this branch: bzr merge lp:~al-maisan/launchpad/ppa-visibility-514824
Reviewer Review Type Date Requested Status
Gavin Panella (community) code Approve
Review via email: mp+20530@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Muharem Hrnjadovic (al-maisan) wrote :

Hello there,

this branch
  - filters archives listed in the
        "Other versions of ... in untrusted archives." portlet
    so that disabled archives are omitted from that list.
    See the bottom of the https://launchpad.net/ubuntu/+source/firefox
    page for an example of what that portlet looks like.
  - revises the security adapter for ISourcePackagePublishingHistory so that
    the checkUnauthenticated() method uses the IArchive's security
    adapter.

Pre-implementation talks with Julian.

Tests to run:

    bin/test -vv -t distribution/xx-distribution-packages -t soyuz/xx-person-packages

Revision history for this message
Gavin Panella (allenap) wrote :

The conversation so far:

<allenap> al-maisan: In xx-distribution-packages.txt, the disabled PPA is created, and it's absence from the PPA list is the test. Can you add a comment along the lines of "The disabled PPA is not shown in the page". Or, better, demonstrate that it is shown, disable it, and demonstrate that it is no longer shown.
<al-maisan> allenap: I'll add the comment if you don't mind. Our test suite already takes too much time to run :)
<allenap> al-maisan: Okay :)
<allenap> al-maisan: Also, ViewSourcePackagePublishingHistory could be changed to just inherit from ViewArchive, with a custom __init__() that calls the superclass with obj.archive.
<al-maisan> allenap: good point .. I'll look into that.
<allenap> al-maisan: ViewArchive.checkAuthenticated() already checks for user.is_admin, so both ViewSourcePackagePublishingHistory.checkAuthenticated() and ViewSourcePackagePublishingHistory.checkUnauthenticated() both defer entirely to ViewArchive.
<al-maisan> allenap: right.
<allenap> al-maisan: You don't need to change that though; the composition is quite understandable.

Revision history for this message
Gavin Panella (allenap) wrote :

Tip top, thanks for those changes. Looks good.

