Merge ~cjwatson/launchpad:remove-buildd-secret into launchpad:master
- Git
- lp:~cjwatson/launchpad
- remove-buildd-secret
- Merge into master
Proposed by
Colin Watson
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Colin Watson | ||||
Approved revision: | 755945ee58359a1ed8e105a1876e770589273d5f | ||||
Merge reported by: | Otto Co-Pilot | ||||
Merged at revision: | not available | ||||
Proposed branch: | ~cjwatson/launchpad:remove-buildd-secret | ||||
Merge into: | launchpad:master | ||||
Diff against target: |
493 lines (+39/-146) 19 files modified
lib/lp/archivepublisher/tests/test_config.py (+0/-1) lib/lp/archiveuploader/tests/test_ppauploadprocessor.py (+0/-2) lib/lp/buildmaster/tests/test_packagebuild.py (+0/-1) lib/lp/registry/browser/tests/test_person.py (+0/-1) lib/lp/registry/model/distributionsourcepackage.py (+1/-1) lib/lp/registry/vocabularies.py (+1/-1) lib/lp/soyuz/browser/tests/archive-views.txt (+9/-9) lib/lp/soyuz/browser/tests/test_archive_admin_view.py (+1/-3) lib/lp/soyuz/configure.zcml (+1/-1) lib/lp/soyuz/doc/archive.txt (+0/-4) lib/lp/soyuz/interfaces/archive.py (+0/-5) lib/lp/soyuz/model/archive.py (+8/-27) lib/lp/soyuz/scripts/expire_archive_files.py (+1/-1) lib/lp/soyuz/tests/test_archive.py (+0/-50) lib/lp/soyuz/tests/test_archive_privacy.py (+0/-10) lib/lp/soyuz/tests/test_binarypackagebuildbehaviour.py (+1/-1) lib/lp/soyuz/xmlrpc/archive.py (+16/-17) lib/lp/soyuz/xmlrpc/tests/test_archive.py (+0/-10) lib/lp/testing/factory.py (+0/-1) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Cristian Gonzalez (community) | Approve | ||
Review via email: mp+402397@code.launchpad.net |
Commit message
Remove Archive.
Description of the change
Now that we issue build-scoped macaroons to allow builders to access private archives when necessary, we no longer need static buildd secrets.
DB MP: https:/
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/lib/lp/archivepublisher/tests/test_config.py b/lib/lp/archivepublisher/tests/test_config.py |
2 | index 09850a9..55ebba9 100644 |
3 | --- a/lib/lp/archivepublisher/tests/test_config.py |
4 | +++ b/lib/lp/archivepublisher/tests/test_config.py |
5 | @@ -162,7 +162,6 @@ class TestGetPubConfigPPA(TestCaseWithFactory): |
6 | owner=self.ppa.owner, name="myprivateppa", |
7 | distribution=self.ubuntutest, purpose=ArchivePurpose.PPA) |
8 | p3a.private = True |
9 | - p3a.buildd_secret = "secret" |
10 | p3a_config = getPubConfig(p3a) |
11 | self.assertEqual( |
12 | config.personalpackagearchive.private_root, p3a_config.distroroot) |
13 | diff --git a/lib/lp/archiveuploader/tests/test_ppauploadprocessor.py b/lib/lp/archiveuploader/tests/test_ppauploadprocessor.py |
14 | index 899a85e..3c91839 100644 |
15 | --- a/lib/lp/archiveuploader/tests/test_ppauploadprocessor.py |
16 | +++ b/lib/lp/archiveuploader/tests/test_ppauploadprocessor.py |
17 | @@ -652,7 +652,6 @@ class TestPPAUploadProcessor(TestPPAUploadProcessorBase): |
18 | |
19 | Make sure that the files are placed in the restricted librarian. |
20 | """ |
21 | - self.name16.archive.buildd_secret = "secret" |
22 | self.name16.archive.private = True |
23 | queue_item = self.doCustomUploadToPPA() |
24 | self.checkFilesRestrictedInLibrarian(queue_item, True) |
25 | @@ -662,7 +661,6 @@ class TestPPAUploadProcessor(TestPPAUploadProcessorBase): |
26 | |
27 | Make sure that the files are placed in the restricted librarian. |
28 | """ |
29 | - self.name16.archive.buildd_secret = "secret" |
30 | self.name16.archive.private = True |
31 | |
32 | upload_dir = self.queueUpload("bar_1.0-1", "~name16/ubuntu") |
