Launchpad itself

Merge lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356 into lp:launchpad

  1. access-policy-grant-bug-search-994356
  2. Merge into devel
Proposed by Ian Booth
Status: Merged
Approved by: William Grant
Approved revision: no longer in the source branch.
Merged at revision: 15207
Proposed branch: lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356
Merge into: lp:launchpad
Diff against target: 68 lines (+32/-1)
3 files modified
database/schema/security.cfg (+1/-0)
lib/lp/bugs/doc/bugtask.txt (+21/-0)
lib/lp/bugs/model/bugtasksearch.py (+10/-1)
To merge this branch: bzr merge lp:~wallyworld/launchpad/access-policy-grant-bug-search-994356
Reviewer Review Type Date Requested Status
William Grant code Approve
Review via email: mp+104674@code.launchpad.net

Commit message

Allow bug task flat searching to honour access policy grants.

Description of the change

== Implementation ==

Add an extra query clause to _get_bug_privacy_filter_with_decorator so that bugs belonging to a pillar where the use has access via a policy grant are returned.

== Tests ==

Add a test to the bugtask.txt doc test.

== Lint ==

Checking for conflicts and issues in changed files.

Linting changed files:
  lib/lp/bugs/doc/bugtask.txt
  lib/lp/bugs/model/bugtasksearch.py

To post a comment you must log in.
Revision history for this message
William Grant (wgrant) :
review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'database/schema/security.cfg'
--- database/schema/security.cfg 2012-05-02 22:19:14 +0000
+++ database/schema/security.cfg 2012-05-04 13:09:21 +0000
@@ -1840,6 +1840,7 @@
1840[merge-proposal-jobs]1840[merge-proposal-jobs]
1841groups=script1841groups=script
1842public.account = SELECT1842public.account = SELECT
1843public.accesspolicygrant = SELECT
1843public.branch = SELECT1844public.branch = SELECT
1844public.branchjob = SELECT1845public.branchjob = SELECT
1845public.branchmergeproposal = SELECT, INSERT, UPDATE1846public.branchmergeproposal = SELECT, INSERT, UPDATE
18461847
=== modified file 'lib/lp/bugs/doc/bugtask.txt'
--- lib/lp/bugs/doc/bugtask.txt 2012-03-21 12:41:20 +0000
+++ lib/lp/bugs/doc/bugtask.txt 2012-05-04 13:09:21 +0000
@@ -774,6 +774,27 @@
774 >>> print sorted(bug_ids)774 >>> print sorted(bug_ids)
775 [1, 4, 5]775 [1, 4, 5]
776776
777We can create an access policy grant on the pillar to which the bug is
778targeted and No Privileges Person will have access to the private bug.
779
780 >>> from lp.registry.enums import InformationType
781 >>> from lp.registry.interfaces.accesspolicy import (
782 ... IAccessPolicyGrantSource,
783 ... IAccessPolicySource,
784 ... )
785 >>> aps = getUtility(IAccessPolicySource)
786 >>> [policy] = aps.find(
787 ... [(upstream_mozilla, InformationType.USERDATA)])
788 >>> apgs = getUtility(IAccessPolicyGrantSource)
789 >>> grant = apgs.grant([(policy, mr_no_privs, ubuntu_team)])
790 >>> bugtasks = upstream_mozilla.searchTasks(params)
791 >>> print bugtasks.count()
792 4
793 >>> bug_ids = [bt.bug.id for bt in bugtasks]
794 >>> print sorted(bug_ids)
795 [1, 4, 5, 6]
796 >>> apgs.revoke([(policy, mr_no_privs)])
797
777798
778Open bugtask count for a given list of projects799Open bugtask count for a given list of projects
779-----------------------------------------------800-----------------------------------------------
780801
=== modified file 'lib/lp/bugs/model/bugtasksearch.py'
--- lib/lp/bugs/model/bugtasksearch.py 2012-05-02 23:01:55 +0000
+++ lib/lp/bugs/model/bugtasksearch.py 2012-05-04 13:09:21 +0000
@@ -1431,10 +1431,19 @@
1431 return "", _nocache_bug_decorator1431 return "", _nocache_bug_decorator
14321432
1433 if use_flat:1433 if use_flat:
1434 query = ("""1434 artifact_grant_query = ("""
1435 BugTaskFlat.access_grants &&1435 BugTaskFlat.access_grants &&
1436 (SELECT array_agg(team) FROM teamparticipation WHERE person = %d)1436 (SELECT array_agg(team) FROM teamparticipation WHERE person = %d)
1437 """ % user.id)1437 """ % user.id)
1438 policy_grant_query = ("""
1439 BugTaskFlat.access_policies &&
1440 (SELECT array_agg(policy) FROM
1441 accesspolicygrant
1442 JOIN teamparticipation
1443 ON teamparticipation.team = accesspolicygrant.grantee
1444 WHERE person = %d)
1445 """ % user.id)
1446 query = "%s OR %s" % (artifact_grant_query, policy_grant_query)
1438 else:1447 else:
1439 # A subselect is used here because joining through1448 # A subselect is used here because joining through
1440 # TeamParticipation is only relevant to the "user-aware"1449 # TeamParticipation is only relevant to the "user-aware"