Launchpad itself

Merge ~cjwatson/launchpad:access-token-rename-context-to-target into launchpad:master

  1. Git
  2. lp:~cjwatson/launchpad
  3. access-token-rename-context-to-target
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 327282bbb1d3367bbe15b05eefe6d0675507b853
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/launchpad:access-token-rename-context-to-target
Merge into: launchpad:master
Diff against target: 262 lines (+46/-47)
7 files modified
lib/lp/security.py (+4/-4)
lib/lp/services/auth/interfaces.py (+5/-5)
lib/lp/services/auth/model.py (+11/-11)
lib/lp/services/auth/tests/test_model.py (+17/-18)
lib/lp/services/webapp/tests/test_servers.py (+4/-4)
lib/lp/services/webservice/configuration.py (+1/-1)
lib/lp/testing/factory.py (+4/-4)
Reviewer Review Type Date Requested Status
Cristian Gonzalez (community) Approve
Review via email: mp+410144@code.launchpad.net

Commit message

Rename AccessToken.context to AccessToken.target

Description of the change

Exporting a "context" attribute over the webservice turns out to be awkward, because it clashes with internals of lazr.restful. Let's just rename this now while it isn't too inconvenient to do so.

To post a comment you must log in.
Revision history for this message
Cristian Gonzalez (cristiangsp) wrote :