33 | diff --git a/lib/lp/buildmaster/tests/test_packagebuild.py b/lib/lp/buildmaster/tests/test_packagebuild.py |
34 | index 77d85a6..9ff5f97 100644 |
35 | --- a/lib/lp/buildmaster/tests/test_packagebuild.py |
36 | +++ b/lib/lp/buildmaster/tests/test_packagebuild.py |
37 | @@ -83,7 +83,6 @@ class TestPackageBuildMixin(TestCaseWithFactory): |
38 | # A private package build will store the upload log on the |
39 | # restricted librarian. |
40 | login('admin@canonical.com') |
41 | - self.package_build.archive.buildd_secret = 'sekrit' |
42 | self.package_build.archive.private = True |
43 | self.assertTrue(self.package_build.is_private) |
44 | self.package_build.storeUploadLog("Some content") |
45 | diff --git a/lib/lp/registry/browser/tests/test_person.py b/lib/lp/registry/browser/tests/test_person.py |
46 | index 82dc89b..beb6b9e 100644 |
47 | --- a/lib/lp/registry/browser/tests/test_person.py |
48 | +++ b/lib/lp/registry/browser/tests/test_person.py |
49 | @@ -658,7 +658,6 @@ class TestShouldShowPpaSection(TestCaseWithFactory): |
50 | """Helper method to privatise a ppa.""" |
51 | login('foo.bar@canonical.com') |
52 | ppa.private = True |
53 | - ppa.buildd_secret = "secret" |
54 | login(ANONYMOUS) |
55 | |
56 | def test_viewing_person_with_public_ppa(self): |
57 | diff --git a/lib/lp/registry/model/distributionsourcepackage.py b/lib/lp/registry/model/distributionsourcepackage.py |
58 | index 3224251..863ae85 100644 |
59 | --- a/lib/lp/registry/model/distributionsourcepackage.py |
60 | +++ b/lib/lp/registry/model/distributionsourcepackage.py |
61 | @@ -320,7 +320,7 @@ class DistributionSourcePackage(BugTargetBase, |
62 | Archive, |
63 | Archive.distribution == self.distribution, |
64 | Archive._enabled == True, |
65 | - Archive._private == False, |
66 | + Archive.private == False, |
67 | SourcePackagePublishingHistory.archive == Archive.id, |
68 | (SourcePackagePublishingHistory.status == |
69 | PackagePublishingStatus.PUBLISHED), |
70 | diff --git a/lib/lp/registry/vocabularies.py b/lib/lp/registry/vocabularies.py |
71 | index 315ab8f..f2154e3 100644 |
72 | --- a/lib/lp/registry/vocabularies.py |
73 | +++ b/lib/lp/registry/vocabularies.py |
74 | @@ -1982,7 +1982,7 @@ class SourcePackageNameVocabulary(NamedStormHugeVocabulary): |
75 | # can do is search for names that are present in public archives |
76 | # of any distribution. |
77 | where=Or( |
78 | - Not(Archive._private), |
79 | + Not(Archive.private), |
80 | DistributionSourcePackageCache.archive == None), |
81 | tables=LeftJoin( |
82 | DistributionSourcePackageCache, Archive, |
83 | diff --git a/lib/lp/soyuz/browser/tests/archive-views.txt b/lib/lp/soyuz/browser/tests/archive-views.txt |
84 | index 859488d..7d90cf0 100644 |
85 | --- a/lib/lp/soyuz/browser/tests/archive-views.txt |
86 | +++ b/lib/lp/soyuz/browser/tests/archive-views.txt |
87 | @@ -986,12 +986,13 @@ option to be selected. |
88 | |
89 | Dependencies on private PPAs can be only set if the user performing |
90 | the action also has permission to view the private PPA and if the |
91 | -context PPA is also private. |
92 | - |
93 | -The latter guarantee that the P3A buildd_secret won't get exposed in |
94 | -the buildlogs. The remaining risk is to have untrusted people in the |
95 | -context PPA which would have a chance to expose the contents of the |
96 | -other P3As dependencies while their sources get built. |
97 | +context PPA is also private. This reduces the risk of confidential |
98 | +information being leaked; it does not eliminate that risk, because it |
99 | +is still possible for other people to be able to see the context PPA |
