Merge lp:~wgrant/launchpad/branchnamespace-information-type into lp:launchpad
- branchnamespace-information-type
- Merge into devel
Proposed by
William Grant
| Status: | Merged | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Approved by: | Curtis Hovey | ||||||||
| Approved revision: | no longer in the source branch. | ||||||||
| Merged at revision: | 15610 | ||||||||
| Proposed branch: | lp:~wgrant/launchpad/branchnamespace-information-type | ||||||||
| Merge into: | lp:launchpad | ||||||||
| Diff against target: |
696 lines (+137/-287) 6 files modified
lib/lp/code/errors.py (+0/-10) lib/lp/code/interfaces/branchnamespace.py (+6/-16) lib/lp/code/model/branch.py (+6/-9) lib/lp/code/model/branchnamespace.py (+52/-76) lib/lp/code/model/tests/test_branch.py (+5/-6) lib/lp/code/model/tests/test_branchnamespace.py (+68/-170) |
||||||||
| To merge this branch: | bzr merge lp:~wgrant/launchpad/branchnamespace-information-type | ||||||||
| Related bugs: |
|
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Curtis Hovey (community) | code | Approve | |
|
Review via email:
|
|||
Commit message
Start porting IBranchNamespace's privacy methods to information types.
Description of the change
This branch prepares IBranchNamespace for the BranchVisibilit
This does not yet change any behaviour. The namespace implementations still allow combinations of PUBLIC_
Some callsites are only minimally shimmed around the new getAllowedInfor
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
| 1 | === modified file 'lib/lp/code/errors.py' | |||
| 2 | --- lib/lp/code/errors.py 2012-05-24 02:16:59 +0000 | |||
| 3 | +++ lib/lp/code/errors.py 2012-07-11 12:28:19 +0000 | |||
| 4 | @@ -8,8 +8,6 @@ | |||
| 5 | 8 | 'AlreadyLatestFormat', | 8 | 'AlreadyLatestFormat', |
| 6 | 9 | 'BadBranchMergeProposalSearchContext', | 9 | 'BadBranchMergeProposalSearchContext', |
| 7 | 10 | 'BadStateTransition', | 10 | 'BadStateTransition', |
| 8 | 11 | 'BranchCannotBePrivate', | ||
| 9 | 12 | 'BranchCannotBePublic', | ||
| 10 | 13 | 'BranchCannotChangeInformationType', | 11 | 'BranchCannotChangeInformationType', |
| 11 | 14 | 'BranchCreationException', | 12 | 'BranchCreationException', |
| 12 | 15 | 'BranchCreationForbidden', | 13 | 'BranchCreationForbidden', |
| 13 | @@ -148,14 +146,6 @@ | |||
| 14 | 148 | """ | 146 | """ |
| 15 | 149 | 147 | ||
| 16 | 150 | 148 | ||
| 17 | 151 | class BranchCannotBePublic(Exception): | ||
| 18 | 152 | """The branch cannot be made public.""" | ||
| 19 | 153 | |||
| 20 | 154 | |||
| 21 | 155 | class BranchCannotBePrivate(Exception): | ||
| 22 | 156 | """The branch cannot be made private.""" | ||
| 23 | 157 | |||
| 24 | 158 | |||
| 25 | 159 | class BranchCannotChangeInformationType(Exception): | 149 | class BranchCannotChangeInformationType(Exception): |
| 26 | 160 | """The information type of this branch cannot be changed.""" | 150 | """The information type of this branch cannot be changed.""" |
| 27 | 161 | 151 | ||
| 28 | 162 | 152 | ||
| 29 | === modified file 'lib/lp/code/interfaces/branchnamespace.py' | |||
| 30 | --- lib/lp/code/interfaces/branchnamespace.py 2011-03-03 01:13:47 +0000 | |||
| 31 | +++ lib/lp/code/interfaces/branchnamespace.py 2012-07-11 12:28:19 +0000 | |||
| 32 | @@ -110,6 +110,12 @@ | |||
| 33 | 110 | :return: A Boolean value. | 110 | :return: A Boolean value. |
| 34 | 111 | """ | 111 | """ |
| 35 | 112 | 112 | ||
| 36 | 113 | def getAllowedInformationTypes(): | ||
| 37 | 114 | """Get the information types that a branch in this namespace can have. | ||
| 38 | 115 | |||
| 39 | 116 | :return: A sequence of `InformationType`s. | ||
| 40 | 117 | """ | ||
| 41 | 118 | |||
| 42 | 113 | def areNewBranchesPrivate(): | 119 | def areNewBranchesPrivate(): |
| 43 | 114 | """Are new branches in this namespace private? | 120 | """Are new branches in this namespace private? |
| 44 | 115 | 121 | ||
| 45 | @@ -118,22 +124,6 @@ | |||
| 46 | 118 | :return: A Boolean value. | 124 | :return: A Boolean value. |
| 47 | 119 | """ | 125 | """ |
| 48 | 120 | 126 | ||
| 49 | 121 | def canBranchesBePrivate(): | ||
| 50 | 122 | """Can branches by the user be private in this namespace? | ||
| 51 | 123 | |||
| 52 | 124 | No check is made about whether or not a user can create branches. | ||
| 53 | 125 | |||
| 54 | 126 | :return: A Boolean value. | ||
| 55 | 127 | """ | ||
| 56 | 128 | |||
| 57 | 129 | def canBranchesBePublic(): | ||
| 58 | 130 | """Can branches by the user be public in this namespace? | ||
| 59 | 131 | |||
| 60 | 132 | No check is made about whether or not a user can create branches. | ||
| 61 | 133 | |||
| 62 | 134 | :return: A Boolean value. | ||
| 63 | 135 | """ | ||
| 64 | 136 | |||
| 65 | 137 | def validateRegistrant(registrant): | 127 | def validateRegistrant(registrant): |
| 66 | 138 | """Check that the registrant can create a branch on this namespace. | 128 | """Check that the registrant can create a branch on this namespace. |
| 67 | 139 | 129 | ||
| 68 | 140 | 130 | ||
| 69 | === modified file 'lib/lp/code/model/branch.py' | |||
| 70 | --- lib/lp/code/model/branch.py 2012-07-10 09:51:13 +0000 | |||
| 71 | +++ lib/lp/code/model/branch.py 2012-07-11 12:28:19 +0000 | |||
| 72 | @@ -83,8 +83,6 @@ | |||
| 73 | 83 | ) | 83 | ) |
| 74 | 84 | from lp.code.errors import ( | 84 | from lp.code.errors import ( |
| 75 | 85 | AlreadyLatestFormat, | 85 | AlreadyLatestFormat, |