review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lib/canonical/launchpad/security.py'
2--- lib/canonical/launchpad/security.py 2010-02-24 23:02:56 +0000
3+++ lib/canonical/launchpad/security.py 2010-03-03 14:28:17 +0000
4@@ -2106,19 +2106,13 @@
5 return user.in_admin
6
7
8-class ViewSourcePackagePublishingHistory(AuthorizationBase):
9+class ViewSourcePackagePublishingHistory(ViewArchive):
10 """Restrict viewing of source publications."""
11 permission = "launchpad.View"
12 usedfor = ISourcePackagePublishingHistory
13
14- def checkAuthenticated(self, user):
15- view_archive = ViewArchive(self.obj.archive)
16- if view_archive.checkAuthenticated(user):
17- return True
18- return user.in_admin
19-
20- def checkUnauthenticated(self):
21- return not self.obj.archive.private
22+ def __init__(self, obj):
23+ super(ViewSourcePackagePublishingHistory, self).__init__(obj.archive)
24
25
26 class EditPublishing(AuthorizationBase):
27
28=== modified file 'lib/lp/registry/model/distributionsourcepackage.py'
29--- lib/lp/registry/model/distributionsourcepackage.py 2010-02-17 12:30:41 +0000
30+++ lib/lp/registry/model/distributionsourcepackage.py 2010-03-03 14:28:17 +0000
31@@ -263,6 +263,7 @@
32 results = store.find(
33 Archive,
34 Archive.distribution == self.distribution,
35+ Archive._enabled == True,
36 Archive.private == False,
37 SourcePackagePublishingHistory.archive == Archive.id,
38 (SourcePackagePublishingHistory.status ==
39
40=== modified file 'lib/lp/registry/stories/distribution/xx-distribution-packages.txt'
41--- lib/lp/registry/stories/distribution/xx-distribution-packages.txt 2010-02-16 04:52:38 +0000
42+++ lib/lp/registry/stories/distribution/xx-distribution-packages.txt 2010-03-03 14:28:17 +0000
43@@ -145,7 +145,18 @@
44 >>> ppa_beta = factory.makeArchive(name="beta",
45 ... distribution=ubuntutest)
46
47- # Then publish netapplet to both PPAs
48+The 'ppa_disabled' archive added below will be disabled at the end of this
49+set-up block.
50+It will thus not be listed in the "...other untrusted versions of..." portlet.
51+
52+ >>> ppa_disabled = factory.makeArchive(name="disabled",
53+ ... distribution=ubuntutest)
54+
55+ # Then publish netapplet to all PPAs
56+ >>> netapplet_disabled_pub_breezy = publisher.getPubSource(
57+ ... sourcename="netapplet", archive=ppa_disabled,
58+ ... creator=ppa_disabled.owner,
59+ ... status=PackagePublishingStatus.PUBLISHED, version='0.8.1d1')
60 >>> netapplet_nightly_pub_breezy = publisher.getPubSource(
61 ... sourcename="netapplet", archive=ppa_nightly,
62 ... creator=ppa_nightly.owner,
63@@ -165,6 +176,8 @@
64 >>> from lp.registry.model.karma import KarmaTotalCache
65 >>> ppa_beta_owner_id = ppa_beta.owner.id
66 >>> ppa_nightly_owner_id = ppa_nightly.owner.id
67+ >>> ppa_disabled_owner_id = ppa_disabled.owner.id
68+ >>> ppa_disabled.disable()
69 >>> transaction.commit()
70
71 # XXX: Michael Nelson 2009-07-07 bug=396419. Currently there is no
72@@ -178,12 +191,13 @@
73 ... person=ppa_beta_owner_id, karma_total=200)
74 >>> cache_entry = KarmaTotalCache(
75 ... person=ppa_nightly_owner_id, karma_total=201)
76+ >>> cache_entry = KarmaTotalCache(
77+ ... person=ppa_disabled_owner_id, karma_total=202)
78 >>> transaction.commit()
79 >>> reconnect_stores('launchpad')
80
81 >>> logout()
82
83-
84 A /$DISTRO/+source/$PACKAGE page shows an overview of a source package in
85 a distribution. There are several sections of information.
86
87
88=== modified file 'lib/lp/soyuz/stories/soyuz/xx-person-packages.txt'
89--- lib/lp/soyuz/stories/soyuz/xx-person-packages.txt 2010-02-26 11:21:40 +0000
90+++ lib/lp/soyuz/stories/soyuz/xx-person-packages.txt 2010-03-03 14:28:17 +0000
91@@ -398,3 +398,25 @@
92 source2 PPA named p3a for No Priv... - Ubuntutest Breezy-autotest 666
93 ...ago None - -
94
95+Please note also that disabled archives are not viewable by anonymous users.
96+
97+ >>> def print_archive_package_rows(contents):
98+ ... package_table = find_tag_by_id(
99+ ... anon_browser.contents, 'packages_list')
100+ ... for ppa_row in package_table.findChildren('tr'):
101+ ... print extract_text(ppa_row)
102+
103+ >>> anon_browser.open("http://launchpad.dev/~cprov/+archive/ppa")
104+ >>> print_archive_package_rows(anon_browser)
105+ Package Version Uploaded by
106+ ...
107+ pmount 0.1-1 no signer (2007-07-09)
108+
109+ >>> login("foo.bar@canonical.com")
110+ >>> cprov.archive.disable()
111+ >>> flush_database_updates()
112+ >>> logout()
113+ >>> anon_browser.open("http://launchpad.dev/~cprov/+archive/ppa")
114+ Traceback (most recent call last):
115+ ...
116+ Unauthorized: (..., 'browserDefault', 'launchpad.View')