Merge lp:~jcsackett/launchpad/edit-icons-permissions into lp:launchpad
Status: | Merged |
---|---|
Approved by: | j.c.sackett |
Approved revision: | no longer in the source branch. |
Merged at revision: | 16382 |
Proposed branch: | lp:~jcsackett/launchpad/edit-icons-permissions |
Merge into: | lp:launchpad |
Diff against target: |
121 lines (+26/-12) 5 files modified
lib/lp/registry/browser/pillar.py (+9/-7) lib/lp/registry/browser/tests/test_pillar_sharing.py (+1/-1) lib/lp/registry/javascript/sharing/granteetable.js (+6/-3) lib/lp/registry/javascript/sharing/pillarsharingview.js (+2/-1) lib/lp/registry/javascript/sharing/tests/test_pillarsharingview.js (+8/-0) |
To merge this branch: | bzr merge lp:~jcsackett/launchpad/edit-icons-permissions |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Richard Harding (community) | Approve | ||
Review via email: mp+140556@code.launchpad.net |
Commit message
Ensures widgets are not clickable on +sharing without the user having `launchpad.Edit`.
Description of the change
Summary
=======
The edit icons show up on +sharing for people who only have
`launchpad.Driver`; that's sufficient to view sharing data but not to edit, so
errors occur when you try to actually use the widget.
We shouldn't make the widgets editable for those without `launchpad.Edit`.
Preimp
======
Spoke with Deryck and Curtis.
Implementation
==============
On the sharing view, we add `has_edit_
used in the JS to ensure that the widgets' clickable_content property is only
set if the permission exists.
Tests
=====
bin/test -vvct sharing --layer=YUI
QA
==
Go check a page you have Edit on; you should be able to use the widgets. Go to
one you only have driver on; you should see the data but be unable to alter it
and be given no indication you can do so.
LoC
===
Part of private projects.
Lint
====
Checking for conflicts and issues in changed files.
Linting changed files:
lib/lp/
lib/lp/
lib/lp/
lib/lp/
Looks ok. I'd rather the editable was an ATTR that had the valueFn set to pull the value out of the LP.cache, but then you could easily over ride it manually by setting that attribute for testing and manual changes. In this way the cache is static and untouched. That might not be possible here if these YUI objects aren't full base class extensions so just take it as a suggestion vs a please fix.