| 76 | 86 | BranchCannotBePrivate, | ||
| 77 | 87 | BranchCannotBePublic, | ||
| 78 | 88 | BranchCannotChangeInformationType, | 86 | BranchCannotChangeInformationType, |
| 79 | 89 | BranchMergeProposalExists, | 87 | BranchMergeProposalExists, |
| 80 | 90 | BranchTargetError, | 88 | BranchTargetError, |
| 81 | @@ -248,14 +246,11 @@ | |||
| 82 | 248 | and self.stacked_on.information_type in PRIVATE_INFORMATION_TYPES | 246 | and self.stacked_on.information_type in PRIVATE_INFORMATION_TYPES |
| 83 | 249 | and information_type in PUBLIC_INFORMATION_TYPES): | 247 | and information_type in PUBLIC_INFORMATION_TYPES): |
| 84 | 250 | raise BranchCannotChangeInformationType() | 248 | raise BranchCannotChangeInformationType() |
| 85 | 251 | private = information_type in PRIVATE_INFORMATION_TYPES | ||
| 86 | 252 | # Only check the privacy policy if the user is not special. | 249 | # Only check the privacy policy if the user is not special. |
| 87 | 253 | if verify_policy and not user_has_special_branch_access(who): | 250 | if verify_policy and not user_has_special_branch_access(who): |
| 88 | 254 | policy = IBranchNamespacePolicy(self.namespace) | 251 | policy = IBranchNamespacePolicy(self.namespace) |
| 93 | 255 | if private and not policy.canBranchesBePrivate(): | 252 | if information_type not in policy.getAllowedInformationTypes(): |
| 94 | 256 | raise BranchCannotBePrivate() | 253 | raise BranchCannotChangeInformationType() |
| 91 | 257 | if not private and not policy.canBranchesBePublic(): | ||
| 92 | 258 | raise BranchCannotBePublic() | ||
| 95 | 259 | self.information_type = information_type | 254 | self.information_type = information_type |
| 96 | 260 | self._reconcileAccess() | 255 | self._reconcileAccess() |
| 97 | 261 | if information_type in PRIVATE_INFORMATION_TYPES: | 256 | if information_type in PRIVATE_INFORMATION_TYPES: |
| 98 | @@ -1300,13 +1295,15 @@ | |||
| 99 | 1300 | def canBePublic(self, user): | 1295 | def canBePublic(self, user): |
| 100 | 1301 | """See `IBranch`.""" | 1296 | """See `IBranch`.""" |
| 101 | 1302 | policy = IBranchNamespacePolicy(self.namespace) | 1297 | policy = IBranchNamespacePolicy(self.namespace) |
| 103 | 1303 | return policy.canBranchesBePublic() | 1298 | return InformationType.PUBLIC in policy.getAllowedInformationTypes() |
| 104 | 1304 | 1299 | ||
| 105 | 1305 | def canBePrivate(self, user): | 1300 | def canBePrivate(self, user): |
| 106 | 1306 | """See `IBranch`.""" | 1301 | """See `IBranch`.""" |
| 107 | 1307 | policy = IBranchNamespacePolicy(self.namespace) | 1302 | policy = IBranchNamespacePolicy(self.namespace) |
| 108 | 1308 | # Do the easy checks first. | 1303 | # Do the easy checks first. |
| 110 | 1309 | if (policy.canBranchesBePrivate() or | 1304 | policy_allows = ( |
| 111 | 1305 | InformationType.USERDATA in policy.getAllowedInformationTypes()) | ||
| 112 | 1306 | if (policy_allows or | ||
| 113 | 1310 | user_has_special_branch_access(user) or | 1307 | user_has_special_branch_access(user) or |
| 114 | 1311 | user.visibility == PersonVisibility.PRIVATE): | 1308 | user.visibility == PersonVisibility.PRIVATE): |
| 115 | 1312 | return True | 1309 | return True |
| 116 | 1313 | 1310 | ||
| 117 | === modified file 'lib/lp/code/model/branchnamespace.py' | |||
| 118 | --- lib/lp/code/model/branchnamespace.py 2012-06-14 09:09:59 +0000 | |||
| 119 | +++ lib/lp/code/model/branchnamespace.py 2012-07-11 12:28:19 +0000 | |||
| 120 | @@ -44,7 +44,11 @@ | |||
| 121 | 44 | ) | 44 | ) |
| 122 | 45 | from lp.code.interfaces.branchtarget import IBranchTarget | 45 | from lp.code.interfaces.branchtarget import IBranchTarget |
| 123 | 46 | from lp.code.model.branch import Branch | 46 | from lp.code.model.branch import Branch |
| 125 | 47 | from lp.registry.enums import InformationType | 47 | from lp.registry.enums import ( |
| 126 | 48 | InformationType, | ||
| 127 | 49 | PRIVATE_INFORMATION_TYPES, | ||
| 128 | 50 | PUBLIC_INFORMATION_TYPES, | ||
| 129 | 51 | ) | ||
| 130 | 48 | from lp.registry.errors import ( | 52 | from lp.registry.errors import ( |
| 131 | 49 | NoSuchDistroSeries, | 53 | NoSuchDistroSeries, |
| 132 | 50 | NoSuchSourcePackageName, | 54 | NoSuchSourcePackageName, |
| 133 | @@ -168,7 +172,7 @@ | |||
| 134 | 168 | "%s cannot create branches owned by %s" | 172 | "%s cannot create branches owned by %s" |
| 135 | 169 | % (registrant.displayname, owner.displayname)) | 173 | % (registrant.displayname, owner.displayname)) |
| 136 | 170 | 174 | ||
| 138 | 171 | if not self.checkCreationPolicy(registrant): | 175 | if not self.getAllowedInformationTypes(): |
| 139 | 172 | raise BranchCreationForbidden( | 176 | raise BranchCreationForbidden( |
| 140 | 173 | 'You cannot create branches in "%s"' % self.name) | 177 | 'You cannot create branches in "%s"' % self.name) |
| 141 | 174 | 178 | ||
| 142 | @@ -261,30 +265,18 @@ | |||
| 143 | 261 | else: | 265 | else: |
| 144 | 262 | return True | 266 | return True |
| 145 | 263 | 267 | ||
| 146 | 268 | def getAllowedInformationTypes(self): | ||
| 147 | 269 | """See `IBranchNamespace`.""" | ||
| 148 | 270 | raise NotImplementedError | ||
| 149 | 271 | |||
| 150 | 264 | def areNewBranchesPrivate(self): | 272 | def areNewBranchesPrivate(self): |
| 151 | 265 | """See `IBranchNamespace`.""" | 273 | """See `IBranchNamespace`.""" |
| 162 | 266 | # Always delegates to canBranchesBePrivate for now. | 274 | return InformationType.USERDATA in self.getAllowedInformationTypes() |