100 | +who cannot see the dependencies directly, but who can see some of |
101 | +their contents via builds. We currently assume that owners of private |
102 | +PPAs are aware of this risk when adding other private PPAs as |
103 | +dependencies. |
104 | |
105 | Before testing we will create a new team owned by Mark Shutteworth, |
106 | with a private PPA attached to it. |
107 | @@ -1023,9 +1024,8 @@ PPA the form fails because he has no permission to view its contents. |
108 | You don't have permission to use this dependency. |
109 | |
110 | When we grant access to Celso for viewing the private PPA, by making |
111 | -him a memeber of the new team, setting the private PPA as dependency |
112 | -still denied since Celso's PPA still public and thus the dependencies |
113 | -buildd_secret would leak through the public buildlogs. |
114 | +him a member of the new team, setting the private PPA as dependency is |
115 | +still denied since Celso's PPA is still public. |
116 | |
117 | >>> login('foo.bar@canonical.com') |
118 | >>> ignored = a_team.addMember(cprov, mark) |
119 | diff --git a/lib/lp/soyuz/browser/tests/test_archive_admin_view.py b/lib/lp/soyuz/browser/tests/test_archive_admin_view.py |
120 | index 485898f..f7243bb 100644 |
121 | --- a/lib/lp/soyuz/browser/tests/test_archive_admin_view.py |
122 | +++ b/lib/lp/soyuz/browser/tests/test_archive_admin_view.py |
123 | @@ -53,12 +53,10 @@ class TestArchivePrivacySwitchingView(TestCaseWithFactory): |
124 | |
125 | def test_set_private_without_packages(self): |
126 | # If a ppa does not have packages published, it is possible to |
127 | - # update the private attribute. Marking the PPA private also |
128 | - # generates a buildd secret. |
129 | + # update the private attribute. |
130 | view = self.initialize_admin_view(private=True) |
131 | self.assertEqual(0, len(view.errors)) |
132 | self.assertTrue(view.context.private) |
133 | - self.assertTrue(len(view.context.buildd_secret) > 4) |
134 | |
135 | def test_set_public_without_packages(self): |
136 | # If a ppa does not have packages published, it is possible to |
137 | diff --git a/lib/lp/soyuz/configure.zcml b/lib/lp/soyuz/configure.zcml |
138 | index 9c05d32..5aec316 100644 |
139 | --- a/lib/lp/soyuz/configure.zcml |
140 | +++ b/lib/lp/soyuz/configure.zcml |
141 | @@ -365,7 +365,7 @@ |
142 | <require |
143 | permission="launchpad.Admin" |
144 | interface="lp.soyuz.interfaces.archive.IArchiveAdmin" |
145 | - set_attributes="authorized_size buildd_secret |
146 | + set_attributes="authorized_size |
147 | enabled_restricted_processors |
148 | external_dependencies name |
149 | permit_obsolete_series_uploads |
150 | diff --git a/lib/lp/soyuz/doc/archive.txt b/lib/lp/soyuz/doc/archive.txt |
151 | index 87b2cd9..e3799c7 100644 |
152 | --- a/lib/lp/soyuz/doc/archive.txt |
153 | +++ b/lib/lp/soyuz/doc/archive.txt |
154 | @@ -72,7 +72,6 @@ records to disk, including configuration and indexes. |
155 | ... owner=cprov, name='myprivateppa', |
156 | ... distribution=cprov_archive.distribution) |
157 | >>> login("foo.bar@canonical.com") |
158 | - >>> cprov_private_ppa.buildd_secret = 'really secret' |
159 | >>> cprov_private_ppa.private = True |
160 | >>> login(ANONYMOUS) |
161 | |
162 | @@ -1487,11 +1486,9 @@ method will by default only return public archives: |
163 | >>> login("foo.bar@canonical.com") |
164 | >>> my_copy_archive = archive_set.getArchivesForDistribution( |
165 | ... ubuntu, name='my-copy-archive')[0] |
166 | - >>> my_copy_archive.buildd_secret = 'really secret' |
167 | >>> my_copy_archive.private = True |
168 | >>> team_archive = archive_set.getArchivesForDistribution( |
