Merge lp:~cjwatson/launchpad/pocket-permissions into lp:launchpad

Proposed by Colin Watson on 2012-06-13
Status: Merged
Approved by: William Grant on 2012-06-13
Approved revision: no longer in the source branch.
Merged at revision: 15412
Proposed branch: lp:~cjwatson/launchpad/pocket-permissions
Merge into: lp:launchpad
Diff against target: 286 lines (+121/-35)
3 files modified
lib/lp/soyuz/browser/archive.py (+6/-0)
lib/lp/soyuz/browser/archivepermission.py (+5/-3)
lib/lp/soyuz/stories/webservice/xx-archive.txt (+110/-32)
To merge this branch: bzr merge lp:~cjwatson/launchpad/pocket-permissions
Reviewer Review Type Date Requested Status
William Grant code 2012-06-13 Approve on 2012-06-13
Review via email: mp+110037@code.launchpad.net

Commit Message

Fix archive permission traversal to handle pocket permissions.

Description of the Change

== Summary ==

https://code.launchpad.net/~cjwatson/launchpad/pocket-permissions/+merge/109192 missed a spot, which meant that the new Archive.newPocketUploader method wasn't actually usable.

== Proposed fix ==

Fix the traversal methods, and of course improve test coverage to catch this kind of thing.

== LOC Rationale ==

+86. The previous branch this builds on was -46, and I have 2300 lines of credit so I'd like to count this against some of that.

== Tests ==

bin/test -vvct xx-archive.txt

== Demo and Q/A ==

Same as https://code.launchpad.net/~cjwatson/launchpad/pocket-permissions/+merge/109192.

== Lint ==

./lib/lp/soyuz/stories/webservice/xx-archive.txt
      43: want exceeds 78 characters.
      47: want exceeds 78 characters.
     173: want exceeds 78 characters.
     190: want exceeds 78 characters.
     207: want exceeds 78 characters.
     224: want exceeds 78 characters.
     370: want exceeds 78 characters.
     431: want exceeds 78 characters.
     562: want exceeds 78 characters.
     624: want exceeds 78 characters.

Most of this is pre-existing, except for one line which follows the same pattern as the others.