| 153 | 267 | return self.canBranchesBePrivate() | ||
| 154 | 268 | |||
| 155 | 269 | def canBranchesBePrivate(self): | ||
| 156 | 270 | """See `IBranchNamespace`.""" | ||
| 157 | 271 | raise NotImplementedError(self.canBranchesBePrivate) | ||
| 158 | 272 | |||
| 159 | 273 | def canBranchesBePublic(self): | ||
| 160 | 274 | """See `IBranchNamespace`.""" | ||
| 161 | 275 | raise NotImplementedError(self.canBranchesBePublic) | ||
| 163 | 276 | 275 | ||
| 164 | 277 | def getPrivacySubscriber(self): | 276 | def getPrivacySubscriber(self): |
| 165 | 278 | """See `IBranchNamespace`.""" | 277 | """See `IBranchNamespace`.""" |
| 166 | 279 | raise NotImplementedError(self.getPrivacySubscriber) | 278 | raise NotImplementedError(self.getPrivacySubscriber) |
| 167 | 280 | 279 | ||
| 168 | 281 | def checkCreationPolicy(self, user): | ||
| 169 | 282 | """Check to see if user is allowed a branch in this namespace. | ||
| 170 | 283 | |||
| 171 | 284 | :return: True if the user is allowed, False otherwise. | ||
| 172 | 285 | """ | ||
| 173 | 286 | raise NotImplementedError(self.checkCreationPolicy) | ||
| 174 | 287 | |||
| 175 | 288 | 280 | ||
| 176 | 289 | class PersonalNamespace(_BaseNamespace): | 281 | class PersonalNamespace(_BaseNamespace): |
| 177 | 290 | """A namespace for personal (or 'junk') branches. | 282 | """A namespace for personal (or 'junk') branches. |
| 178 | @@ -307,26 +299,19 @@ | |||
| 179 | 307 | """See `IBranchNamespace`.""" | 299 | """See `IBranchNamespace`.""" |
| 180 | 308 | return '~%s/+junk' % self.owner.name | 300 | return '~%s/+junk' % self.owner.name |
| 181 | 309 | 301 | ||
| 193 | 310 | def canBranchesBePrivate(self): | 302 | def getAllowedInformationTypes(self): |
| 194 | 311 | """See `IBranchNamespace`.""" | 303 | """See `IBranchNamespace`.""" |
| 195 | 312 | private = False | 304 | # Private teams get private branches, everyone else gets public ones. |
| 196 | 313 | if self.owner.is_team and ( | 305 | if (self.owner.is_team |
| 197 | 314 | self.owner.visibility == PersonVisibility.PRIVATE): | 306 | and self.owner.visibility == PersonVisibility.PRIVATE): |
| 198 | 315 | private = True | 307 | return PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES |
| 199 | 316 | return private | 308 | else: |
| 200 | 317 | 309 | return PUBLIC_INFORMATION_TYPES | |
| 190 | 318 | def canBranchesBePublic(self): | ||
| 191 | 319 | """See `IBranchNamespace`.""" | ||
| 192 | 320 | return True | ||
| 201 | 321 | 310 | ||
| 202 | 322 | def getPrivacySubscriber(self): | 311 | def getPrivacySubscriber(self): |
| 203 | 323 | """See `IBranchNamespace`.""" | 312 | """See `IBranchNamespace`.""" |
| 204 | 324 | return None | 313 | return None |
| 205 | 325 | 314 | ||
| 206 | 326 | def checkCreationPolicy(self, user): | ||
| 207 | 327 | """See `_BaseNamespace`.""" | ||
| 208 | 328 | return True | ||
| 209 | 329 | |||
| 210 | 330 | @property | 315 | @property |
| 211 | 331 | def target(self): | 316 | def target(self): |
| 212 | 332 | """See `IBranchNamespace`.""" | 317 | """See `IBranchNamespace`.""" |
| 213 | @@ -388,40 +373,39 @@ | |||
| 214 | 388 | else: | 373 | else: |
| 215 | 389 | return None | 374 | return None |
| 216 | 390 | 375 | ||
| 225 | 391 | def checkCreationPolicy(self, user): | 376 | def getAllowedInformationTypes(self): |
| 218 | 392 | """See `_BaseNamespace`.""" | ||
| 219 | 393 | if len(self._getRelatedPolicies()) > 0: | ||
| 220 | 394 | return True | ||
| 221 | 395 | base_rule = self.product.getBaseBranchVisibilityRule() | ||
| 222 | 396 | return base_rule == BranchVisibilityRule.PUBLIC | ||
| 223 | 397 | |||
| 224 | 398 | def canBranchesBePrivate(self): | ||
| 226 | 399 | """See `IBranchNamespace`.""" | 377 | """See `IBranchNamespace`.""" |
| 229 | 400 | # If there is a rule for the namespace owner, use that. | 378 | private_rules = ( |
| 228 | 401 | private = ( | ||
| 230 | 402 | BranchVisibilityRule.PRIVATE, | 379 | BranchVisibilityRule.PRIVATE, |
| 231 | 403 | BranchVisibilityRule.PRIVATE_ONLY) | 380 | BranchVisibilityRule.PRIVATE_ONLY) |
| 253 | 404 | rule = self.product.getBranchVisibilityRuleForTeam(self.owner) | 381 | |
| 254 | 405 | if rule is not None: | 382 | rule = self.product.getBranchVisibilityRuleForTeam(self.owner) |
| 255 | 406 | return rule in private | 383 | if rule is not None: |
| 256 | 407 | # If the owner is a member of any team that has a PRIVATE or | 384 | # If there is an explicit rule for the namespace owner, use that. |
| 257 | 408 | # PRIVATE_ONLY rule, then the branches are private. | 385 | private = rule in private_rules |
| 258 | 409 | return len(self._getRelatedPrivatePolicies()) > 0 | 386 | public = rule != BranchVisibilityRule.PRIVATE_ONLY |
| 259 | 410 | 387 | else: | |
| 260 | 411 | def canBranchesBePublic(self): | 388 | # Otherwise find all the rules for the owner's teams. |
| 261 | 412 | """See `IBranchNamespace`.""" | 389 | related_rules = set(p.rule for p in self._getRelatedPolicies()) |
| 262 | 413 | # If there is an explicit rule for the namespace owner, use that. | 390 | |
| 263 | 414 | rule = self.product.getBranchVisibilityRuleForTeam(self.owner) | 391 | # If any of the rules allow private branches, allow them. |
| 264 | 415 | if rule is not None: | 392 | private = bool(related_rules.intersection(private_rules)) |
| 265 | 416 | return rule != BranchVisibilityRule.PRIVATE_ONLY | 393 | |