169 | ... ubuntu, name='team-archive')[0] |
170 | - >>> team_archive.buildd_secret = 'really secret' |
171 | >>> team_archive.private = True |
172 | |
173 | >>> ubuntu_copy_archives = archive_set.getArchivesForDistribution( |
174 | @@ -1714,7 +1711,6 @@ So even if Joe's PPA suddenly becomes private, Carlos rights will be |
175 | preserved. |
176 | |
177 | >>> login('foo.bar@canonical.com') |
178 | - >>> joes_ppa.buildd_secret = 'x' |
179 | >>> joes_ppa.private = True |
180 | |
181 | >>> login("carlos@canonical.com") |
182 | diff --git a/lib/lp/soyuz/interfaces/archive.py b/lib/lp/soyuz/interfaces/archive.py |
183 | index ed35643..e4929b7 100644 |
184 | --- a/lib/lp/soyuz/interfaces/archive.py |
185 | +++ b/lib/lp/soyuz/interfaces/archive.py |
186 | @@ -1191,11 +1191,6 @@ class IArchiveView(IHasBuildRecords): |
187 | def getOverridePolicy(distroseries, pocket, phased_update_percentage=None): |
188 | """Returns an instantiated `IOverridePolicy` for the archive.""" |
189 | |
190 | - buildd_secret = TextLine( |
191 | - title=_("Build farm secret"), required=False, |
192 | - description=_( |
193 | - "The password used by the build farm to access the archive.")) |
194 | - |
195 | @call_with(eager_load=True) |
196 | @rename_parameters_as( |
197 | name="binary_name", distroarchseries="distro_arch_series") |
198 | diff --git a/lib/lp/soyuz/model/archive.py b/lib/lp/soyuz/model/archive.py |
199 | index 0fbca87..b549c13 100644 |
200 | --- a/lib/lp/soyuz/model/archive.py |
201 | +++ b/lib/lp/soyuz/model/archive.py |
202 | @@ -312,7 +312,7 @@ class Archive(SQLBase): |
203 | |
204 | publish = BoolCol(dbName='publish', notNull=True, default=True) |
205 | |
206 | - _private = BoolCol(dbName='private', notNull=True, default=False, |
207 | + private = BoolCol(dbName='private', notNull=True, default=False, |
208 | storm_validator=_validate_archive_privacy) |
209 | |
210 | require_virtualized = BoolCol( |
211 | @@ -337,8 +337,6 @@ class Archive(SQLBase): |
212 | package_description_cache = StringCol( |
213 | dbName='package_description_cache', notNull=False, default=None) |
214 | |
215 | - buildd_secret = StringCol(dbName='buildd_secret', default=None) |
216 | - |
217 | total_count = IntCol(dbName='total_count', notNull=True, default=0) |
218 | |
219 | pending_count = IntCol(dbName='pending_count', notNull=True, default=0) |
220 | @@ -385,22 +383,6 @@ class Archive(SQLBase): |
221 | else: |
222 | alsoProvides(self, IDistributionArchive) |
223 | |
224 | - # Note: You may safely ignore lint when it complains about this |
225 | - # declaration. As of Python 2.6, this is a perfectly valid way |
226 | - # of adding a setter |
227 | - @property |
228 | - def private(self): |
229 | - return self._private |
230 | - |
231 | - @private.setter # pyflakes:ignore |
232 | - def private(self, private): |
233 | - self._private = private |
234 | - if private: |
235 | - if not self.buildd_secret: |
236 | - self.buildd_secret = create_token(20) |
237 | - else: |
238 | - self.buildd_secret = None |
239 | - |
240 | @property |
241 | def title(self): |
242 | """See `IArchive`.""" |
243 | @@ -2739,7 +2721,6 @@ class ArchiveSet: |
244 | |
245 | # Private teams cannot have public PPAs. |
246 | if owner.visibility == PersonVisibility.PRIVATE: |
247 | - new_archive.buildd_secret = create_token(20) |
248 | new_archive.private = True |
249 | else: |
250 | new_archive.private = private |
251 | @@ -2854,7 +2835,7 @@ class ArchiveSet: |
252 | SourcePackagePublishingHistory, |
253 | SourcePackagePublishingHistory.archive == Archive.id, |
254 | SourcePackagePublishingHistory.distroseries == DistroSeries.id, |
