Merge lp:~jtv/launchpad/bug-822640 into lp:launchpad
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Jeroen T. Vermeulen | ||||
Approved revision: | no longer in the source branch. | ||||
Merged at revision: | 13629 | ||||
Proposed branch: | lp:~jtv/launchpad/bug-822640 | ||||
Merge into: | lp:launchpad | ||||
Diff against target: |
22 lines (+4/-0) 1 file modified
database/schema/security.cfg (+4/-0) |
||||
To merge this branch: | bzr merge lp:~jtv/launchpad/bug-822640 | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Benji York (community) | code | Approve | |
Review via email: mp+70730@code.launchpad.net |
Commit message
[r=benji][bug=822640] Extra DB privileges publish-ftpmaster needs.
Description of the change
= Summary =
The new publish-ftpmaster script runs process-accepted and publish-distro in-process now, so needs the same privileges. Some of them are fairly obscure, hidden away in massive complexity and deep code paths so testing for them in advance was not a realistic proposition.
== Proposed fix ==
Four tables needed extra access privileges for the archivepublisher user.
== Pre-implementation notes ==
William was kind enough to run through the database roles and figure out what the differences amounted to. This was not easy because of structural differences in how their security configs were arranged.
Managing this kind of thing has gotten far out of hand.
== Tests ==
It should be possible to reconstruct test scenarios where these privileges are used, but to do so would probably incur significant costs in both development and in test run times. I don't believe such relatively small configuration changes are worth it; the worry is not that this might regress, but that we may have forgotten about another obscure code path that reads from another table.
== Demo and Q/A ==
Observe the publish-ftpmaster script runnin in production, at three minutes past every hour. Dogfood testing was not enough to turn up the missing SELECT privilege on TranslationGroup that we observed.
= Launchpad lint =
Checking for conflicts and issues in changed files.
Linting changed files:
database/
Looks good.