Merge lp:~wallyworld/launchpad/private-owned-entity-traversal into lp:launchpad
Status: | Merged |
---|---|
Merged at revision: | 14477 |
Proposed branch: | lp:~wallyworld/launchpad/private-owned-entity-traversal |
Merge into: | lp:launchpad |
Diff against target: |
263 lines (+118/-38) 5 files modified
lib/canonical/launchpad/security.py (+38/-27) lib/lp/app/browser/launchpad.py (+2/-2) lib/lp/app/tests/test_tales.py (+30/-5) lib/lp/registry/doc/private-team-visibility.txt (+38/-0) lib/lp/testing/factory.py (+10/-4) |
To merge this branch: | bzr merge lp:~wallyworld/launchpad/private-owned-entity-traversal |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Curtis Hovey (community) | code | Approve | |
Review via email: mp+84048@code.launchpad.net |
Commit message
Users with access to private team's PPAs or branches have limited view permission on the team.
Description of the change
Users with access to private team's PPAs or branches have limited view permission on the team. This allows traversal to the branch or PPPA and also the team's name and URL to be known.
== Implementation ==
1. Change the traversal rules so that the "launchpad.
2. Enhance the private team security adaptor to check that the users with access to the team's PPAs or branches are authorised.
This change removes the hack put in place for bug 597783 which allowed subscribers to the private team's PPA to also see info they shouldn't have like team members etc.
== Tests ==
Re-run the TestArchiveSubs
Add to the private-
== Lint ==
Checking for conflicts and issues in changed files.
Linting changed files:
lib/canonical
lib/lp/
lib/lp/
I changed the archive bug you are fixing because the older bug was about not having access to the archive. The newer bug is about having access to non-traversed objects. I think your implementation is a good foundation that we can extend.
We might be missing a test. I like your additions to the doctest that we use to quickly say yes or no to a private team relationship. I see Julian's lib/lp/ soyuz/tests/ test_archive_ subscriptions. py test that verifies access to team.name, which was the the *first* attr the code tried to access then oopsed. I do not see a test that verifies either the archive page or the branch page will render in this scenario. Look at /launchpad. net/~launchpad/ +archive/ ppa /code.launchpad .net/~launchpad /launchpad- help-moin- theme/moin_ launchpad
https:/
and
https:/
In both pages I see the team *icon* with the team displayname that is a link made using the name. I do not certain limitedview permits me to see icon. Maybe we should also grant icon to limited view because we often use it with name and displayname. Does the tales formatter need to be aware that it cannot use an icon if the user has only LimiteView?
> === modified file 'lib/canonical/ launchpad/ security. py' launchpad/ security. py 2011-11-22 13:36:28 +0000 launchpad/ security. py 2011-12-01 15:21:25 +0000 TeamsExistence( AuthorizationBa se): LimitedView' cated(self) : y.PUBLIC: ted(self, user): LimitedView permission on each team which requires it. ckAuthenticated (
> --- lib/canonical/
> +++ lib/canonical/
...
> +class PublicOrPrivate
> + """Restrict knowing about private teams' existence.
> +
> + Knowing the existence of a private team allow traversing to its URL and
> + displaying basic information like name, displayname.
> + """
> + permission = 'launchpad.
> + usedfor = IPersonLimitedView
> +
> + def checkUnauthenti
> + """Unauthenticated users can only view public teams."""
> + if self.obj.visibility == PersonVisibilit
> + return True
> + return False
> +
> + def checkAuthentica
> + """By default, we simply perform a View permission check.
> +
> + We also grant limited viewability to users who can see PPAs and
> + branches owned by the team. In other scenarios, the context in which
> + the permission is required is responsible for pre-caching the
> + launchpad.
> + """
> + if self.forwardChe
> + user, self.obj, 'launchpad.View'):
> + return True
checkAuthenticated returns false by default and I was puzzled. I think this guard
needs a comment to ensure dimwitted people like myself know that the forward
check covers public teams and users, which defaults to True.
if self.forwardChe ckAuthenticated (user, self.obj, 'launchpad.View'):
# The user has full visibility of the user, the public team,
# or has view permission of the private team.
return True
> if (self.obj.is_team y.PRIVATE) :
> and self.obj.visibility == PersonVisibilit
>
> + # Grant visibility to people with subscriptions to branches owned
> + # by the private team.
> + owned_branches = ge...