Merge lp:~sinzui/launchpad/hide-question-comment into lp:launchpad
| Status: | Merged | ||||
|---|---|---|---|---|---|
| Approved by: | j.c.sackett on 2012-10-30 | ||||
| Approved revision: | no longer in the source branch. | ||||
| Merged at revision: | 16216 | ||||
| Proposed branch: | lp:~sinzui/launchpad/hide-question-comment | ||||
| Merge into: | lp:launchpad | ||||
| Diff against target: |
280 lines (+62/-38) 7 files modified
lib/lp/answers/browser/question.py (+4/-2) lib/lp/answers/browser/tests/test_questionmessages.py (+20/-3) lib/lp/answers/configure.zcml (+2/-5) lib/lp/answers/doc/faq.txt (+1/-1) lib/lp/answers/model/question.py (+8/-1) lib/lp/answers/tests/test_question_webservice.py (+16/-17) lib/lp/security.py (+11/-9) |
||||
| To merge this branch: | bzr merge lp:~sinzui/launchpad/hide-question-comment | ||||
| Related bugs: |
|
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| j.c.sackett (community) | 2012-10-30 | Approve on 2012-10-30 | |
|
Review via email:
|
|||
Commit Message
Allow users to hide their question comments.
Description of the Change
Users can hide their bug comments, but not their question comment.
The QuestionMessage
user has launchpad.Moderate on the question, which users do not have.
The test must check the comment.
-------
RULES
Pre-
* security.
allows ~admins and ~registry
* The question owner check is missing.
* IQuestion is checked, but IQuestionComment is the context.
* Change the checker to be for IQuestionMessage and include
the comment owner in th check.
* Revise or remove SetQuestionComm
does not have enough information to know if the user is the comment
owner. Maybe move the permission check into setCommentVisib
as done by the rules to delete bug tasks.
QA
As a non-priv person (non-project maintainer and not ~registry)
* Visit https:/
* Verify you can add a comment.
* Verify you can hide the comment after you reload the page.
* Verify you can unhide the comment.
LINT
lib/
lib/
lib/
lib/
lib/
lib/
lib/
TEST
./bin/test -vvc lp.answers.
./bin/test -vvc -t Comment lp.answers.
LoC
This is feature work...maybe the last disclosure bug that needs to
be fixed.
IMPLEMENTATION
Fixed the doctest to reflect the permission used by the code.
lib/
Ensure comment owners can see their hidden comments and the hide/unhide
controls. Tests should *never* use admins as the creator of data -- no
admin asks a question in Lp.
lib/
lib/
lib/
Removed SetQuestionComm
determines permission to IQuestionMessag
setCommentVisib
launchpad.Moderate check on the QuestionMessage to ensure access is
still guarded. Admins do not ask questions...set the test up as
questions are really used.
lib/
lib/
lib/
lib/

Looks good, Curtis. Thanks.