Merge lp:~pfalcon/linaro-license-protection/openid-exception-for-internal-hosts into lp:~linaro-automation/linaro-license-protection/trunk
Status: | Merged |
---|---|
Approved by: | Данило Шеган |
Approved revision: | 168 |
Merged at revision: | 168 |
Proposed branch: | lp:~pfalcon/linaro-license-protection/openid-exception-for-internal-hosts |
Merge into: | lp:~linaro-automation/linaro-license-protection/trunk |
Diff against target: |
150 lines (+62/-26) 3 files modified
license_protected_downloads/tests/test_views.py (+25/-1) license_protected_downloads/tests/testserver_root/build-info/origen-blob-openid.txt (+1/-0) license_protected_downloads/views.py (+36/-25) |
To merge this branch: | bzr merge lp:~pfalcon/linaro-license-protection/openid-exception-for-internal-hosts |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Данило Шеган (community) | Approve | ||
Linaro Infrastructure | Pending | ||
Review via email: mp+149807@code.launchpad.net |
Description of the change
This does some simplification refactoring on logic in file serving method and then introduces short-circuit action early in the processing for internal trusted hosts, to make sure this short-circuit applies for any restriction checks.
Location of this short-circuit check is something which really worth a review here. file_server() method does quote a lot of checks actually, and again, it should be early enough to not hit the case we fix here (when internal hosts are locked out from access to file). So, I just started with putting it pretty early (after file path validation) and then tried to reason if it should be moved later. There's for example check for presence of BUILD-INFO.txt and bail out if it's not there. Well, I don't see any benefits of putting INTERNAL_HOSTS check after it - then only outcome we can expect from this is that if someone put botched BUILD-INFO.txt in a build, then that build won't show LAVA results in android-build, hardly a useful feature. Later in the code is handling of dir listing generation - again, this should not be needed for the kind of API access we need from INTERNAL_HOSTS.
So, summing up, IMHO location of INTERNAL_HOSTS is pretty good, but I'm open to suggestions from reviewers.
I am generally fine with your changes. I dislike shortening names like "lic" instead of "license". I would also prefer if you created the data for the tests inside tests themselves, but considering ones you are modifying don't have that, I won't make a fuss about it.
With minor comments above which are not binding, approved.