To post a comment you must log in.
William Grant (wgrant) :
review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lib/lp/soyuz/browser/archive.py'
2--- lib/lp/soyuz/browser/archive.py 2012-06-12 10:59:43 +0000
3+++ lib/lp/soyuz/browser/archive.py 2012-06-13 11:15:29 +0000
4@@ -402,6 +402,12 @@
5 if series is not None:
6 the_item = getUtility(IPackagesetSet).getByName(
7 item, distroseries=series)
8+ elif item_type == 'pocket':
9+ # See if "item" is a pocket name.
10+ try:
11+ the_item = PackagePublishingPocket.items[item]
12+ except KeyError:
13+ pass
14 else:
15 the_item = None
16
17
18=== modified file 'lib/lp/soyuz/browser/archivepermission.py'
19--- lib/lp/soyuz/browser/archivepermission.py 2012-04-16 23:02:44 +0000
20+++ lib/lp/soyuz/browser/archivepermission.py 2012-06-13 11:15:29 +0000
21@@ -1,4 +1,4 @@
22-# Copyright 2009 Canonical Ltd. This software is licensed under the
23+# Copyright 2009-2012 Canonical Ltd. This software is licensed under the
24 # GNU Affero General Public License version 3 (see the file LICENSE).
25
26 """Browser views for archivepermission."""
27@@ -34,7 +34,7 @@
28 elif self.context.permission == ArchivePermissionType.QUEUE_ADMIN:
29 perm_type = "+queue-admin"
30 else:
31- raise AssertionError, (
32+ raise AssertionError(
33 "Unknown permission type %s" % self.context.permission)
34
35 username = self.context.person.name
36@@ -48,8 +48,10 @@
37 item = ("type=packageset&item=%s&series=%s" %
38 (self.context.package_set_name,
39 self.context.distro_series_name))
40+ elif self.context.pocket is not None:
41+ item = "type=pocket&item=%s" % self.context.pocket.name
42 else:
43- raise AssertionError, (
44+ raise AssertionError(
45 "One of component, sourcepackagename or package set should "
46 "be set")
47
48
49=== modified file 'lib/lp/soyuz/stories/webservice/xx-archive.txt'
50--- lib/lp/soyuz/stories/webservice/xx-archive.txt 2012-06-12 04:05:44 +0000
51+++ lib/lp/soyuz/stories/webservice/xx-archive.txt 2012-06-13 11:15:29 +0000
52@@ -242,7 +242,8 @@
53 ... return (entry['permission'],
54 ... entry['person_link'],
55 ... entry['component_name'],
56- ... entry['source_package_name']),
57+ ... entry['source_package_name'],
58+ ... entry['pocket']),
59
60 >>> def show_permission_entries(permissions):
61 ... for entry in sorted(permissions['entries'],
62@@ -251,10 +252,11 @@
63 ... print entry['person_link']
64 ... print entry['component_name']
65 ... print entry['source_package_name']
66+ ... print entry['pocket']
67
68 >>> show_permission_entries(permissions)
69- Archive Upload Rights ...~ubuntu-team main None
70- Archive Upload Rights ...~ubuntu-team universe None
71+ Archive Upload Rights ...~ubuntu-team main None None
72+ Archive Upload Rights ...~ubuntu-team universe None None
73
74 `getUploadersForPackage` returns all the permissions where someone can
75 upload a particular package.
76@@ -266,7 +268,7 @@
77 ... show_permission_entries(permissions)
78
79 >>> show_mozilla_permissions()
80- Archive Upload Rights ...~carlos None mozilla-firefox
81+ Archive Upload Rights ...~carlos None mozilla-firefox None
82
83 Passing a bad package name results in an error:
84
85@@ -368,8 +370,8 @@
86 http://.../ubuntu/+archive/primary/+upload/name12?type=packagename&item=mozilla-firefox
87
88 >>> show_mozilla_permissions()
89- Archive Upload Rights ...~carlos None mozilla-firefox
90- Archive Upload Rights ...~name12 None mozilla-firefox
91+ Archive Upload Rights ...~carlos None mozilla-firefox None
92+ Archive Upload Rights ...~name12 None mozilla-firefox None
93
94 deletePackageUploader() removes that permission:
95
96@@ -383,7 +385,7 @@
97 And we can see that it's gone:
98
99 >>> show_mozilla_permissions()
100- Archive Upload Rights ...~carlos None mozilla-firefox
101+ Archive Upload Rights ...~carlos None mozilla-firefox None
102
103 getUploadersForComponent returns all the permissions where someone can
104 upload to a particular component:
105@@ -395,7 +397,7 @@
106 ... show_permission_entries(permissions)
107
108 >>> show_component_permissions("main")
109- Archive Upload Rights ...~ubuntu-team main None
110+ Archive Upload Rights ...~ubuntu-team main None None
111
112 Passing a bad component name results in an error:
113
114@@ -409,8 +411,8 @@
115 all components.
116
117 >>> show_component_permissions()
118- Archive Upload Rights ...~ubuntu-team main None
119- Archive Upload Rights ...~ubuntu-team universe None
120+ Archive Upload Rights ...~ubuntu-team main None None
121+ Archive Upload Rights ...~ubuntu-team universe None None
122
123 newComponentUploader adds a new permission for a person to upload to a
124 component.
125@@ -429,10 +431,10 @@
126 http://.../ubuntu/+archive/primary/+upload/name12?type=component&item=restricted
127
128 >>> show_component_permissions()
129- Archive Upload Rights ...~name12 restricted None
130- Archive Upload Rights ...~ubuntu-team main None
131- Archive Upload Rights ...~ubuntu-team restricted None
132- Archive Upload Rights ...~ubuntu-team universe None
133+ Archive Upload Rights ...~name12 restricted None None
134+ Archive Upload Rights ...~ubuntu-team main None None
135+ Archive Upload Rights ...~ubuntu-team restricted None None
136+ Archive Upload Rights ...~ubuntu-team universe None None
137
138 We can use ``checkUpload`` to verify that a person can upload a
139 sourcepackage.
140@@ -459,9 +461,9 @@
141 And we can see that it's gone:
142
143 >>> show_component_permissions()
144- Archive Upload Rights ...~ubuntu-team main None
145- Archive Upload Rights ...~ubuntu-team restricted None
146- Archive Upload Rights ...~ubuntu-team universe None
147+ Archive Upload Rights ...~ubuntu-team main None None
148+ Archive Upload Rights ...~ubuntu-team restricted None None