Looks good!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/lib/lp/security.py b/lib/lp/security.py
2index 02f2816..0c871fc 100644
3--- a/lib/lp/security.py
4+++ b/lib/lp/security.py
5@@ -505,11 +505,11 @@ class EditAccessToken(AuthorizationBase):
6 if user.inTeam(self.obj.owner):
7 return True
8 # Being able to edit the token doesn't allow extracting the secret,
9- # so it's OK to allow the owner of the context to do so too. This
10- # allows context owners to exercise some control over access to
11- # their object.
12+ # so it's OK to allow the owner of the target to do so too. This
13+ # allows target owners to exercise some control over access to their
14+ # object.
15 adapter = queryAdapter(
16- self.obj.context, IAuthorization, 'launchpad.Edit')
17+ self.obj.target, IAuthorization, 'launchpad.Edit')
18 if adapter is not None and adapter.checkAuthenticated(user):
19 return True
20 return False
21diff --git a/lib/lp/services/auth/interfaces.py b/lib/lp/services/auth/interfaces.py
22index 9394cec..b8e3e7a 100644
23--- a/lib/lp/services/auth/interfaces.py
24+++ b/lib/lp/services/auth/interfaces.py
25@@ -77,13 +77,13 @@ class IAccessToken(Interface):
26 class IAccessTokenSet(Interface):
27 """The set of all personal access tokens."""
28
29- def new(secret, owner, description, context, scopes):
30+ def new(secret, owner, description, target, scopes):
31 """Return a new access token with a given secret.
32
33 :param secret: A text string.
34 :param owner: An `IPerson` who is creating the token.
35 :param description: A short description of the token.
36- :param context: An `IGitRepository` for which the token is being
37+ :param target: An `IAccessTokenTarget` for which the token is being
38 issued.
39 :param scopes: A list of `AccessTokenScope`s to be granted by the
40 token.
41@@ -101,10 +101,10 @@ class IAccessTokenSet(Interface):
42 :param owner: An `IPerson`.
43 """
44
45- def findByContext(context):
46- """Return all access tokens for this context.
47+ def findByTarget(target):
48+ """Return all access tokens for this target.
49
50- :param context: An `IGitRepository`.
51+ :param target: An `IGitRepository`.
52 """
53
54
55diff --git a/lib/lp/services/auth/model.py b/lib/lp/services/auth/model.py
56index c1228d1..437be7e 100644
57--- a/lib/lp/services/auth/model.py
58+++ b/lib/lp/services/auth/model.py
59@@ -78,20 +78,20 @@ class AccessToken(StormBase):
60
61 resolution = timedelta(minutes=10)
62
63- def __init__(self, secret, owner, description, context, scopes):
64+ def __init__(self, secret, owner, description, target, scopes):
65 """Construct an `AccessToken`."""
66 self._token_sha256 = hashlib.sha256(secret.encode()).hexdigest()
67 self.owner = owner
68 self.description = description
69- if IGitRepository.providedBy(context):
70- self.git_repository = context
71+ if IGitRepository.providedBy(target):
72+ self.git_repository = target
73 else:
74- raise TypeError("Unsupported context: {!r}".format(context))
75+ raise TypeError("Unsupported target: {!r}".format(target))
76 self.scopes = scopes
77 self.date_created = UTC_NOW
78
79 @property
80- def context(self):
81+ def target(self):
82 """See `IAccessToken`."""
83 return self.git_repository
84
85@@ -139,10 +139,10 @@ class AccessToken(StormBase):
86 @implementer(IAccessTokenSet)
87 class AccessTokenSet:
88
89- def new(self, secret, owner, description, context, scopes):
90+ def new(self, secret, owner, description, target, scopes):
91 """See `IAccessTokenSet`."""
92 store = IStore(AccessToken)
93- token = AccessToken(secret, owner, description, context, scopes)
94+ token = AccessToken(secret, owner, description, target, scopes)
95 store.add(token)
96 return token
97
98@@ -156,11 +156,11 @@ class AccessTokenSet:
99 """See `IAccessTokenSet`."""
100 return IStore(AccessToken).find(AccessToken, owner=owner)
101
102- def findByContext(self, context):
103+ def findByTarget(self, target):
104 """See `IAccessTokenSet`."""
105 kwargs = {}
106- if IGitRepository.providedBy(context):
107- kwargs["git_repository"] = context
108+ if IGitRepository.providedBy(target):
109+ kwargs["git_repository"] = target
110 else:
111- raise TypeError("Unsupported context: {!r}".format(context))
112+ raise TypeError("Unsupported target: {!r}".format(target))
113 return IStore(AccessToken).find(AccessToken, **kwargs)
114diff --git a/lib/lp/services/auth/tests/test_model.py b/lib/lp/services/auth/tests/test_model.py
115index 77ce073..f97d498 100644
116--- a/lib/lp/services/auth/tests/test_model.py
117+++ b/lib/lp/services/auth/tests/test_model.py
118@@ -49,11 +49,11 @@ class TestAccessToken(TestCaseWithFactory):
119 login_person(owner)
120 self.assertTrue(check_permission("launchpad.Edit", token))
121
122- def test_context_owner_can_edit(self):
123- context_owner = self.factory.makePerson()
124- repository = self.factory.makeGitRepository(owner=context_owner)
125- _, token = self.factory.makeAccessToken(context=repository)
126- login_person(context_owner)
127+ def test_target_owner_can_edit(self):
128+ target_owner = self.factory.makePerson()
129+ repository = self.factory.makeGitRepository(owner=target_owner)
130+ _, token = self.factory.makeAccessToken(target=repository)
131+ login_person(target_owner)
132 self.assertTrue(check_permission("launchpad.Edit", token))
133
134 def test_other_user_cannot_edit(self):
135@@ -173,15 +173,15 @@ class TestAccessTokenSet(TestCaseWithFactory):
136 self.assertEqual(64, len(secret))
137 owner = self.factory.makePerson()
138 description = "Test token"