255 | - Archive._private == False, |
256 | + Archive.private == False, |
257 | Archive._enabled == True, |
258 | DistroSeries.distribution == distribution, |
259 | Archive.purpose == ArchivePurpose.PPA, |
260 | @@ -2893,7 +2874,7 @@ class ArchiveSet: |
261 | """See `IArchiveSet`.""" |
262 | return IStore(Archive).find( |
263 | Archive, |
264 | - Archive._private == True, Archive.purpose == ArchivePurpose.PPA) |
265 | + Archive.private == True, Archive.purpose == ArchivePurpose.PPA) |
266 | |
267 | def getArchivesForDistribution(self, distribution, name=None, |
268 | purposes=None, |
269 | @@ -2914,7 +2895,7 @@ class ArchiveSet: |
270 | if name is not None: |
271 | extra_exprs.append(Archive.name == name) |
272 | |
273 | - public_archive = And(Archive._private == False, |
274 | + public_archive = And(Archive.private == False, |
275 | Archive._enabled == True) |
276 | |
277 | if not check_permissions: |
278 | @@ -3019,12 +3000,12 @@ def get_archive_privacy_filter(user): |
279 | Incorrect and deprecated. Use get_enabled_archive_filter instead. |
280 | """ |
281 | if user is None: |
282 | - privacy_filter = Not(Archive._private) |
283 | + privacy_filter = Not(Archive.private) |
284 | elif IPersonRoles(user).in_admin: |
285 | privacy_filter = True |
286 | else: |
287 | privacy_filter = Or( |
288 | - Not(Archive._private), |
289 | + Not(Archive.private), |
290 | Archive.ownerID.is_in( |
291 | Select( |
292 | TeamParticipation.teamID, |
293 | @@ -3044,7 +3025,7 @@ def get_enabled_archive_filter(user, purpose=None, |
294 | if user is None: |
295 | if include_public: |
296 | terms = [ |
297 | - purpose_term, Archive._private == False, |
298 | + purpose_term, Archive.private == False, |
299 | Archive._enabled == True] |
300 | return And(*terms) |
301 | else: |
302 | @@ -3089,5 +3070,5 @@ def get_enabled_archive_filter(user, purpose=None, |
303 | |
304 | if include_public: |
305 | filter_terms.append( |
306 | - And(Archive._enabled == True, Archive._private == False)) |
307 | + And(Archive._enabled == True, Archive.private == False)) |
308 | return And(purpose_term, Or(*filter_terms)) |
309 | diff --git a/lib/lp/soyuz/scripts/expire_archive_files.py b/lib/lp/soyuz/scripts/expire_archive_files.py |
310 | index 7ae54e8..e871fce 100755 |
311 | --- a/lib/lp/soyuz/scripts/expire_archive_files.py |
312 | +++ b/lib/lp/soyuz/scripts/expire_archive_files.py |
313 | @@ -131,7 +131,7 @@ class ArchiveExpirer(LaunchpadCronScript): |
314 | full_archive_name.is_in(self.blacklist)), |
315 | Archive.purpose == ArchivePurpose.PPA), |
316 | And( |
317 | - IsTrue(Archive._private), |
318 | + IsTrue(Archive.private), |
319 | Not(full_archive_name.is_in(self.whitelist))), |
320 | Not(Archive.purpose.is_in(archive_types)), |
321 | xPPH.dateremoved > UTC_NOW - stay_of_execution, |
322 | diff --git a/lib/lp/soyuz/tests/test_archive.py b/lib/lp/soyuz/tests/test_archive.py |
323 | index 2d53207..425355b 100644 |
324 | --- a/lib/lp/soyuz/tests/test_archive.py |
325 | +++ b/lib/lp/soyuz/tests/test_archive.py |
326 | @@ -1268,56 +1268,6 @@ class TestProcessors(TestCaseWithFactory): |
327 | self.assertContentEqual([], self.archive.enabled_restricted_processors) |
328 | |
329 | |
330 | -class TestBuilddSecret(TestCaseWithFactory): |
331 | - """Test buildd_secret security. |
332 | - |
333 | - The buildd_secret is used by the slave scanner when generating a |
334 | - sources.list entry for the builder to access a private archive. It is |
335 | - essentially the password to the archive for the builder. |
336 | - """ |
337 | - |
338 | - layer = DatabaseFunctionalLayer |