| 266 | 417 | # If there is another policy that allows public, then branches can be | 394 | # If any of the rules allow public branches, allow them. |
| 267 | 418 | # public. | 395 | if related_rules.difference([BranchVisibilityRule.PRIVATE_ONLY]): |
| 268 | 419 | for policy in self._getRelatedPolicies(): | 396 | public = True |
| 269 | 420 | if policy.rule != BranchVisibilityRule.PRIVATE_ONLY: | 397 | else: |
| 270 | 421 | return True | 398 | # There's no team-specific rules, or none of them allow |
| 271 | 422 | # If the default is public, then we can have public branches. | 399 | # public branches. Fall back to the default rule. |
| 272 | 423 | base_rule = self.product.getBaseBranchVisibilityRule() | 400 | base_rule = self.product.getBaseBranchVisibilityRule() |
| 273 | 424 | return base_rule == BranchVisibilityRule.PUBLIC | 401 | public = base_rule == BranchVisibilityRule.PUBLIC |
| 274 | 402 | |||
| 275 | 403 | types = [] | ||
| 276 | 404 | if public: | ||
| 277 | 405 | types.extend(PUBLIC_INFORMATION_TYPES) | ||
| 278 | 406 | if private: | ||
| 279 | 407 | types.extend(PRIVATE_INFORMATION_TYPES) | ||
| 280 | 408 | return types | ||
| 281 | 425 | 409 | ||
| 282 | 426 | 410 | ||
| 283 | 427 | class PackageNamespace(_BaseNamespace): | 411 | class PackageNamespace(_BaseNamespace): |
| 284 | @@ -453,22 +437,14 @@ | |||
| 285 | 453 | """See `IBranchNamespace`.""" | 437 | """See `IBranchNamespace`.""" |
| 286 | 454 | return IBranchTarget(self.sourcepackage) | 438 | return IBranchTarget(self.sourcepackage) |
| 287 | 455 | 439 | ||
| 295 | 456 | def canBranchesBePrivate(self): | 440 | def getAllowedInformationTypes(self): |
| 296 | 457 | """See `IBranchNamespace`.""" | 441 | """See `IBranchNamespace`.""" |
| 297 | 458 | return False | 442 | return PUBLIC_INFORMATION_TYPES |
| 291 | 459 | |||
| 292 | 460 | def canBranchesBePublic(self): | ||
| 293 | 461 | """See `IBranchNamespace`.""" | ||
| 294 | 462 | return True | ||
| 298 | 463 | 443 | ||
| 299 | 464 | def getPrivacySubscriber(self): | 444 | def getPrivacySubscriber(self): |
| 300 | 465 | """See `IBranchNamespace`.""" | 445 | """See `IBranchNamespace`.""" |
| 301 | 466 | return None | 446 | return None |
| 302 | 467 | 447 | ||
| 303 | 468 | def checkCreationPolicy(self, user): | ||
| 304 | 469 | """See `_BaseNamespace`.""" | ||
| 305 | 470 | return True | ||
| 306 | 471 | |||
| 307 | 472 | 448 | ||
| 308 | 473 | class BranchNamespaceSet: | 449 | class BranchNamespaceSet: |
| 309 | 474 | """Only implementation of `IBranchNamespaceSet`.""" | 450 | """Only implementation of `IBranchNamespaceSet`.""" |
| 310 | 475 | 451 | ||
| 311 | === modified file 'lib/lp/code/model/tests/test_branch.py' | |||
| 312 | --- lib/lp/code/model/tests/test_branch.py 2012-07-09 00:18:47 +0000 | |||
| 313 | +++ lib/lp/code/model/tests/test_branch.py 2012-07-11 12:28:19 +0000 | |||
| 314 | @@ -54,8 +54,6 @@ | |||
| 315 | 54 | ) | 54 | ) |
| 316 | 55 | from lp.code.errors import ( | 55 | from lp.code.errors import ( |
| 317 | 56 | AlreadyLatestFormat, | 56 | AlreadyLatestFormat, |
| 318 | 57 | BranchCannotBePrivate, | ||
| 319 | 58 | BranchCannotBePublic, | ||
| 320 | 59 | BranchCannotChangeInformationType, | 57 | BranchCannotChangeInformationType, |
| 321 | 60 | BranchCreatorNotMemberOfOwnerTeam, | 58 | BranchCreatorNotMemberOfOwnerTeam, |
| 322 | 61 | BranchCreatorNotOwner, | 59 | BranchCreatorNotOwner, |
| 323 | @@ -2419,10 +2417,10 @@ | |||
| 324 | 2419 | 2417 | ||
| 325 | 2420 | def test_public_to_private_not_allowed(self): | 2418 | def test_public_to_private_not_allowed(self): |
| 326 | 2421 | # If there are no privacy policies allowing private branches, then | 2419 | # If there are no privacy policies allowing private branches, then |
| 328 | 2422 | # BranchCannotBePrivate is rasied. | 2420 | # BranchCannotChangeInformationType is rasied. |
| 329 | 2423 | branch = self.factory.makeProductBranch() | 2421 | branch = self.factory.makeProductBranch() |
| 330 | 2424 | self.assertRaises( | 2422 | self.assertRaises( |
| 332 | 2425 | BranchCannotBePrivate, | 2423 | BranchCannotChangeInformationType, |
| 333 | 2426 | branch.setPrivate, | 2424 | branch.setPrivate, |
| 334 | 2427 | True, branch.owner) | 2425 | True, branch.owner) |
| 335 | 2428 | 2426 | ||
| 336 | @@ -2460,7 +2458,8 @@ | |||
| 337 | 2460 | 2458 | ||
| 338 | 2461 | def test_private_to_public_not_allowed(self): | 2459 | def test_private_to_public_not_allowed(self): |
| 339 | 2462 | # If the namespace policy does not allow public branches, attempting | 2460 | # If the namespace policy does not allow public branches, attempting |
| 341 | 2463 | # to change the branch to be public raises BranchCannotBePublic. | 2461 | # to change the branch to be public raises |
| 342 | 2462 | # BranchCannotChangeInformationType. | ||
| 343 | 2464 | branch = self.factory.makeProductBranch( | 2463 | branch = self.factory.makeProductBranch( |
| 344 | 2465 | information_type=InformationType.USERDATA) | 2464 | information_type=InformationType.USERDATA) |
| 345 | 2466 | branch.product.setBranchVisibilityTeamPolicy( | 2465 | branch.product.setBranchVisibilityTeamPolicy( |
| 346 | @@ -2468,7 +2467,7 @@ | |||
| 347 | 2468 | branch.product.setBranchVisibilityTeamPolicy( | 2467 | branch.product.setBranchVisibilityTeamPolicy( |
| 348 | 2469 | branch.owner, BranchVisibilityRule.PRIVATE_ONLY) | 2468 | branch.owner, BranchVisibilityRule.PRIVATE_ONLY) |
