Launchpad itself

Merge lp:~stevenk/launchpad/link-branch-to-private-bug into lp:launchpad

  1. link-branch-to-private-bug
  2. Merge into devel
Proposed by Steve Kowalik
Status: Rejected
Rejected by: Steve Kowalik
Proposed branch: lp:~stevenk/launchpad/link-branch-to-private-bug
Merge into: lp:launchpad
Diff against target: 114 lines (+32/-9)
3 files modified
lib/lp/bugs/model/bug.py (+3/-0)
lib/lp/bugs/model/bugbranch.py (+12/-4)
lib/lp/bugs/tests/test_bugbranch.py (+17/-5)
To merge this branch: bzr merge lp:~stevenk/launchpad/link-branch-to-private-bug
Reviewer Review Type Date Requested Status
Robert Collins (community) Needs Fixing
Review via email: mp+71508@code.launchpad.net

Description of the change

When a branch is linked to a private bug, the branch should be made private too.

Clean up a bunch of lint too.

To post a comment you must log in.
Revision history for this message
Robert Collins (lifeless) wrote :

So, this is problematic because it will grant private branches (a commercial feature) to anything that has security bugs.

It also doesn't require a security policy, which I suspect will make other parts of LP fall over in a heap.

-> I think this needs more consideration, specifically around the cases for how these things should interact.

Revision history for this message
Robert Collins (lifeless) wrote :

Oh, and it will also violate an existing axiom:
 - public branches can never become private

And will be surprising for folk that have toggle a branch public explicitly to have it become private when *anyone* links it to a private bug.

I'm 'upgrading' my review to needs-fixing (and I think it needs design level fixing, not a small matter of code).

review: Needs Fixing

Unmerged revisions

13688. By Steve Kowalik

Make the branch private if the bug is when linking the two together, and lint.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lib/lp/bugs/model/bug.py'
2--- lib/lp/bugs/model/bug.py 2011-08-01 05:56:43 +0000
3+++ lib/lp/bugs/model/bug.py 2011-08-15 06:09:25 +0000
4@@ -1275,6 +1275,9 @@
5 if bug_branch.branch == branch:
6 return bug_branch
7
8+ # If the bug is private, we should make the branch private too.
9+ if self.private:
10+ removeSecurityProxy(branch).private = True
11 bug_branch = BugBranch(
12 branch=branch, bug=self, registrant=registrant)
13 branch.date_last_modified = UTC_NOW
14
15=== modified file 'lib/lp/bugs/model/bugbranch.py'
16--- lib/lp/bugs/model/bugbranch.py 2011-05-27 21:12:25 +0000
17+++ lib/lp/bugs/model/bugbranch.py 2011-08-15 06:09:25 +0000
18@@ -1,4 +1,4 @@
19-# Copyright 2009 Canonical Ltd. This software is licensed under the
20+# Copyright 2009-2011 Canonical Ltd. This software is licensed under the
21 # GNU Affero General Public License version 3 (see the file LICENSE).
22
23 # pylint: disable-msg=E0611,W0212
24@@ -7,8 +7,10 @@
25
26 __metaclass__ = type
27
28-__all__ = ["BugBranch",
29- "BugBranchSet"]
30+__all__ = [
31+ "BugBranch",
32+ "BugBranchSet"
33+ ]
34
35 from sqlobject import (
36 ForeignKey,
37@@ -24,6 +26,7 @@
38 )
39 from zope.component import getUtility
40 from zope.interface import implements
41+from zope.security.interfaces import Unauthorized
42
43 from canonical.database.constants import UTC_NOW
44 from canonical.database.datetimecol import UtcDateTimeCol
45@@ -82,7 +85,12 @@
46 from lp.bugs.model.bug import Bug
47 from lp.bugs.model.bugsubscription import BugSubscription
48
49- branch_ids = [branch.id for branch in branches]
50+ branch_ids = []
51+ for branch in branches:
52+ try:
53+ branch_ids.append(branch.id)
54+ except Unauthorized:
55+ continue # User has no permission for this branch.
56 if branch_ids == []:
57 return []
58
59
60=== modified file 'lib/lp/bugs/tests/test_bugbranch.py'
61--- lib/lp/bugs/tests/test_bugbranch.py 2011-02-10 14:42:11 +0000
62+++ lib/lp/bugs/tests/test_bugbranch.py 2011-08-15 06:09:25 +0000
63@@ -20,6 +20,7 @@
64 from lp.testing import (
65 anonymous_logged_in,
66 celebrity_logged_in,
67+ person_logged_in,
68 TestCaseWithFactory,
69 )
70
71@@ -46,7 +47,6 @@
72 branch_1 = self.factory.makeBranch()
73 branch_2 = self.factory.makeBranch()
74 bug_a = self.factory.makeBug()
75- bug_b = self.factory.makeBug()
76 self.factory.loginAsAnyone()
77 bug_a.linkBranch(branch_1, self.factory.makePerson())
78 bug_a.linkBranch(branch_2, self.factory.makePerson())
79@@ -120,15 +120,17 @@
80 def test_getBranchesWithVisibleBugs_shows_private_bugs_to_sub(self):
81 # getBranchesWithVisibleBugs will show private bugs to their
82 # subscribers.
83- branch = self.factory.makeBranch()
84+ user = self.factory.makePerson()
85+ branch = self.factory.makeBranch(owner=user)
86 bug = self.factory.makeBug(private=True)
87- user = self.factory.makePerson()
88 with celebrity_logged_in('admin'):
89 bug.subscribe(user, self.factory.makePerson())
90 bug.linkBranch(branch, self.factory.makePerson())
91 utility = getUtility(IBugBranchSet)
92- self.assertContentEqual(
93- [branch.id], utility.getBranchesWithVisibleBugs([branch], user))
94+ with person_logged_in(user):
95+ self.assertContentEqual(
96+ [branch.id],
97+ utility.getBranchesWithVisibleBugs([branch], user))
98
99 def test_getBugBranchesForBugTasks(self):
100 # IBugBranchSet.getBugBranchesForBugTasks returns all of the BugBranch
101@@ -264,3 +266,13 @@
102 self.factory.loginAsAnyone()
103 bug.linkBranch(branch, self.factory.makePerson())
104 self.assertTrue(bug.date_last_updated > last_updated)
105+
106+ def test_linking_branch_to_private_bug_makes_branch_private(self):
107+ # Linking a branch to a private bug forces the branch to be private.
108+ reporter = self.factory.makePerson()
109+ bug = self.factory.makeBug(private=True, owner=reporter)
110+ product = self.factory.makeProduct()
111+ branch = self.factory.makeBranch(owner=reporter, product=product)
112+ with person_logged_in(reporter):
113+ bug.linkBranch(branch, reporter)
114+ self.assertTrue(branch.private)