339 | - |
340 | - def setUp(self): |
341 | - super(TestBuilddSecret, self).setUp() |
342 | - self.archive = self.factory.makeArchive() |
343 | - |
344 | - def test_anonymous_cannot_set_buildd_secret(self): |
345 | - login(ANONYMOUS) |
346 | - e = self.assertRaises( |
347 | - Unauthorized, setattr, self.archive, "buildd_secret", "boing") |
348 | - self.assertEqual("launchpad.Admin", e.args[2]) |
349 | - |
350 | - def test_commercial_admin_can_set_buildd_secret(self): |
351 | - with celebrity_logged_in("commercial_admin"): |
352 | - self.archive.buildd_secret = "not so secret at all" |
353 | - |
354 | - def test_admin_can_set_buildd_secret(self): |
355 | - with celebrity_logged_in("admin"): |
356 | - self.archive.buildd_secret = "not so secret" |
357 | - |
358 | - def test_public_archive_has_public_buildd_secret(self): |
359 | - # In a public PPA, the buildd "secret" is visible to anyone. |
360 | - with celebrity_logged_in("admin"): |
361 | - self.archive.buildd_secret = "not so secret" |
362 | - login(ANONYMOUS) |
363 | - self.assertFalse(self.archive.private) |
364 | - self.assertEqual("not so secret", self.archive.buildd_secret) |
365 | - |
366 | - def test_private_archive_has_private_buildd_secret(self): |
367 | - # In a private PPA, the buildd secret can only be read by users with |
368 | - # launchpad.View on the archive. |
369 | - with celebrity_logged_in("admin"): |
370 | - self.archive.buildd_secret = "really secret" |
371 | - self.archive.private = True |
372 | - login(ANONYMOUS) |
373 | - e = self.assertRaises( |
374 | - Unauthorized, getattr, self.archive, "buildd_secret") |
375 | - self.assertEqual("launchpad.View", e.args[2]) |
376 | - with person_logged_in(self.archive.owner): |
377 | - self.assertEqual("really secret", self.archive.buildd_secret) |
378 | - |
379 | - |
380 | class TestNamedAuthTokenFeatureFlag(TestCaseWithFactory): |
381 | layer = LaunchpadZopelessLayer |
382 | |
383 | diff --git a/lib/lp/soyuz/tests/test_archive_privacy.py b/lib/lp/soyuz/tests/test_archive_privacy.py |
384 | index c5b0605..57b1ce9 100644 |
385 | --- a/lib/lp/soyuz/tests/test_archive_privacy.py |
386 | +++ b/lib/lp/soyuz/tests/test_archive_privacy.py |
387 | @@ -98,13 +98,3 @@ class TestPrivacySwitching(TestCaseWithFactory): |
388 | |
389 | self.assertRaises( |
390 | CannotSwitchPrivacy, setattr, private_ppa, 'private', False) |
391 | - |
392 | - def test_buildd_secret_was_generated(self): |
393 | - public_ppa = self.factory.makeArchive() |
394 | - public_ppa.private = True |
395 | - self.assertNotEqual(public_ppa.buildd_secret, None) |
396 | - |
397 | - def test_discard_buildd_was_discarded(self): |
398 | - private_ppa = self.factory.makeArchive(private=True) |
399 | - private_ppa.private = False |
400 | - self.assertEqual(private_ppa.buildd_secret, None) |
401 | diff --git a/lib/lp/soyuz/tests/test_binarypackagebuildbehaviour.py b/lib/lp/soyuz/tests/test_binarypackagebuildbehaviour.py |
402 | index 0131ffb..2ab0429 100644 |
403 | --- a/lib/lp/soyuz/tests/test_binarypackagebuildbehaviour.py |
404 | +++ b/lib/lp/soyuz/tests/test_binarypackagebuildbehaviour.py |
405 | @@ -709,7 +709,7 @@ class TestBinaryBuildPackageBehaviourBuildCollection(TestCaseWithFactory): |
406 | # Archive.private prevents us from setting it to True with |
407 | # existing published sources. |
408 | Store.of(self.build).execute(""" |
409 | - UPDATE archive SET private=True,buildd_secret='foo' |
410 | + UPDATE archive SET private=True |
411 | WHERE archive.id = %s""" % self.build.archive.id) |
412 | Store.of(self.build).invalidate() |
413 | |
