Launchpad itself

Merge lp:~mwhudson/launchpad/allow-import-password into lp:launchpad

  1. allow-import-password
  2. Merge into devel
Proposed by Michael Hudson-Doyle on 2010-04-07
Status: Merged
Approved by: Michael Hudson-Doyle on 2010-04-28
Approved revision: no longer in the source branch.
Merged at revision: not available
Proposed branch: lp:~mwhudson/launchpad/allow-import-password
Merge into: lp:launchpad
Diff against target: 144 lines (+31/-15)
4 files modified
lib/lp/code/browser/codeimport.py (+4/-3)
lib/lp/code/interfaces/codeimport.py (+1/-1)
lib/lp/code/stories/codeimport/xx-admin-codeimport.txt (+8/-7)
lib/lp/code/stories/codeimport/xx-create-codeimport.txt (+18/-4)
To merge this branch: bzr merge lp:~mwhudson/launchpad/allow-import-password
Reviewer Review Type Date Requested Status
Tim Penhey (community) Approve on 2010-04-21
Jeroen T. Vermeulen (community) code 2010-04-07 Needs Fixing on 2010-04-07
Review via email: mp+22924@code.launchpad.net

Commit Message

Allow a username and password to be specified in a code import's URL

Description of the Change

Hi,

This branch adds the ability to specify a username and password in code import urls.

Cheers,
mwh

To post a comment you must log in.
Jeroen T. Vermeulen (jtv) wrote :

As per IRC, I have one problem with this: you're inviting users to enter complete login credentials which will then be shown publicly in the UI.

An option you proffered was a warning text. Another is to ensure that the password is never displayed except to the user who entered it.

review: Needs Fixing (code)
Tim Penhey (thumper) wrote :

I think that a warning on the page where they are entering it would be enough.

Tim Penhey (thumper) wrote :