| 349 | 2470 | self.assertRaises( | 2469 | self.assertRaises( |
| 351 | 2471 | BranchCannotBePublic, | 2470 | BranchCannotChangeInformationType, |
| 352 | 2472 | branch.setPrivate, | 2471 | branch.setPrivate, |
| 353 | 2473 | False, branch.owner) | 2472 | False, branch.owner) |
| 354 | 2474 | 2473 | ||
| 355 | 2475 | 2474 | ||
| 356 | === modified file 'lib/lp/code/model/tests/test_branchnamespace.py' | |||
| 357 | --- lib/lp/code/model/tests/test_branchnamespace.py 2012-06-08 06:01:50 +0000 | |||
| 358 | +++ lib/lp/code/model/tests/test_branchnamespace.py 2012-07-11 12:28:19 +0000 | |||
| 359 | @@ -35,7 +35,11 @@ | |||
| 360 | 35 | PersonalNamespace, | 35 | PersonalNamespace, |
| 361 | 36 | ProductNamespace, | 36 | ProductNamespace, |
| 362 | 37 | ) | 37 | ) |
| 364 | 38 | from lp.registry.enums import InformationType | 38 | from lp.registry.enums import ( |
| 365 | 39 | InformationType, | ||
| 366 | 40 | PRIVATE_INFORMATION_TYPES, | ||
| 367 | 41 | PUBLIC_INFORMATION_TYPES, | ||
| 368 | 42 | ) | ||
| 369 | 39 | from lp.registry.errors import ( | 43 | from lp.registry.errors import ( |
| 370 | 40 | NoSuchDistroSeries, | 44 | NoSuchDistroSeries, |
| 371 | 41 | NoSuchSourcePackageName, | 45 | NoSuchSourcePackageName, |
| 372 | @@ -974,8 +978,8 @@ | |||
| 373 | 974 | BranchVisibilityRule.PRIVATE_ONLY) | 978 | BranchVisibilityRule.PRIVATE_ONLY) |
| 374 | 975 | 979 | ||
| 375 | 976 | 980 | ||
| 378 | 977 | class TestPersonalNamespaceCanBranchesBePrivate(TestCaseWithFactory): | 981 | class TestPersonalNamespaceAllowedInformationTypes(TestCaseWithFactory): |
| 379 | 978 | """Tests for PersonalNamespace.canBranchesBePrivate.""" | 982 | """Tests for PersonalNamespace.getAllowedInformationTypes.""" |
| 380 | 979 | 983 | ||
| 381 | 980 | layer = DatabaseFunctionalLayer | 984 | layer = DatabaseFunctionalLayer |
| 382 | 981 | 985 | ||
| 383 | @@ -983,61 +987,44 @@ | |||
| 384 | 983 | # +junk branches are not private for individuals | 987 | # +junk branches are not private for individuals |
| 385 | 984 | person = self.factory.makePerson() | 988 | person = self.factory.makePerson() |
| 386 | 985 | namespace = PersonalNamespace(person) | 989 | namespace = PersonalNamespace(person) |
| 388 | 986 | self.assertFalse(namespace.canBranchesBePrivate()) | 990 | self.assertContentEqual( |
| 389 | 991 | PUBLIC_INFORMATION_TYPES, | ||
| 390 | 992 | namespace.getAllowedInformationTypes()) | ||
| 391 | 987 | 993 | ||
| 392 | 988 | def test_public_team(self): | 994 | def test_public_team(self): |
| 393 | 989 | # +junk branches for public teams cannot be private | 995 | # +junk branches for public teams cannot be private |
| 394 | 990 | team = self.factory.makeTeam() | 996 | team = self.factory.makeTeam() |
| 395 | 991 | namespace = PersonalNamespace(team) | 997 | namespace = PersonalNamespace(team) |
| 397 | 992 | self.assertFalse(namespace.canBranchesBePrivate()) | 998 | self.assertContentEqual( |
| 398 | 999 | PUBLIC_INFORMATION_TYPES, | ||
| 399 | 1000 | namespace.getAllowedInformationTypes()) | ||
| 400 | 993 | 1001 | ||
| 401 | 994 | def test_private_team(self): | 1002 | def test_private_team(self): |
| 403 | 995 | # +junk branches can be private for private teams | 1003 | # +junk branches can be private or public for private teams |
| 404 | 996 | team = self.factory.makeTeam(visibility=PersonVisibility.PRIVATE) | 1004 | team = self.factory.makeTeam(visibility=PersonVisibility.PRIVATE) |
| 405 | 997 | namespace = PersonalNamespace(team) | 1005 | namespace = PersonalNamespace(team) |
| 449 | 998 | self.assertTrue(namespace.canBranchesBePrivate()) | 1006 | self.assertContentEqual( |
| 450 | 999 | 1007 | PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES, | |
| 451 | 1000 | 1008 | namespace.getAllowedInformationTypes()) | |
| 452 | 1001 | class TestPersonalNamespaceCanBranchesBePublic(TestCaseWithFactory): | 1009 | |
| 453 | 1002 | """Tests for PersonalNamespace.canBranchesBePublic.""" | 1010 | |
| 454 | 1003 | 1011 | class TestPackageNamespaceAllowedInformationTypes(TestCaseWithFactory): | |
| 455 | 1004 | layer = DatabaseFunctionalLayer | 1012 | """Tests for PackageNamespace.getAllowedInformationTypes.""" |
| 456 | 1005 | 1013 | ||
| 457 | 1006 | def test_anyone(self): | 1014 | layer = DatabaseFunctionalLayer |
| 458 | 1007 | # All +junk branches are public. | 1015 | |
| 459 | 1008 | person = self.factory.makePerson() | 1016 | def test_anyone(self): |
| 460 | 1009 | namespace = PersonalNamespace(person) | 1017 | # Source package branches are always public. |
| 461 | 1010 | self.assertTrue(namespace.canBranchesBePublic()) | 1018 | source_package = self.factory.makeSourcePackage() |
| 462 | 1011 | 1019 | person = self.factory.makePerson() | |
| 463 | 1012 | 1020 | namespace = PackageNamespace(person, source_package) | |
| 464 | 1013 | class TestPackageNamespaceCanBranchesBePrivate(TestCaseWithFactory): | 1021 | self.assertContentEqual( |
| 465 | 1014 | """Tests for PackageNamespace.canBranchesBePrivate.""" | 1022 | PUBLIC_INFORMATION_TYPES, |
| 466 | 1015 | 1023 | namespace.getAllowedInformationTypes()) | |
| 467 | 1016 | layer = DatabaseFunctionalLayer | 1024 | |
| 468 | 1017 | 1025 | ||
| 469 | 1018 | def test_anyone(self): | 1026 | class TestProductNamespaceAllowedInformationTypes(TestCaseWithFactory): |
| 470 | 1019 | # No source package branches are private. | 1027 | """Tests for ProductNamespace.getAllowedInformationTypes.""" |