414 | diff --git a/lib/lp/soyuz/xmlrpc/archive.py b/lib/lp/soyuz/xmlrpc/archive.py |
415 | index 5acf7f3..8507873 100644 |
416 | --- a/lib/lp/soyuz/xmlrpc/archive.py |
417 | +++ b/lib/lp/soyuz/xmlrpc/archive.py |
418 | @@ -66,26 +66,25 @@ class ArchiveAPI(LaunchpadXMLRPCView): |
419 | |
420 | # If the password is a serialized macaroon for the buildd user, then |
421 | # try macaroon authentication. |
422 | - if (username == BUILDD_USER_NAME and |
423 | - self._verifyMacaroon(archive, password)): |
424 | - # Success. |
425 | - return |
426 | + if username == BUILDD_USER_NAME: |
427 | + if self._verifyMacaroon(archive, password): |
428 | + # Success. |
429 | + return |
430 | + else: |
431 | + raise faults.Unauthorized() |
432 | |
433 | # Fall back to checking archive auth tokens. |
434 | - if username == BUILDD_USER_NAME: |
435 | - secret = archive.buildd_secret |
436 | + if username.startswith("+"): |
437 | + token = token_set.getActiveNamedTokenForArchive( |
438 | + archive, username[1:]) |
439 | else: |
440 | - if username.startswith("+"): |
441 | - token = token_set.getActiveNamedTokenForArchive( |
442 | - archive, username[1:]) |
443 | - else: |
444 | - token = token_set.getActiveTokenForArchiveAndPersonName( |
445 | - archive, username) |
446 | - if token is None: |
447 | - raise faults.NotFound( |
448 | - message="No valid tokens for '%s' in '%s'." % ( |
449 | - username, archive_reference)) |
450 | - secret = removeSecurityProxy(token).token |
451 | + token = token_set.getActiveTokenForArchiveAndPersonName( |
452 | + archive, username) |
453 | + if token is None: |
454 | + raise faults.NotFound( |
455 | + message="No valid tokens for '%s' in '%s'." % ( |
456 | + username, archive_reference)) |
457 | + secret = removeSecurityProxy(token).token |
458 | if password != secret: |
459 | raise faults.Unauthorized() |
460 | |
461 | diff --git a/lib/lp/soyuz/xmlrpc/tests/test_archive.py b/lib/lp/soyuz/xmlrpc/tests/test_archive.py |
462 | index 3007668..86c6ffa 100644 |
463 | --- a/lib/lp/soyuz/xmlrpc/tests/test_archive.py |
464 | +++ b/lib/lp/soyuz/xmlrpc/tests/test_archive.py |
465 | @@ -60,16 +60,6 @@ class TestArchiveAPI(TestCaseWithFactory): |
466 | archive.reference, "+missing", "", |
467 | "No valid tokens for '+missing' in '%s'." % archive.reference) |
468 | |
469 | - def test_checkArchiveAuthToken_buildd_wrong_password(self): |
470 | - archive = removeSecurityProxy(self.factory.makeArchive(private=True)) |
471 | - self.assertUnauthorized( |
472 | - archive.reference, "buildd", archive.buildd_secret + "-bad") |
473 | - |
474 | - def test_checkArchiveAuthToken_buildd_correct_password(self): |
475 | - archive = removeSecurityProxy(self.factory.makeArchive(private=True)) |
476 | - self.assertIsNone(self.archive_api.checkArchiveAuthToken( |
477 | - archive.reference, "buildd", archive.buildd_secret)) |
478 | - |
479 | def test_checkArchiveAuthToken_buildd_macaroon_wrong_archive(self): |
480 | archive = self.factory.makeArchive(private=True) |
481 | build = self.factory.makeBinaryPackageBuild(archive=archive) |
482 | diff --git a/lib/lp/testing/factory.py b/lib/lp/testing/factory.py |
483 | index e95e83d..c74c7f6 100644 |
484 | --- a/lib/lp/testing/factory.py |
485 | +++ b/lib/lp/testing/factory.py |
486 | @@ -2943,7 +2943,6 @@ class BareLaunchpadObjectFactory(ObjectFactory): |
487 | if private: |
488 | naked_archive = removeSecurityProxy(archive) |
489 | naked_archive.private = True |
490 | - naked_archive.buildd_secret = "sekrit" |
491 | |
492 | if suppress_subscription_notifications: |
493 | naked_archive = removeSecurityProxy(archive) |
Looks good!