Launchpad itself

Merge lp:~cprov/launchpad/bug-409208-ppa-search-permissions into lp:launchpad

  1. bug-409208-ppa-search-permissions
  2. Merge into devel
Proposed by Celso Providelo
Status: Merged
Merged at revision: not available
Proposed branch: lp:~cprov/launchpad/bug-409208-ppa-search-permissions
Merge into: lp:launchpad
Diff against target: None lines
To merge this branch: bzr merge lp:~cprov/launchpad/bug-409208-ppa-search-permissions
Reviewer Review Type Date Requested Status
Michael Nelson (community) Approve
Review via email: mp+10077@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Celso Providelo (cprov) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

= Summary =

This branch fixes https://bugs.edge.launchpad.net/bugs/409208, when disabled PPAs were leaking in the PPA search results.

Since https://bugs.edge.launchpad.net/bugs/367796 (devel r9015) only owners can view disabled PPAs.

== Proposed fix ==

The fix it trivial, simply filters out disabled PPAs from the search results

== Tests ==

./bin/test -vv -t package-cache.txt

== Demo and Q/A ==

1. As foo.bar disable Celso PPA (~cprov/+archive/+ppa)

2. Yet as 'foo.bar' search for PPAs matching 'cprov' in ubuntu/+ppas, you will be able to see it.

3. As anonymous or 'no-priv' repeat the search and you will get nothing.

= Launchpad lint =

Checking for conflicts. and issues in doctests and templates.
Running jslint, xmllint, pyflakes, and pylint.
Using normal rules.

Linting changed files:
  lib/lp/soyuz/doc/package-cache.txt
  lib/lp/registry/model/distribution.py
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqDdNAACgkQ7KBXuXyZSjDNlACdFMQBI9HNQIiM2YOR/o86o2EW
G48AoIjaXSKjgC5djvyXpL+kRt9dciSo
=oBIT
-----END PGP SIGNATURE-----

Revision history for this message
Michael Nelson (michael.nelson) wrote :

Great work Celso! The doc test changes document the nuance very well.

My only thought was whether it is worth a comment above the switchDbUser just letting the reader know why it is necessary (for permission on TeamParticipation?).

Thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'lib/lp/registry/model/distribution.py'
--- lib/lp/registry/model/distribution.py 2009-08-03 13:00:37 +0000
+++ lib/lp/registry/model/distribution.py 2009-08-13 01:58:22 +0000
@@ -1228,7 +1228,7 @@
1228 if user is not None:1228 if user is not None:
1229 if not user.inTeam(getUtility(ILaunchpadCelebrities).admin):1229 if not user.inTeam(getUtility(ILaunchpadCelebrities).admin):
1230 clauses.append("""1230 clauses.append("""
1231 (Archive.private = FALSE OR1231 ((Archive.private = FALSE AND Archive.enabled = TRUE) OR
1232 Archive.owner = %s OR1232 Archive.owner = %s OR
1233 %s IN (SELECT TeamParticipation.person1233 %s IN (SELECT TeamParticipation.person
1234 FROM TeamParticipation1234 FROM TeamParticipation
@@ -1237,7 +1237,8 @@
1237 )1237 )
1238 """ % sqlvalues(user, user, user))1238 """ % sqlvalues(user, user, user))
1239 else:1239 else:
1240 clauses.append("Archive.private = FALSE")1240 clauses.append(
1241 "Archive.private = FALSE AND Archive.enabled = TRUE")
12411242
12421243
1243 query = ' AND '.join(clauses)1244 query = ' AND '.join(clauses)
12441245
=== modified file 'lib/lp/soyuz/doc/package-cache.txt'
--- lib/lp/soyuz/doc/package-cache.txt 2009-08-03 13:00:37 +0000
+++ lib/lp/soyuz/doc/package-cache.txt 2009-08-13 01:58:22 +0000
@@ -715,6 +715,9 @@
715 ... archive.sources_cached, source_caches.count())715 ... archive.sources_cached, source_caches.count())
716 ... print '%d binaries cached [%d]' % (716 ... print '%d binaries cached [%d]' % (
717 ... archive.binaries_cached, binary_caches.count())717 ... archive.binaries_cached, binary_caches.count())
718 >>> def print_search_results(text, user=None):
719 ... for ppa in ubuntu.searchPPAs(text, user=user):
720 ... print ppa.displayname
718721
719 >>> rebuild_caches(cprov.archive)722 >>> rebuild_caches(cprov.archive)
720723
@@ -722,19 +725,55 @@
722 3 sources cached [3]725 3 sources cached [3]
723 2 binaries cached [2]726 2 binaries cached [2]
724727
725When Celso's PPA gets disabled and the indexes rebuilt, the cache728 >>> print_search_results('pmount')
726records are removed.729 PPA for Celso Providelo
730
731When Celso's PPA gets disabled, the indexes remain in the DB.
727732
728 >>> cprov.archive.enabled = False733 >>> cprov.archive.enabled = False
729734
735 >>> print_caches(cprov.archive)
736 3 sources cached [3]
737 2 binaries cached [2]
738
739However the disabled PPA is not included in search results for
740anonymous requests or requests from users with no view permission to
741Celso's PPA.
742
743 >>> commit()
744 >>> LaunchpadZopelessLayer.switchDbUser('launchpad')
745
746 >>> print_search_results('pmount')
747
748 >>> no_priv = getUtility(IPersonSet).getByName('no-priv')
749 >>> print_search_results('pmount', user=no_priv)
750
751Only the owner of the PPA can still find it until the changes are
752removed.
753
754 >>> print_search_results('pmount', user=cprov)
755 PPA for Celso Providelo
756
757When indexes rebuilt the cache records are removed and not even the
758owner is able to find the disabled PPA.
759
760 >>> LaunchpadZopelessLayer.switchDbUser(test_dbuser)
730 >>> rebuild_caches(cprov.archive)761 >>> rebuild_caches(cprov.archive)
731762
732 >>> print_caches(cprov.archive)763 >>> print_caches(cprov.archive)
733 0 sources cached [0]764 0 sources cached [0]
734 0 binaries cached [0]765 0 binaries cached [0]
735766
767 >>> commit()
768 >>> LaunchpadZopelessLayer.switchDbUser('launchpad')
769
770 >>> print_search_results('pmount', user=cprov)
771
772 >>> LaunchpadZopelessLayer.switchDbUser(test_dbuser)
773
736If by any chance, the disabled PPA gets re-enabled, the cache records774If by any chance, the disabled PPA gets re-enabled, the cache records
737will be re-created when the indexes are rebuilt.775will be re-created when the indexes are rebuilt and the ppa becomes
776publicly searchable again.
738777
739 >>> cprov.archive.enabled = True778 >>> cprov.archive.enabled = True
740779
@@ -744,3 +783,5 @@
744 3 sources cached [3]783 3 sources cached [3]
745 2 binaries cached [2]784 2 binaries cached [2]
746785
786 >>> print_search_results('cprov')
787 PPA for Celso Providelo