Merge lp:~stevenk/launchpad/remove-logintokens-on-merge into lp:launchpad

Proposed by Steve Kowalik on 2012-09-14
Status: Merged
Approved by: Steve Kowalik on 2012-09-14
Approved revision: no longer in the source branch.
Merged at revision: 15968
Proposed branch: lp:~stevenk/launchpad/remove-logintokens-on-merge
Merge into: lp:launchpad
Diff against target: 71 lines (+24/-1)
3 files modified
database/schema/security.cfg (+1/-1)
lib/lp/registry/doc/person-merge.txt (+15/-0)
lib/lp/registry/model/person.py (+8/-0)
To merge this branch: bzr merge lp:~stevenk/launchpad/remove-logintokens-on-merge
Reviewer Review Type Date Requested Status
Ian Booth (community) 2012-09-14 Approve on 2012-09-14
Review via email: mp+124338@code.launchpad.net

Commit Message

Delete all LoginToken rows for the mergee on person merge.

Description of the Change

When people are merged, LoginToken's are transferred. This allows people to subvert ~registry-experts email by creating a person, adding an unvalidated email, deleting the person and then validating the mail. Deal with this by removing all LoginToken's on merge.

To post a comment you must log in.
Ian Booth (wallyworld) wrote :

Looks good to me but I'm not overly familiar with this part of the code base.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'database/schema/security.cfg'
2--- database/schema/security.cfg 2012-09-04 06:32:34 +0000
3+++ database/schema/security.cfg 2012-09-17 01:54:21 +0000
4@@ -2148,7 +2148,7 @@
5 public.karmacache = SELECT, DELETE
6 public.karmacategory = SELECT, DELETE
7 public.karmatotalcache = SELECT, UPDATE, DELETE
8-public.logintoken = SELECT, UPDATE
9+public.logintoken = SELECT, UPDATE, DELETE
10 public.mailinglist = SELECT, UPDATE
11 public.mailinglistsubscription = SELECT, DELETE
12 public.message = SELECT, UPDATE
13
14=== modified file 'lib/lp/registry/doc/person-merge.txt'
15--- lib/lp/registry/doc/person-merge.txt 2011-12-30 06:14:56 +0000
16+++ lib/lp/registry/doc/person-merge.txt 2012-09-17 01:54:21 +0000
17@@ -98,6 +98,16 @@
18 >>> marilize in ubuntu_translators.activemembers
19 True
20
21+marilize happens to have an LoginToken.
22+
23+ >>> from lp.services.verification.interfaces.logintoken import (
24+ ... ILoginTokenSet)
25+ >>> from lp.services.verification.interfaces.authtoken import (
26+ ... LoginTokenType)
27+ >>> token = getUtility(ILoginTokenSet).new(
28+ ... marilize, marilize.preferredemail.email, 'willdie@example.com',
29+ ... LoginTokenType.VALIDATEEMAIL)
30+
31 Do the merge!
32 -------------
33
34@@ -230,6 +240,11 @@
35
36 https://launchpad.net/name12/+editemails ...
37
38+sample has not been transferred marilize's logintoken.
39+
40+ >>> list(getUtility(ILoginTokenSet).searchByEmailRequesterAndType(
41+ ... 'willdie@example.com', sample, LoginTokenType.VALIDATEEMAIL))
42+ []
43
44 Person decoration
45 -----------------
46
47=== modified file 'lib/lp/registry/model/person.py'
48--- lib/lp/registry/model/person.py 2012-09-07 18:06:37 +0000
49+++ lib/lp/registry/model/person.py 2012-09-17 01:54:21 +0000
50@@ -3781,6 +3781,11 @@
51 naked_recipe.owner = to_person
52 naked_recipe.name = new_name
53
54+ def _mergeLoginTokens(self, cur, from_id, to_id):
55+ # Remove all LoginTokens.
56+ cur.execute('''
57+ DELETE FROM LoginToken WHERE requester=%(from_id)d''' % vars())
58+
59 def _mergeMailingListSubscriptions(self, cur, from_id, to_id):
60 # Update MailingListSubscription. Note that since all the from_id
61 # email addresses are set to NEW, all the subscriptions must be
62@@ -4381,6 +4386,9 @@
63
64 self._mergeDateCreated(cur, from_id, to_id)
65
66+ self._mergeLoginTokens(cur, from_id, to_id)
67+ skip.append(('logintoken', 'requester'))
68+
69 # Sanity check. If we have a reference that participates in a
70 # UNIQUE index, it must have already been handled by this point.
71 # We can tell this by looking at the skip list.