| 428 | 1020 | source_package = self.factory.makeSourcePackage() | ||
| 429 | 1021 | person = self.factory.makePerson() | ||
| 430 | 1022 | namespace = PackageNamespace(person, source_package) | ||
| 431 | 1023 | self.assertFalse(namespace.canBranchesBePrivate()) | ||
| 432 | 1024 | |||
| 433 | 1025 | |||
| 434 | 1026 | class TestPackageNamespaceCanBranchesBePublic(TestCaseWithFactory): | ||
| 435 | 1027 | """Tests for PackageNamespace.canBranchesBePublic.""" | ||
| 436 | 1028 | |||
| 437 | 1029 | layer = DatabaseFunctionalLayer | ||
| 438 | 1030 | |||
| 439 | 1031 | def test_anyone(self): | ||
| 440 | 1032 | # All source package branches are public. | ||
| 441 | 1033 | source_package = self.factory.makeSourcePackage() | ||
| 442 | 1034 | person = self.factory.makePerson() | ||
| 443 | 1035 | namespace = PackageNamespace(person, source_package) | ||
| 444 | 1036 | self.assertTrue(namespace.canBranchesBePublic()) | ||
| 445 | 1037 | |||
| 446 | 1038 | |||
| 447 | 1039 | class TestProductNamespaceCanBranchesBePrivate(TestCaseWithFactory): | ||
| 448 | 1040 | """Tests for ProductNamespace.canBranchesBePrivate.""" | ||
| 471 | 1041 | 1028 | ||
| 472 | 1042 | layer = DatabaseFunctionalLayer | 1029 | layer = DatabaseFunctionalLayer |
| 473 | 1043 | 1030 | ||
| 474 | @@ -1048,33 +1035,26 @@ | |||
| 475 | 1048 | def _getNamespace(self, owner): | 1035 | def _getNamespace(self, owner): |
| 476 | 1049 | return ProductNamespace(owner, self.product) | 1036 | return ProductNamespace(owner, self.product) |
| 477 | 1050 | 1037 | ||
| 487 | 1051 | def assertNewBranchesPublic(self, owner): | 1038 | def assertTypes(self, owner, types): |
| 488 | 1052 | # Assert that new branches in the owner namespace are public. | 1039 | namespace = self._getNamespace(owner) |
| 489 | 1053 | namespace = self._getNamespace(owner) | 1040 | self.assertContentEqual(types, namespace.getAllowedInformationTypes()) |
| 481 | 1054 | self.assertFalse(namespace.canBranchesBePrivate()) | ||
| 482 | 1055 | |||
| 483 | 1056 | def assertNewBranchesPrivate(self, owner): | ||
| 484 | 1057 | # Assert that new branches in the owner namespace are private. | ||
| 485 | 1058 | namespace = self._getNamespace(owner) | ||
| 486 | 1059 | self.assertTrue(namespace.canBranchesBePrivate()) | ||
| 490 | 1060 | 1041 | ||
| 491 | 1061 | def test_no_policies(self): | 1042 | def test_no_policies(self): |
| 492 | 1062 | # If there are no defined policies, any personal branch is not | 1043 | # If there are no defined policies, any personal branch is not |
| 493 | 1063 | # private. | 1044 | # private. |
| 495 | 1064 | self.assertNewBranchesPublic(self.factory.makePerson()) | 1045 | self.assertTypes(self.factory.makePerson(), PUBLIC_INFORMATION_TYPES) |
| 496 | 1065 | 1046 | ||
| 497 | 1066 | def test_any_person_with_public_base_rule(self): | 1047 | def test_any_person_with_public_base_rule(self): |
| 498 | 1067 | # If the base visibility rule is PUBLIC, then new branches are public. | 1048 | # If the base visibility rule is PUBLIC, then new branches are public. |
| 499 | 1068 | self.product.setBranchVisibilityTeamPolicy( | 1049 | self.product.setBranchVisibilityTeamPolicy( |
| 500 | 1069 | None, BranchVisibilityRule.PUBLIC) | 1050 | None, BranchVisibilityRule.PUBLIC) |
| 502 | 1070 | self.assertNewBranchesPublic(self.factory.makePerson()) | 1051 | self.assertTypes(self.factory.makePerson(), PUBLIC_INFORMATION_TYPES) |
| 503 | 1071 | 1052 | ||
| 504 | 1072 | def test_any_person_with_forbidden_base_rule(self): | 1053 | def test_any_person_with_forbidden_base_rule(self): |
| 507 | 1073 | # If the base visibility rule is FORBIDDEN, new branches are still | 1054 | # If the base visibility rule is FORBIDDEN, there are no legal types. |
| 506 | 1074 | # considered public. | ||
| 508 | 1075 | self.product.setBranchVisibilityTeamPolicy( | 1055 | self.product.setBranchVisibilityTeamPolicy( |
| 509 | 1076 | None, BranchVisibilityRule.FORBIDDEN) | 1056 | None, BranchVisibilityRule.FORBIDDEN) |
| 511 | 1077 | self.assertNewBranchesPublic(self.factory.makePerson()) | 1057 | self.assertTypes(self.factory.makePerson(), []) |
| 512 | 1078 | 1058 | ||
| 513 | 1079 | def test_team_member_with_private_rule(self): | 1059 | def test_team_member_with_private_rule(self): |
| 514 | 1080 | # If a person is a member of a team that has a PRIVATE rule, then new | 1060 | # If a person is a member of a team that has a PRIVATE rule, then new |
| 515 | @@ -1083,8 +1063,10 @@ | |||
| 516 | 1083 | team = self.factory.makeTeam(owner=person) | 1063 | team = self.factory.makeTeam(owner=person) |
| 517 | 1084 | self.product.setBranchVisibilityTeamPolicy( | 1064 | self.product.setBranchVisibilityTeamPolicy( |
| 518 | 1085 | team, BranchVisibilityRule.PRIVATE) | 1065 | team, BranchVisibilityRule.PRIVATE) |
| 521 | 1086 | self.assertNewBranchesPrivate(person) | 1066 | self.assertTypes( |
| 522 | 1087 | self.assertNewBranchesPrivate(team) | 1067 | person, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) |
| 523 | 1068 | self.assertTypes( | ||
| 524 | 1069 | team, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) | ||
| 525 | 1088 | 1070 | ||
| 526 | 1089 | def test_team_member_with_private_only_rule(self): | 1071 | def test_team_member_with_private_only_rule(self): |