149+ Archive Upload Rights ...~ubuntu-team universe None None
150
151 And ``checkUpload`` now also no longer passes:
152
153@@ -525,8 +527,8 @@
154 ... show_permission_entries(permissions)
155
156 >>> show_admins_for_component("main")
157- Queue Administration Rights ...~name12 main None
158- Queue Administration Rights ...~ubuntu-team main None
159+ Queue Administration Rights ...~name12 main None None
160+ Queue Administration Rights ...~ubuntu-team main None None
161
162 getComponentsForQueueAdmin returns all the permissions relating to components
163 where the user is able to administer distroseries queues.
164@@ -538,10 +540,10 @@
165 ... show_permission_entries(permissions)
166
167 >>> show_components_for_admin(name12)
168- Queue Administration Rights ...~name12 main None
169- Queue Administration Rights ...~name12 multiverse None
170- Queue Administration Rights ...~name12 restricted None
171- Queue Administration Rights ...~name12 universe None
172+ Queue Administration Rights ...~name12 main None None
173+ Queue Administration Rights ...~name12 multiverse None None
174+ Queue Administration Rights ...~name12 restricted None None
175+ Queue Administration Rights ...~name12 universe None None
176
177 newQueueAdmin adds a new permission for a person to administer distroseries
178 queues in a particular component.
179@@ -560,11 +562,11 @@
180 http://.../ubuntu/+archive/primary/+queue-admin/name12?type=component&item=partner
181
182 >>> show_components_for_admin(name12)
183- Queue Administration Rights ...~name12 main None
184- Queue Administration Rights ...~name12 multiverse None
185- Queue Administration Rights ...~name12 partner None
186- Queue Administration Rights ...~name12 restricted None
187- Queue Administration Rights ...~name12 universe None
188+ Queue Administration Rights ...~name12 main None None
189+ Queue Administration Rights ...~name12 multiverse None None
190+ Queue Administration Rights ...~name12 partner None None
191+ Queue Administration Rights ...~name12 restricted None None
192+ Queue Administration Rights ...~name12 universe None None
193
194 deleteQueueAdmin removes that permission.
195
196@@ -578,10 +580,86 @@
197 And we can see that it's gone:
198
199 >>> show_components_for_admin(name12)
200- Queue Administration Rights ...~name12 main None
201- Queue Administration Rights ...~name12 multiverse None
202- Queue Administration Rights ...~name12 restricted None
203- Queue Administration Rights ...~name12 universe None
204+ Queue Administration Rights ...~name12 main None None
205+ Queue Administration Rights ...~name12 multiverse None None
206+ Queue Administration Rights ...~name12 restricted None None
207+ Queue Administration Rights ...~name12 universe None None
208+
209+getUploadersForPocket returns all the permissions where someone can upload
210+to a particular pocket:
211+
212+ >>> ubuntu_devel = webservice.get(
213+ ... '/distros', api_version='devel').jsonBody()['entries'][0]
214+
215+ >>> def show_pocket_permissions(pocket):
216+ ... permissions = user_webservice.named_get(
217+ ... ubuntu_devel['main_archive_link'], 'getUploadersForPocket',
218+ ... api_version='devel', pocket=pocket).jsonBody()
219+ ... show_permission_entries(permissions)
220+
221+ >>> show_pocket_permissions('Proposed')
222+
223+Passing a bad pocket name results in an error:
224+
225+ >>> print cjwatson_webservice.named_get(
226+ ... ubuntu_devel['main_archive_link'], 'getUploadersForPocket',
227+ ... api_version='devel', pocket='badpocket')
228+ HTTP/1.1 400 Bad Request
229+ ...
230+ pocket: Invalid value "badpocket". Acceptable values are: ...
231+
232+newPocketUploader adds a new permission for a person to upload to a pocket.
233+
234+ >>> response = ubuntu_owner_webservice.named_post(
235+ ... ubuntu_devel['main_archive_link'], 'newPocketUploader', {},
236+ ... api_version='devel', person=name12['self_link'],
237+ ... pocket='Proposed')
238+ >>> print response
239+ HTTP/1.1 201 Created
240+ ...
241+
242+ >>> new_permission = user_webservice.get(
243+ ... response.getHeader('Location')).jsonBody()
244+ >>> print new_permission['self_link']
245+ http://.../ubuntu/+archive/primary/+upload/name12?type=pocket&item=PROPOSED
246+
247+ >>> show_pocket_permissions('Proposed')
248+ Archive Upload Rights ...~name12 None None Proposed
249+
250+The person named in the permission can upload a package to this pocket.
251+
252+ >>> grumpy = user_webservice.get("/ubuntu/grumpy").jsonBody()
253+ >>> response = user_webservice.named_get(
254+ ... ubuntu['main_archive_link'], 'checkUpload',
255+ ... distroseries=grumpy['self_link'],
256+ ... sourcepackagename='mozilla-firefox', pocket='Proposed',
257+ ... component='restricted', person=name12['self_link'])
258+ >>> print(response)
259+ HTTP/1.1 200 Ok
260+ ...
261+
262+deletePocketUploader removes that permission:
263+
264+ >>> print ubuntu_owner_webservice.named_post(
265+ ... ubuntu_devel['main_archive_link'], 'deletePocketUploader', {},
266+ ... api_version='devel', person=name12['self_link'],
267+ ... pocket='Proposed')
268+ HTTP/1.1 200 Ok
269+ ...
270+
271+ >>> show_pocket_permissions('Proposed')
272+
273+ >>> grumpy = user_webservice.get("/ubuntu/grumpy").jsonBody()
274+ >>> response = user_webservice.named_get(
275+ ... ubuntu['main_archive_link'], 'checkUpload',
276+ ... distroseries=grumpy['self_link'],
277+ ... sourcepackagename='mozilla-firefox', pocket='Proposed',
278+ ... component='restricted', person=name12['self_link'])
279+ >>> print(response)
280+ HTTP/1.1 403 Forbidden
281+ ...
282+ The signer of this package has no upload rights to
283+ this distribution's primary archive. Did you mean to upload to a PPA?
284
285 Malformed archive permission URLs
286 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~