Launchpad itself

Merge lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356 into lp:launchpad

  1. access-policy-grant-bug-search-994356
  2. Merge into devel
Proposed by Ian Booth
Status: Merged
Approved by: William Grant
Approved revision: no longer in the source branch.
Merged at revision: 15207
Proposed branch: lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356
Merge into: lp:launchpad
Diff against target: 68 lines (+32/-1)
3 files modified
database/schema/security.cfg (+1/-0)
lib/lp/bugs/doc/bugtask.txt (+21/-0)
lib/lp/bugs/model/bugtasksearch.py (+10/-1)
To merge this branch: bzr merge lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356
Reviewer Review Type Date Requested Status
William Grant code Approve
Review via email: mp+104674@code.launchpad.net

Commit message

Allow bug task flat searching to honour access policy grants.

Description of the change

== Implementation ==

Add an extra query clause to _get_bug_privacy_filter_with_decorator so that bugs belonging to a pillar where the use has access via a policy grant are returned.

== Tests ==

Add a test to the bugtask.txt doc test.

== Lint ==

Checking for conflicts and issues in changed files.

Linting changed files:
  lib/lp/bugs/doc/bugtask.txt
  lib/lp/bugs/model/bugtasksearch.py

To post a comment you must log in.
Revision history for this message
William Grant (wgrant) :
review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'database/schema/security.cfg'
2--- database/schema/security.cfg 2012-05-02 22:19:14 +0000
3+++ database/schema/security.cfg 2012-05-04 13:09:21 +0000
4@@ -1840,6 +1840,7 @@
5 [merge-proposal-jobs]
6 groups=script
7 public.account = SELECT
8+public.accesspolicygrant = SELECT
9 public.branch = SELECT
10 public.branchjob = SELECT
11 public.branchmergeproposal = SELECT, INSERT, UPDATE
12
13=== modified file 'lib/lp/bugs/doc/bugtask.txt'
14--- lib/lp/bugs/doc/bugtask.txt 2012-03-21 12:41:20 +0000
15+++ lib/lp/bugs/doc/bugtask.txt 2012-05-04 13:09:21 +0000
16@@ -774,6 +774,27 @@
17 >>> print sorted(bug_ids)
18 [1, 4, 5]
19
20+We can create an access policy grant on the pillar to which the bug is
21+targeted and No Privileges Person will have access to the private bug.
22+
23+ >>> from lp.registry.enums import InformationType
24+ >>> from lp.registry.interfaces.accesspolicy import (
25+ ... IAccessPolicyGrantSource,
26+ ... IAccessPolicySource,
27+ ... )
28+ >>> aps = getUtility(IAccessPolicySource)
29+ >>> [policy] = aps.find(
30+ ... [(upstream_mozilla, InformationType.USERDATA)])
31+ >>> apgs = getUtility(IAccessPolicyGrantSource)
32+ >>> grant = apgs.grant([(policy, mr_no_privs, ubuntu_team)])
33+ >>> bugtasks = upstream_mozilla.searchTasks(params)
34+ >>> print bugtasks.count()
35+ 4
36+ >>> bug_ids = [bt.bug.id for bt in bugtasks]
37+ >>> print sorted(bug_ids)
38+ [1, 4, 5, 6]
39+ >>> apgs.revoke([(policy, mr_no_privs)])
40+
41
42 Open bugtask count for a given list of projects
43 -----------------------------------------------
44
45=== modified file 'lib/lp/bugs/model/bugtasksearch.py'
46--- lib/lp/bugs/model/bugtasksearch.py 2012-05-02 23:01:55 +0000
47+++ lib/lp/bugs/model/bugtasksearch.py 2012-05-04 13:09:21 +0000
48@@ -1431,10 +1431,19 @@
49 return "", _nocache_bug_decorator
50
51 if use_flat:
52- query = ("""
53+ artifact_grant_query = ("""
54 BugTaskFlat.access_grants &&
55 (SELECT array_agg(team) FROM teamparticipation WHERE person = %d)
56 """ % user.id)
57+ policy_grant_query = ("""
58+ BugTaskFlat.access_policies &&
59+ (SELECT array_agg(policy) FROM
60+ accesspolicygrant
61+ JOIN teamparticipation
62+ ON teamparticipation.team = accesspolicygrant.grantee
63+ WHERE person = %d)
64+ """ % user.id)
65+ query = "%s OR %s" % (artifact_grant_query, policy_grant_query)
66 else:
67 # A subselect is used here because joining through
68 # TeamParticipation is only relevant to the "user-aware"