| 527 | 1090 | # If a person is a member of a team that has a PRIVATE_ONLY rule, then | 1072 | # If a person is a member of a team that has a PRIVATE_ONLY rule, then |
| 528 | @@ -1092,9 +1074,11 @@ | |||
| 529 | 1092 | person = self.factory.makePerson() | 1074 | person = self.factory.makePerson() |
| 530 | 1093 | team = self.factory.makeTeam(owner=person) | 1075 | team = self.factory.makeTeam(owner=person) |
| 531 | 1094 | self.product.setBranchVisibilityTeamPolicy( | 1076 | self.product.setBranchVisibilityTeamPolicy( |
| 532 | 1077 | None, BranchVisibilityRule.FORBIDDEN) | ||
| 533 | 1078 | self.product.setBranchVisibilityTeamPolicy( | ||
| 534 | 1095 | team, BranchVisibilityRule.PRIVATE_ONLY) | 1079 | team, BranchVisibilityRule.PRIVATE_ONLY) |
| 537 | 1096 | self.assertNewBranchesPrivate(person) | 1080 | self.assertTypes(person, PRIVATE_INFORMATION_TYPES) |
| 538 | 1097 | self.assertNewBranchesPrivate(team) | 1081 | self.assertTypes(team, PRIVATE_INFORMATION_TYPES) |
| 539 | 1098 | 1082 | ||
| 540 | 1099 | def test_non_team_member_with_private_rule(self): | 1083 | def test_non_team_member_with_private_rule(self): |
| 541 | 1100 | # If a person is a not a member of a team that has a privacy rule, | 1084 | # If a person is a not a member of a team that has a privacy rule, |
| 542 | @@ -1103,7 +1087,7 @@ | |||
| 543 | 1103 | team = self.factory.makeTeam(owner=person) | 1087 | team = self.factory.makeTeam(owner=person) |
| 544 | 1104 | self.product.setBranchVisibilityTeamPolicy( | 1088 | self.product.setBranchVisibilityTeamPolicy( |
| 545 | 1105 | team, BranchVisibilityRule.PRIVATE) | 1089 | team, BranchVisibilityRule.PRIVATE) |
| 547 | 1106 | self.assertNewBranchesPublic(self.factory.makePerson()) | 1090 | self.assertTypes(self.factory.makePerson(), PUBLIC_INFORMATION_TYPES) |
| 548 | 1107 | 1091 | ||
| 549 | 1108 | def test_team_member_with_multiple_private_rules(self): | 1092 | def test_team_member_with_multiple_private_rules(self): |
| 550 | 1109 | # If a person is a member of multiple teams that has a privacy rules, | 1093 | # If a person is a member of multiple teams that has a privacy rules, |
| 551 | @@ -1115,9 +1099,12 @@ | |||
| 552 | 1115 | team_1, BranchVisibilityRule.PRIVATE) | 1099 | team_1, BranchVisibilityRule.PRIVATE) |
| 553 | 1116 | self.product.setBranchVisibilityTeamPolicy( | 1100 | self.product.setBranchVisibilityTeamPolicy( |
| 554 | 1117 | team_2, BranchVisibilityRule.PRIVATE) | 1101 | team_2, BranchVisibilityRule.PRIVATE) |
| 558 | 1118 | self.assertNewBranchesPrivate(person) | 1102 | self.assertTypes( |
| 559 | 1119 | self.assertNewBranchesPrivate(team_1) | 1103 | person, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) |
| 560 | 1120 | self.assertNewBranchesPrivate(team_2) | 1104 | self.assertTypes( |
| 561 | 1105 | team_1, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) | ||
| 562 | 1106 | self.assertTypes( | ||
| 563 | 1107 | team_2, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) | ||
| 564 | 1121 | 1108 | ||
| 565 | 1122 | def test_team_member_with_multiple_differing_private_rules(self): | 1109 | def test_team_member_with_multiple_differing_private_rules(self): |
| 566 | 1123 | # If a person is a member of multiple teams that has a privacy rules, | 1110 | # If a person is a member of multiple teams that has a privacy rules, |
| 567 | @@ -1131,103 +1118,12 @@ | |||
| 568 | 1131 | private_team, BranchVisibilityRule.PRIVATE) | 1118 | private_team, BranchVisibilityRule.PRIVATE) |
| 569 | 1132 | self.product.setBranchVisibilityTeamPolicy( | 1119 | self.product.setBranchVisibilityTeamPolicy( |
| 570 | 1133 | public_team, BranchVisibilityRule.PUBLIC) | 1120 | public_team, BranchVisibilityRule.PUBLIC) |
| 668 | 1134 | self.assertNewBranchesPrivate(person) | 1121 | self.assertTypes( |
| 669 | 1135 | self.assertNewBranchesPrivate(private_team) | 1122 | person, PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) |
| 670 | 1136 | self.assertNewBranchesPublic(public_team) | 1123 | self.assertTypes( |
| 671 | 1137 | 1124 | private_team, | |
| 672 | 1138 | 1125 | PUBLIC_INFORMATION_TYPES + PRIVATE_INFORMATION_TYPES) | |
| 673 | 1139 | class TestProductNamespaceCanBranchesBePublic(TestCaseWithFactory): | 1126 | self.assertTypes(public_team, PUBLIC_INFORMATION_TYPES) |
| 577 | 1140 | """Tests for ProductNamespace.canBranchesBePublic.""" | ||
| 578 | 1141 | |||
| 579 | 1142 | layer = DatabaseFunctionalLayer | ||
| 580 | 1143 | |||
| 581 | 1144 | def setUp(self): | ||
| 582 | 1145 | TestCaseWithFactory.setUp(self) | ||
| 583 | 1146 | self.product = self.factory.makeProduct() | ||
| 584 | 1147 | |||
| 585 | 1148 | def _getNamespace(self, owner): | ||
| 586 | 1149 | return ProductNamespace(owner, self.product) | ||
| 587 | 1150 | |||
| 588 | 1151 | def assertBranchesCanBePublic(self, owner): | ||
| 589 | 1152 | # Assert that branches can be public in the owner namespace. | ||
| 590 | 1153 | namespace = self._getNamespace(owner) | ||
| 591 | 1154 | self.assertTrue(namespace.canBranchesBePublic()) | ||
| 592 | 1155 | |||
| 593 | 1156 | def assertBranchesMustBePrivate(self, owner): | ||
| 594 | 1157 | # Assert that branches must be private in the owner namespace. | ||
| 595 | 1158 | namespace = self._getNamespace(owner) | ||
| 596 | 1159 | self.assertFalse(namespace.canBranchesBePublic()) | ||
| 597 | 1160 | |||
| 598 | 1161 | def test_no_policies(self): | ||
| 599 | 1162 | # If there are no defined policies, any branch can be public. | ||