139- context = self.factory.makeGitRepository()
140+ target = self.factory.makeGitRepository()
141 scopes = [AccessTokenScope.REPOSITORY_BUILD_STATUS]
142 _, token = self.factory.makeAccessToken(
143- secret=secret, owner=owner, description=description,
144- context=context, scopes=scopes)
145+ secret=secret, owner=owner, description=description, target=target,
146+ scopes=scopes)
147 self.assertThat(
148 removeSecurityProxy(token), MatchesStructure.byEquality(
149 _token_sha256=hashlib.sha256(secret.encode()).hexdigest(),
150- owner=owner, description=description, context=context,
151+ owner=owner, description=description, target=target,
152 scopes=scopes))
153
154 def test_getBySecret(self):
155@@ -206,17 +206,16 @@ class TestAccessTokenSet(TestCaseWithFactory):
156 self.assertContentEqual(
157 [], getUtility(IAccessTokenSet).findByOwner(owners[2]))
158
159- def test_findByContext(self):
160- contexts = [self.factory.makeGitRepository() for _ in range(3)]
161+ def test_findByTarget(self):
162+ targets = [self.factory.makeGitRepository() for _ in range(3)]
163 tokens = [
164- self.factory.makeAccessToken(context=contexts[0])[1],
165- self.factory.makeAccessToken(context=contexts[0])[1],
166- self.factory.makeAccessToken(context=contexts[1])[1],
167+ self.factory.makeAccessToken(target=targets[0])[1],
168+ self.factory.makeAccessToken(target=targets[0])[1],
169+ self.factory.makeAccessToken(target=targets[1])[1],
170 ]
171 self.assertContentEqual(
172- tokens[:2], getUtility(IAccessTokenSet).findByContext(contexts[0]))
173+ tokens[:2], getUtility(IAccessTokenSet).findByTarget(targets[0]))
174 self.assertContentEqual(
175- [tokens[2]],
176- getUtility(IAccessTokenSet).findByContext(contexts[1]))
177+ [tokens[2]], getUtility(IAccessTokenSet).findByTarget(targets[1]))
178 self.assertContentEqual(
179- [], getUtility(IAccessTokenSet).findByContext(contexts[2]))
180+ [], getUtility(IAccessTokenSet).findByTarget(targets[2]))
181diff --git a/lib/lp/services/webapp/tests/test_servers.py b/lib/lp/services/webapp/tests/test_servers.py
182index a551f78..aa5123f 100644
183--- a/lib/lp/services/webapp/tests/test_servers.py
184+++ b/lib/lp/services/webapp/tests/test_servers.py
185@@ -892,7 +892,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
186 def test_checkRequest_valid(self):
187 repository = self.factory.makeGitRepository()
188 self._makeAccessTokenVerifiedRequest(
189- context=repository,
190+ target=repository,
191 scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
192 getUtility(IWebServiceConfiguration).checkRequest(
193 repository,
194@@ -901,7 +901,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
195 def test_checkRequest_bad_context(self):
196 repository = self.factory.makeGitRepository()
197 self._makeAccessTokenVerifiedRequest(
198- context=repository,
199+ target=repository,
200 scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
201 self.assertRaisesWithContent(
202 Unauthorized,
203@@ -912,7 +912,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
204 def test_checkRequest_unscoped_method(self):
205 repository = self.factory.makeGitRepository()
206 self._makeAccessTokenVerifiedRequest(
207- context=repository,
208+ target=repository,
209 scopes=[AccessTokenScope.REPOSITORY_BUILD_STATUS])
210 self.assertRaisesWithContent(
211 Unauthorized,
212@@ -923,7 +923,7 @@ class TestWebServiceAccessTokens(TestCaseWithFactory):
213 def test_checkRequest_wrong_scope(self):
214 repository = self.factory.makeGitRepository()
215 self._makeAccessTokenVerifiedRequest(
216- context=repository,
217+ target=repository,
218 scopes=[
219 AccessTokenScope.REPOSITORY_BUILD_STATUS,
220 AccessTokenScope.REPOSITORY_PUSH,
221diff --git a/lib/lp/services/webservice/configuration.py b/lib/lp/services/webservice/configuration.py
222index f52918a..8b56842 100644
223--- a/lib/lp/services/webservice/configuration.py
224+++ b/lib/lp/services/webservice/configuration.py
225@@ -102,7 +102,7 @@ class LaunchpadWebServiceConfiguration(BaseWebServiceConfiguration):
226 access_token = get_interaction_extras().access_token
227 if access_token is None:
228 return
229- if access_token.context != context:
230+ if access_token.target != context:
231 raise Unauthorized(
232 "Current authentication does not allow access to this object.")
233 if not required_scopes:
234diff --git a/lib/lp/testing/factory.py b/lib/lp/testing/factory.py
235index 3ba8333..4fccdec 100644
236--- a/lib/lp/testing/factory.py
237+++ b/lib/lp/testing/factory.py
238@@ -4519,7 +4519,7 @@ class BareLaunchpadObjectFactory(ObjectFactory):
239 return request_token.createAccessToken()
240
241 def makeAccessToken(self, secret=None, owner=None, description=None,
242- context=None, scopes=None):
243+ target=None, scopes=None):
244 """Create a personal access token.
245
246 :return: A tuple of the secret for the new token and the token
247@@ -4531,12 +4531,12 @@ class BareLaunchpadObjectFactory(ObjectFactory):
248 owner = self.makePerson()
249 if description is None:
250 description = self.getUniqueUnicode()
251- if context is None:
252- context = self.makeGitRepository()
253+ if target is None:
254+ target = self.makeGitRepository()
255 if scopes is None:
256 scopes = []
257 token = getUtility(IAccessTokenSet).new(
258- secret, owner, description, context, scopes)
259+ secret, owner, description, target, scopes)
260 return secret, token
261
262 def makeCVE(self, sequence, description=None,

Subscribers

People subscribed via source and target branches

to status/vote changes: