Merge lp:~julian-edwards/launchpad/queue-accept-with-private-bugs into lp:launchpad
Status: | Merged |
---|---|
Approved by: | Julian Edwards |
Approved revision: | no longer in the source branch. |
Merged at revision: | 11556 |
Proposed branch: | lp:~julian-edwards/launchpad/queue-accept-with-private-bugs |
Merge into: | lp:launchpad |
Diff against target: |
167 lines (+62/-3) 3 files modified
lib/lp/soyuz/scripts/processaccepted.py (+10/-0) lib/lp/soyuz/scripts/tests/test_queue.py (+50/-2) lib/lp/testing/factory.py (+2/-1) |
To merge this branch: | bzr merge lp:~julian-edwards/launchpad/queue-accept-with-private-bugs |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Deryck Hodge (community) | code | Approve | |
Tim Penhey (community) | mentor | Approve | |
Steve Kowalik (community) | code* | Approve | |
Robert Collins | code | Pending | |
Review via email: mp+35438@code.launchpad.net |
Commit message
Fix an OOPS when an archive admin uses the +queue page to accept uploads that close private bugs.
Description of the change
= Summary =
Fix private bug closing when accepting package uploads.
As described in the linked bugs, we have a problem when someone accepts a held
upload if that upload is trying to access a bug that the user is not allowed
to see.
== Proposed fix ==
Normally this is not a problem for auto-accepted uploads because they run in
zopeless scripts, which don't care about the security. For this reason, I
feel it is ok to remove the security proxy in the code that is shared with the
webapp request.
== Pre-implementation notes ==
See the bug(s).
== Implementation details ==
A simple removeSecurityP
before it changes its status to RELEASED and adds the janitor message.
I'm inviting Deryck and Robert to review this as well, to see if you think
this approach is safe.
== Tests ==
bin/test -cvvt TestQueuePageCl
== Demo and Q/A ==
Set up a private bugtask on a source package using user "A". Make an upload
of that package to a frozen distroseries, with a Launchpad-
referring to it. The package will be held in the unapproved queue, where user
"B" can try to accept it.
This change looks sane to me.