Launchpad itself

Merge ~cjwatson/launchpad:doc-update-security into launchpad:master

  1. Git
  2. lp:~cjwatson/launchpad
  3. doc-update-security
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: ae9c9d53acdb35a275c6c4ce131256aa92825510
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/launchpad:doc-update-security
Merge into: launchpad:master
Diff against target: 113 lines (+36/-27)
2 files modified
doc/index.rst (+1/-1)
doc/security.rst (+35/-26)
Reviewer Review Type Date Requested Status
Jürgen Gmach Approve
Review via email: mp+412467@code.launchpad.net

Commit message

Update some details of "Security Policy in Launchpad"

Description of the change

I updated formatting, some paths, and a few other details. Otherwise it seems to be more or less up to date (if perhaps not very complete), so lift it back up to the "Technical" section of the index.

To post a comment you must log in.
Revision history for this message
Jürgen Gmach (jugmac00) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/doc/index.rst b/doc/index.rst
2index 1677578..cfe0521 100644
3--- a/doc/index.rst
4+++ b/doc/index.rst
5@@ -48,6 +48,7 @@ Technical
6 :maxdepth: 1
7
8 pip
9+ security
10
11 Possibly out-of-date
12 --------------------
13@@ -55,7 +56,6 @@ Possibly out-of-date
14 .. toctree::
15 :maxdepth: 1
16
17- security
18 email
19
20 Other
21diff --git a/doc/security.rst b/doc/security.rst
22index 0ff5d6a..c80dba8 100644
23--- a/doc/security.rst
24+++ b/doc/security.rst
25@@ -10,20 +10,24 @@ This document is about security policy in Launchpad.
26 Defining Permissions in Launchpad
27 ---------------------------------
28
29-**NOTE: A new permission should only be defined if absolutely necessary, and
30-it should be considered thoroughly in a code review.**
31+.. note::
32
33-Occassionally, you'll find yourself in a situation where the existing
34-permissions in Launchpad aren't enough for what you want. For example, as I
35-was writing this document I needed a permission I could attach to things to
36-provide policy for who can view a thing. That is, I wanted a permission called
37-launchpad.View.
38-A new permission (see the NOTE above) is defined in Launchpad in the file
39-lib/canonical/launchpad/permissions.zcml. So, to define the permission
40-launchpad.View, we'd add a line like this to that file:
41+ A new permission should only be defined if absolutely necessary, and it
42+ should be considered thoroughly in a code review.
43
44- <permission id="launchpad.View" title="Viewing something"
45- access_level="read" />
46+Occasionally, you'll find yourself in a situation where the existing
47+permissions in Launchpad aren't enough for what you want. For example, when
48+privacy support was first being added to Launchpad, it required a permission
49+to provide policy for who can view a thing, called ``launchpad.View``.
50+
51+A new permission (see the note above) is defined in Launchpad in the file
52+``lib/lp/permissions.zcml``. So, to define the permission
53+``launchpad.View``, we'd add a line like this to that file:
54+
55+.. code-block:: xml
56+
57+ <permission
58+ id="launchpad.View" title="Viewing something" access_level="read" />
59
60
61 Defining Authorization Policies for Permissions
62@@ -36,25 +40,29 @@ interface.
63 In Launchpad, an authorization policy is expressed through a security adapter.
64 To define a security adapter for a given permission on an interface:
65
66-1. Define the adapter in lib/canonical/launchpad/security.py. Here's a simple
67-example of an adapter that authorizes only an object owner for the
68-launchpad.Edit permission on objects that implement the IHasOwner interface::
69+1. Define the adapter in ``lib/lp/security.py``. Here's a simple example of
70+ an adapter that authorizes only an object owner for the
71+ ``launchpad.Edit`` permission on objects that implement the ``IHasOwner``
72+ interface:
73+
74+.. code-block:: python
75
76 class EditByOwner(AuthorizationBase):
77 permission = 'launchpad.Edit'
78 usedfor = IHasOwner
79
80- def checkAuthenticated(self, person):
81+ def checkAuthenticated(self, user):
82 """Authorize the object owner."""
83- if person.id == self.obj.owner.id:
84- return True
85+ return user.isOwner(self.obj)
86+
87+Read the ``IAuthorization`` interface to ensure that you've defined the
88+adapter appropriately.
89
90-Read the IAuthorization interface to ensure that you've defined the adapter
91-appropriately.
92+2. Declare the permission on a given interface in a ZCML file. So, for the
93+ above adapter, here's how it might be hooked up to ``IProduct``, where
94+ ``IProduct`` is protected with the ``launchpad.Edit`` permission:
95
96-2. Declare the permission on a given interface in a zcml file. So, for the
97-above adapter, here's how it's hooked up to IProduct, where IProduct is
98-protected with the launchpad.Edit permission::
99+.. code-block:: xml
100
101 <class
102 class="lp.registry.model.product.Product">
103@@ -68,6 +76,7 @@ protected with the launchpad.Edit permission::
104 set_attributes="commercial_subscription description"/>
105 </class>
106
107-In this example, the EditByOwner adapter's checkAuthenticated method will be
108-called to determine if the currently authenticated user is authorized to
109-access whatever is protected by launchpad.Edit on an IProduct.
110+In this example, the ``EditByOwner`` adapter's ``checkAuthenticated`` method
111+will be called to determine if the currently authenticated user is
112+authorized to access whatever is protected by ``launchpad.Edit`` on an
113+``IProduct``.

Subscribers

People subscribed via source and target branches

to status/vote changes: