Launchpad itself

Merge lp:~stevenk/launchpad/accesspolicy-garbo into lp:launchpad

accesspolicy-garbo
Merge into devel

Proposed by Steve Kowalik on 2012-03-05

Status:

Merged

Approved by:

Steve Kowalik on 2012-03-05

Approved revision:

no longer in the source branch.

Merged at revision:

14901

Proposed branch:

lp:~stevenk/launchpad/accesspolicy-garbo

Merge into:

lp:launchpad

Diff against target:

179 lines (+96/-2)

3 files modified

database/schema/security.cfg (+1/-0)
lib/lp/scripts/garbo.py (+72/-1)
lib/lp/scripts/tests/test_garbo.py (+23/-1)

To merge this branch:

bzr merge lp:~stevenk/launchpad/accesspolicy-garbo

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Ian Booth (community)	code	2012-03-05	Approve on 2012-03-05
Review via email: mp+95834@code.launchpad.net

Commit Message

[r=wallyworld][bug=946851] Add two garbo jobs that add two AccessPolicyTypes for each product and distribution.

Description of the Change

Add two garbo jobs that add two AccessPolicyTypes for each product and distribution.

Ian Booth (wallyworld) wrote on 2012-03-05:

Nice. We should ensure the garbo job has run to completion before allowing people to make changes via the ui. The ui back end can cope with whatever is in the model, even if it is "incomplete", but other tools/scripts may not be able to.

review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to status/vote changes:

Tzaddi

Tzaddi Belding

 === modified file 'database/schema/security.cfg'
 --- database/schema/security.cfg	2012-03-02 02:51:37 +0000
 +++ database/schema/security.cfg	2012-03-05 04:37:18 +0000
@@ -2132,6 +2132,7 @@
  [garbo]
  groups=script,read
++public.accesspolicy                     = SELECT, INSERT
  public.account                          = SELECT, DELETE
  public.answercontact                    = SELECT, DELETE
  public.branch                           = SELECT, UPDATE
 === modified file 'lib/lp/scripts/garbo.py'
 --- lib/lp/scripts/garbo.py	2012-03-02 18:01:12 +0000
 +++ lib/lp/scripts/garbo.py	2012-03-05 04:37:18 +0000
@@ -13,6 +13,7 @@
      datetime,
      timedelta,
+     )
++import itertools
  import logging
  import multiprocessing
  import os
@@ -26,7 +27,12 @@
  import iso8601
  from psycopg2 import IntegrityError
  import pytz
--from storm.expr import In
++from storm.expr import (
++    Exists,
++    In,
++    Not,
++    Select,
++    )
  from storm.locals import (
      Max,
      Min,
@@ -57,7 +63,12 @@
      RevisionCache,
+     )
  from lp.hardwaredb.model.hwdb import HWSubmission
++from lp.registry.enums import AccessPolicyType
++from lp.registry.interfaces.accesspolicy import IAccessPolicySource
++from lp.registry.model.accesspolicy import AccessPolicy
++from lp.registry.model.distribution import Distribution
  from lp.registry.model.person import Person
++from lp.registry.model.product import Product
  from lp.services.config import config
  from lp.services.database import postgresql
  from lp.services.database.constants import UTC_NOW
@@ -990,6 +1001,64 @@
          transaction.commit()
++class AccessPolicyDistributionAddition(TunableLoop):
++    """A `TunableLoop` to add AccessPolicy for all distributions."""
++
++    maximum_chunk_size = 5000
++
++    def __init__(self, log, abort_time=None):
++        super(AccessPolicyDistributionAddition, self).__init__(
++            log, abort_time)
++        self.transaction = transaction
++        self.store = IMasterStore(Distribution)
++
++    def findDistributions(self):
++        return self.store.find(
++            Distribution,
++            Not(Exists(
++                Select(AccessPolicy.id,
++                tables=[AccessPolicy], where=[
++                    AccessPolicy.distribution_id == Distribution.id]))))
++
++    def isDone(self):
++        return self.findDistributions().is_empty()
++
++    def __call__(self, chunk_size):
++        policies = itertools.product(
++            self.findDistributions()[:chunk_size],
++            (AccessPolicyType.USERDATA, AccessPolicyType.EMBARGOEDSECURITY))
++        getUtility(IAccessPolicySource).create(policies)
++        self.transaction.commit()
++
++
++class AccessPolicyProductAddition(TunableLoop):
++    """A `TunableLoop` to add AccessPolicy for all products."""
++
++    maximum_chunk_size = 5000
++
++    def __init__(self, log, abort_time=None):
++        super(AccessPolicyProductAddition, self).__init__(log, abort_time)
++        self.transaction = transaction
++        self.store = IMasterStore(Product)
++
++    def findProducts(self):
++        return self.store.find(
++            Product,
++            Not(Exists(
++                Select(AccessPolicy.id, tables=[AccessPolicy], where=[
++                    AccessPolicy.product_id == Product.id]))))
++
++    def isDone(self):
++        return self.findProducts().is_empty()
++
++    def __call__(self, chunk_size):
++        policies = itertools.product(
++            self.findProducts()[:chunk_size],
++            (AccessPolicyType.USERDATA, AccessPolicyType.EMBARGOEDSECURITY))
++        getUtility(IAccessPolicySource).create(policies)
++        self.transaction.commit()
++
++
  class SpecificationWorkitemMigrator(TunableLoop):
      """Migrate work-items from Specification.whiteboard to
      SpecificationWorkItem.
@@ -1315,6 +1384,8 @@
          UnusedSessionPruner,
          DuplicateSessionPruner,
          BugHeatUpdater,
++        AccessPolicyDistributionAddition,
++        AccessPolicyProductAddition,
+         ]
      experimental_tunable_loops = []
 === modified file 'lib/lp/scripts/tests/test_garbo.py'
 --- lib/lp/scripts/tests/test_garbo.py	2012-03-02 18:01:12 +0000
 +++ lib/lp/scripts/tests/test_garbo.py	2012-03-05 04:37:18 +0000
@@ -54,6 +54,8 @@
+     )
  from lp.code.model.codeimportevent import CodeImportEvent
  from lp.code.model.codeimportresult import CodeImportResult
++from lp.registry.enums import AccessPolicyType
++from lp.registry.interfaces.accesspolicy import IAccessPolicySource
  from lp.registry.interfaces.person import IPersonSet
  from lp.scripts.garbo import (
      AntiqueSessionPruner,
@@ -136,6 +138,7 @@
              "cronscripts/garbo-hourly.py", ["-q"], expect_returncode=0)
          self.failIf(out.strip(), "Output to stdout: %s" % out)
          self.failIf(err.strip(), "Output to stderr: %s" % err)
++        DatabaseLayer.force_dirty_database()
  class BulkFoo(Storm):
@@ -1018,6 +1021,26 @@
          self.runHourly()
          self.assertNotEqual(old_update, bug.heat_last_updated)
++    def test_AccessPolicyDistributionAddition(self):
++        switch_dbuser('testadmin')
++        distribution = self.factory.makeDistribution()
++        transaction.commit()
++        self.runHourly()
++        ap = getUtility(IAccessPolicySource).findByPillar((distribution,))
++        expected = [
++            AccessPolicyType.USERDATA, AccessPolicyType.EMBARGOEDSECURITY]
++        self.assertContentEqual(expected, [policy.type for policy in ap])
++
++    def test_AccessPolicyProductAddition(self):
++        switch_dbuser('testadmin')
++        product = self.factory.makeProduct()
++        transaction.commit()
++        self.runHourly()
++        ap = getUtility(IAccessPolicySource).findByPillar((product,))
++        expected = [
++            AccessPolicyType.USERDATA, AccessPolicyType.EMBARGOEDSECURITY]
++        self.assertContentEqual(expected, [policy.type for policy in ap])
++
      def test_SpecificationWorkitemMigrator_not_enabled_by_default(self):
          self.assertFalse(getFeatureFlag('garbo.workitem_migrator.enabled'))
          switch_dbuser('testadmin')
@@ -1085,7 +1108,6 @@
          self.assertEqual(0, spec.work_items.count())
--
  class TestGarboTasks(TestCaseWithFactory):
      layer = LaunchpadZopelessLayer