I think if you add a warning on the page saying it will be publicly visible, we can land this.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lib/lp/code/browser/codeimport.py'
2--- lib/lp/code/browser/codeimport.py 2010-04-22 23:50:51 +0000
3+++ lib/lp/code/browser/codeimport.py 2010-04-28 02:54:28 +0000
4@@ -211,10 +211,11 @@
5 svn_branch_url = URIField(
6 title=_("Branch URL"), required=False,
7 description=_(
8- "The URL of a Subversion branch, starting with svn:// or"
9- " http(s)://. Only trunk branches are imported."),
10+ "The URL of a Subversion branch, starting with svn:// or "
11+ "http(s)://. You can include a username and password as part "
12+ "of the url, but this will be displayed on the branch page."),
13 allowed_schemes=["http", "https", "svn"],
14- allow_userinfo=False,
15+ allow_userinfo=True,
16 allow_port=True,
17 allow_query=False,
18 allow_fragment=False,
19
20=== modified file 'lib/lp/code/interfaces/codeimport.py'
21--- lib/lp/code/interfaces/codeimport.py 2010-04-04 16:48:40 +0000
22+++ lib/lp/code/interfaces/codeimport.py 2010-04-28 02:54:28 +0000
23@@ -102,7 +102,7 @@
24 URIField(title=_("URL"), required=False, readonly=True,
25 description=_("The URL of the VCS branch."),
26 allowed_schemes=["http", "https", "svn", "git"],
27- allow_userinfo=False, # Only anonymous access is supported.
28+ allow_userinfo=True,
29 allow_port=True,
30 allow_query=False, # Query makes no sense in Subversion.
31 allow_fragment=False, # Fragment makes no sense in Subversion.
32
33=== modified file 'lib/lp/code/stories/codeimport/xx-admin-codeimport.txt'
34--- lib/lp/code/stories/codeimport/xx-admin-codeimport.txt 2010-03-26 02:40:29 +0000
35+++ lib/lp/code/stories/codeimport/xx-admin-codeimport.txt 2010-04-28 02:54:28 +0000
36@@ -124,13 +124,14 @@
37 +++++++++++++++++++++++++++
38
39 The +edit-import page allows the import operator to edit the location
40-an import is from.
41+an import is from, for example to add a user name and password to the
42+url.
43
44 This is true for Subversion imports,
45
46 >>> import_browser.open(svn_import_location + '/+edit-import')
47 >>> import_browser.getControl('URL').value = \
48- ... 'svn://svn-new.example.com/fooix/trunk'
49+ ... 'svn://user:password@svn-new.example.com/fooix/trunk'
50 >>> import_browser.getControl('Update').click()
51 >>> for message in get_feedback_messages(import_browser.contents):
52 ... print extract_text(message)
53@@ -140,7 +141,7 @@
54
55 >>> import_browser.open(bzr_svn_import_location + '/+edit-import')
56 >>> import_browser.getControl('URL').value = \
57- ... 'svn://svn-new.example.com/bzr-svn/trunk'
58+ ... 'svn://user:password@svn-new.example.com/bzr-svn/trunk'
59 >>> import_browser.getControl('Update').click()
60 >>> for message in get_feedback_messages(import_browser.contents):
61 ... print extract_text(message)
62@@ -162,7 +163,7 @@
63
64 >>> import_browser.open(git_import_location + '/+edit-import')
65 >>> import_browser.getControl('URL').value = \
66- ... 'git://git-new.example.org/fooix'
67+ ... 'git://user:password@git-new.example.org/fooix'
68 >>> import_browser.getControl('Update').click()
69 >>> for message in get_feedback_messages(import_browser.contents):
70 ... print extract_text(message)
71@@ -172,7 +173,7 @@
72
73 >>> import_browser.open(hg_import_location + '/+edit-import')
74 >>> import_browser.getControl('URL').value = \
75- ... 'http://metal.example.org/bar'
76+ ... 'http://user:password@metal.example.org/bar'
77 >>> import_browser.getControl('Update').click()
78 >>> for message in get_feedback_messages(import_browser.contents):
79 ... print extract_text(message)
80@@ -312,7 +313,7 @@
81 >>> print_import_details(import_browser)
82 Import Status: Reviewed
83 This branch is an import of the Subversion branch from
84- svn://svn-new.example.com/fooix/trunk.
85+ svn://user:password@svn-new.example.com/fooix/trunk.
86 The next import is scheduled to run in 3 hours.
87 Last successful import was on 2007-09-10.
88 ...
89@@ -349,7 +350,7 @@
90 >>> print_import_details(sample_person_browser)
91 Import Status: Reviewed
92 This branch is an import of the Subversion branch from
93- svn://svn-new.example.com/fooix/trunk.
94+ svn://user:password@svn-new.example.com/fooix/trunk.
95 The next import is scheduled to run as soon as possible (requested
96 by Sample Person).
97 Last successful import was on 2007-09-10.
98
99=== modified file 'lib/lp/code/stories/codeimport/xx-create-codeimport.txt'
100--- lib/lp/code/stories/codeimport/xx-create-codeimport.txt 2010-04-23 01:21:16 +0000
101+++ lib/lp/code/stories/codeimport/xx-create-codeimport.txt 2010-04-28 02:54:28 +0000
102@@ -41,8 +41,8 @@
103 (*) Subversion
104 ( ) CVS
105
106-The user is required to enter a project that the import is for,
107-a name for the import branch, and a subversion branch location.
108+The user is required to enter a project that the import is for, a name
109+for the import branch, and a subversion branch location.
110
111 >>> browser.getControl('Branch Name').value = "imported"
112 >>> browser.getControl('Branch URL').value = (
113@@ -68,6 +68,20 @@
114 >>> print svn_span['title']
115 Subversion via bzr-svn
116
117+If the user wants, they can include a username and password in the
118+URL.
119+
120+ >>> browser.open("http://code.launchpad.dev/+code-imports/+new")
121+ >>> browser.getControl('Branch Name').value = "with-password"
122+ >>> browser.getControl('Branch URL').value = (
123+ ... "http://user:password@svn.example.com/firefox/trunk")
124+ >>> browser.getControl('Project').value = "firefox"
125+ >>> browser.getControl('Request Import').click()
126+ >>> print extract_text(find_tag_by_id(browser.contents, "import-details"))
127+ Import Status: Pending Review
128+ This branch is an import of the Subversion branch
129+ from http://user:password@svn.example.com/firefox/trunk.
130+
131
132 Requesting a Git import
133 =======================
134@@ -234,8 +248,8 @@
135 Requesting an import for a product that does not exist
136 ======================================================
137
138-If there are privacy policies that disallow the user from creating branches
139-then an error is shown to the user.
140+If the name typed in the product field does not match that of an
141+existing product, an error is shown to the user.
142
143 >>> browser.open("http://code.launchpad.dev/+code-imports/+new")
144 >>> browser.getControl('Project').value = "no-such-product"