Merge lp:~jcsackett/launchpad/blueprint-private-traversal into lp:launchpad
Status: | Superseded |
---|---|
Proposed branch: | lp:~jcsackett/launchpad/blueprint-private-traversal |
Merge into: | lp:launchpad |
Diff against target: |
338 lines (+132/-45) 5 files modified
lib/lp/blueprints/browser/specification.py (+8/-8) lib/lp/blueprints/doc/specgraph.txt (+20/-16) lib/lp/blueprints/interfaces/specification.py (+12/-4) lib/lp/blueprints/model/specification.py (+37/-9) lib/lp/blueprints/model/tests/test_specification.py (+55/-8) |
To merge this branch: | bzr merge lp:~jcsackett/launchpad/blueprint-private-traversal |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Launchpad code reviewers | Pending | ||
Review via email: mp+137330@code.launchpad.net |
This proposal has been superseded by a proposal from 2012-11-30.
Commit message
Strips nonpublic specifications from the dependency graph on Specification:
Description of the change
Summary
=======
Specifications can have dependencies with different permissions (either
information_type or grants) than the root node; likewise, it can block
specifications with the same conditions.
In this situation the page currently 403s. Per our usual rules we want to show
the page without the information a user shouldn't see.
Preimp
======
Spoke with Orange Squad and William Grant.
Implementation
==============
The SpecGraph is updated to use all_deps and all_blocked; these are easy to
modify to filter out blueprints the user can't see.
Those two properties are converted to methods that take the user as a
parameter, which is then used with the sharing service to modify the results
of the query to only include the ones the user can see.
The SpecGraph object is modified to properly use the all_deps/
methods, and to recieve the user as an argument to __init__.
Tests
=====
bin/test -vvc -t TestSpecificati
QA
==
Follow the setup in the bug; you should see the page without a 403, and
without see nonpublic data that you have no grant for.
LoC
===
Part of private projects.
Lint
====
Checking for conflicts and issues in changed files.
Linting changed files:
lib/lp/
lib/lp/
lib/lp/
lib/lp/
lib/lp/