Launchpad itself

Merge lp:~jcsackett/launchpad/filter-milestone-vocabulary-for-projectgroups into lp:launchpad

filter-milestone-vocabulary-for-projectgroups
Merge into devel

Proposed by j.c.sackett on 2012-11-16

Status:

Merged

Approved by:

j.c.sackett on 2012-11-16

Approved revision:

no longer in the source branch.

Merged at revision:

16285

Proposed branch:

lp:~jcsackett/launchpad/filter-milestone-vocabulary-for-projectgroups

Merge into:

lp:launchpad

Diff against target:

83 lines (+35/-5)

2 files modified

lib/lp/registry/model/projectgroup.py (+6/-2)
lib/lp/registry/tests/test_milestone_vocabularies.py (+29/-3)

To merge this branch:

bzr merge lp:~jcsackett/launchpad/filter-milestone-vocabulary-for-projectgroups

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Abel Deuring (community)	code	2012-11-16	Approve on 2012-11-16
Review via email: mp+134667@code.launchpad.net

Commit message

Updates project group milestone filtering to not display milestones from associated private products if the user shouldn't see them.

Description of the change

Summary
=======
As it currently stands, when milestones are fetched for a projectgroup, the
milestones from all associated products are fetched, regardless of whether or
not they belong to a private product the current user cannot see.

Projectgroup must be updated to not show milestones the user can't see, using
our existing filtering clause.

Preimp
======
None.

Implementation
==============
The method `ProjectGroup`.`_getMilestoneCondition`, which creates the query to
fetch milestones, is updated to pull the current user from the launchbag and
create the privacy filtering clause from that. It then adds that clause to the
existing query.

Tests have also been updated for this case.

Tests
=====
bin/test -vvct TestMilestoneVocabulary

QA
==
Ensure the milestones listed for a project does not include anything from
associated private products.

LoC
===
Part of private projects.

Lint
====

Checking for conflicts and issues in changed files.

Linting changed files:
lib/lp/registry/model/projectgroup.py
lib/lp/registry/tests/test_milestone_vocabularies.py

Revision history for this message

Abel Deuring (adeuring) wrote on 2012-11-16:

Looks good.

But I am wondering if we need to change the expression returned by ProductSet.getProductPrivacyFilter():

Users may have an artifact grant for a bug/branch/blueprint of a private product but not a policy grant for the product itself; I suspect that we should add a clause like APGF.artifact == None to address this case.

But this affects of course other callsites of getProductPrivacyFilter(), so we should probably talk about it in our standup call on Monday.

review: Approve (code)

Revision history for this message

j.c.sackett (jcsackett) wrote on 2012-11-16:

> Users may have an artifact grant for a bug/branch/blueprint of a private
> product but not a policy grant for the product itself; I suspect that we
> should add a clause like APGF.artifact == None to address this case.
>
> But this affects of course other callsites of getProductPrivacyFilter(), so we
> should probably talk about it in our standup call on Monday.

I agree, especially after dicsussion on IRC. Let's bring this up in the next standup.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Barki Mustapha

Celso Providelo

Christian Reis

Christy Awad

Colin Watson

Harpianto,ANDI

James Troup

John A Meinel

Kevin bush

Launchpad code reviewers

Launchpad code reviewers from Canonical

Matthew Tanner

Maximiliano Bertacchini

Oguz Ersoz

Simon Brakhane

Ubuntu-BR DevOps

William Grant

alhawiti

api.ng

j.c.sackett

pedro cavazos

todaioan

wenjingwen

to status/vote changes:

Tzaddi

Tzaddi Belding

 === modified file 'lib/lp/registry/model/projectgroup.py'
 --- lib/lp/registry/model/projectgroup.py	2012-10-19 03:01:32 +0000
 +++ lib/lp/registry/model/projectgroup.py	2012-11-16 20:43:23 +0000
@@ -407,8 +407,12 @@
      def _getMilestoneCondition(self):
          """See `HasMilestonesMixin`."""
--        return And(Milestone.productID == Product.id,
--                   Product.projectID == self.id)
++        user = getUtility(ILaunchBag).user
++        privacy_filter = ProductSet.getProductPrivacyFilter(user)
++        return And(
++            Milestone.productID == Product.id,
++            Product.projectID == self.id,
++            privacy_filter)
      def _getMilestones(self, user, only_active):
          """Return a list of milestones for this project group.
 === modified file 'lib/lp/registry/tests/test_milestone_vocabularies.py'
 --- lib/lp/registry/tests/test_milestone_vocabularies.py	2012-10-11 04:57:59 +0000
 +++ lib/lp/registry/tests/test_milestone_vocabularies.py	2012-11-16 20:43:23 +0000
@@ -5,10 +5,9 @@
  __metaclass__ = type
--from unittest import TestCase
--
  from zope.component import getUtility
++from lp.app.enums import InformationType
  from lp.blueprints.interfaces.specification import ISpecificationSet
  from lp.registry.interfaces.distribution import IDistributionSet
  from lp.registry.interfaces.person import IPersonSet
@@ -18,20 +17,47 @@
  from lp.testing import (
      login,
      logout,
++    person_logged_in,
++    TestCaseWithFactory,
+     )
  from lp.testing.layers import DatabaseFunctionalLayer
--class TestMilestoneVocabulary(TestCase):
++class TestMilestoneVocabulary(TestCaseWithFactory):
      """Test that the MilestoneVocabulary behaves as expected."""
++
      layer = DatabaseFunctionalLayer
      def setUp(self):
++        super(TestMilestoneVocabulary, self).setUp()
          login('test@canonical.com')
      def tearDown(self):
++        super(TestMilestoneVocabulary, self).tearDown()
          logout()
++    def test_project_group_does_not_show_nonpublic_products(self):
++        # Milestones for a projectgroup should not include those on an
++        # associated private product.
++        owner = self.factory.makePerson()
++        group = self.factory.makeProject(owner=owner)
++        public = self.factory.makeProduct(project=group, owner=owner)
++        private = self.factory.makeProduct(project=group, owner=owner,
++            information_type=InformationType.PROPRIETARY)
++        with person_logged_in(owner):
++            m1 = self.factory.makeMilestone(name='public', product=public)
++            m2 = self.factory.makeMilestone(name='private', product=private)
++        vocabulary = MilestoneVocabulary(group)
++        expected = [m1.title]
++        listing = [term.title for term in vocabulary]
++        self.assertEqual(expected, listing)
++
++        with person_logged_in(owner):
++            vocabulary = MilestoneVocabulary(group)
++            expected = [m1.title, m2.title]
++            listing = [term.title for term in vocabulary]
++            self.assertEqual(expected, listing)
++
      def testProductMilestoneVocabulary(self):
          """Test of MilestoneVocabulary for a product."""
          firefox = getUtility(IProductSet).getByName('firefox')