| 600 | 1163 | self.assertBranchesCanBePublic(self.factory.makePerson()) | ||
| 601 | 1164 | |||
| 602 | 1165 | def test_any_person_with_public_base_rule(self): | ||
| 603 | 1166 | # If the base visibility rule is PUBLIC, any branch can be public | ||
| 604 | 1167 | self.product.setBranchVisibilityTeamPolicy( | ||
| 605 | 1168 | None, BranchVisibilityRule.PUBLIC) | ||
| 606 | 1169 | self.assertBranchesCanBePublic(self.factory.makePerson()) | ||
| 607 | 1170 | |||
| 608 | 1171 | def test_any_person_with_forbidden_base_rule(self): | ||
| 609 | 1172 | # If the base visibility rule is FORBIDDEN, branches must be private. | ||
| 610 | 1173 | self.product.setBranchVisibilityTeamPolicy( | ||
| 611 | 1174 | None, BranchVisibilityRule.FORBIDDEN) | ||
| 612 | 1175 | self.assertBranchesMustBePrivate(self.factory.makePerson()) | ||
| 613 | 1176 | |||
| 614 | 1177 | def test_team_member_with_private_rule(self): | ||
| 615 | 1178 | # If a person is a member of a team that has a PRIVATE rule then the | ||
| 616 | 1179 | # branches can be public even though the default is FORBIDDEN. | ||
| 617 | 1180 | person = self.factory.makePerson() | ||
| 618 | 1181 | team = self.factory.makeTeam(owner=person) | ||
| 619 | 1182 | self.product.setBranchVisibilityTeamPolicy( | ||
| 620 | 1183 | None, BranchVisibilityRule.FORBIDDEN) | ||
| 621 | 1184 | self.product.setBranchVisibilityTeamPolicy( | ||
| 622 | 1185 | team, BranchVisibilityRule.PRIVATE) | ||
| 623 | 1186 | self.assertBranchesCanBePublic(person) | ||
| 624 | 1187 | self.assertBranchesCanBePublic(team) | ||
| 625 | 1188 | |||
| 626 | 1189 | def test_team_member_with_private_only_rule(self): | ||
| 627 | 1190 | # If a person is a member of a team that has a PRIVATE_ONLY rule, and | ||
| 628 | 1191 | # the base rule is FORBIDDEN, then the branches must be private. | ||
| 629 | 1192 | person = self.factory.makePerson() | ||
| 630 | 1193 | team = self.factory.makeTeam(owner=person) | ||
| 631 | 1194 | self.product.setBranchVisibilityTeamPolicy( | ||
| 632 | 1195 | None, BranchVisibilityRule.FORBIDDEN) | ||
| 633 | 1196 | self.product.setBranchVisibilityTeamPolicy( | ||
| 634 | 1197 | team, BranchVisibilityRule.PRIVATE_ONLY) | ||
| 635 | 1198 | self.assertBranchesMustBePrivate(person) | ||
| 636 | 1199 | self.assertBranchesMustBePrivate(team) | ||
| 637 | 1200 | |||
| 638 | 1201 | def test_team_member_with_private_only_rule_public_base_rule(self): | ||
| 639 | 1202 | # If a person is a member of a team that has a PRIVATE_ONLY rule, and | ||
| 640 | 1203 | # the base rule is PUBLIC, then the branches must be private in the | ||
| 641 | 1204 | # team namespace, but can be public in the personal namespace. | ||
| 642 | 1205 | person = self.factory.makePerson() | ||
| 643 | 1206 | team = self.factory.makeTeam(owner=person) | ||
| 644 | 1207 | self.product.setBranchVisibilityTeamPolicy( | ||
| 645 | 1208 | None, BranchVisibilityRule.PUBLIC) | ||
| 646 | 1209 | self.product.setBranchVisibilityTeamPolicy( | ||
| 647 | 1210 | team, BranchVisibilityRule.PRIVATE_ONLY) | ||
| 648 | 1211 | self.assertBranchesCanBePublic(person) | ||
| 649 | 1212 | self.assertBranchesMustBePrivate(team) | ||
| 650 | 1213 | |||
| 651 | 1214 | def test_team_member_with_multiple_private_rules(self): | ||
| 652 | 1215 | # If a person is a member of multiple teams that has a privacy rules, | ||
| 653 | 1216 | # then new branches must stay private in any namespace that defines | ||
| 654 | 1217 | # PRIVATE_ONLY, but if the team member is a member of any teams that | ||
| 655 | 1218 | # specify just PRIVATE, then branches can be made public. | ||
| 656 | 1219 | person = self.factory.makePerson() | ||
| 657 | 1220 | team_1 = self.factory.makeTeam(owner=person) | ||
| 658 | 1221 | team_2 = self.factory.makeTeam(owner=person) | ||
| 659 | 1222 | self.product.setBranchVisibilityTeamPolicy( | ||
| 660 | 1223 | None, BranchVisibilityRule.FORBIDDEN) | ||
| 661 | 1224 | self.product.setBranchVisibilityTeamPolicy( | ||
| 662 | 1225 | team_1, BranchVisibilityRule.PRIVATE_ONLY) | ||
| 663 | 1226 | self.product.setBranchVisibilityTeamPolicy( | ||
| 664 | 1227 | team_2, BranchVisibilityRule.PRIVATE) | ||
| 665 | 1228 | self.assertBranchesCanBePublic(person) | ||
| 666 | 1229 | self.assertBranchesMustBePrivate(team_1) | ||
| 667 | 1230 | self.assertBranchesCanBePublic(team_2) | ||
| 674 | 1231 | 1127 | ||
| 675 | 1232 | 1128 | ||
| 676 | 1233 | class BaseValidateNewBranchMixin: | 1129 | class BaseValidateNewBranchMixin: |
| 677 | @@ -1389,7 +1285,8 @@ | |||
| 678 | 1389 | :param owner: The person or team that will be the owner of the branch. | 1285 | :param owner: The person or team that will be the owner of the branch. |
| 679 | 1390 | """ | 1286 | """ |
| 680 | 1391 | namespace = get_branch_namespace(owner, product=self.product) | 1287 | namespace = get_branch_namespace(owner, product=self.product) |
| 682 | 1392 | self.assertFalse(namespace.canBranchesBePrivate()) | 1288 | self.assertNotIn( |
| 683 | 1289 | InformationType.USERDATA, namespace.getAllowedInformationTypes()) | ||
| 684 | 1393 | 1290 | ||
| 685 | 1394 | def assertPrivateSubscriber(self, creator, owner, subscriber): | 1291 | def assertPrivateSubscriber(self, creator, owner, subscriber): |
| 686 | 1395 | """Assert that the policy check results in a private branch. | 1292 | """Assert that the policy check results in a private branch. |
| 687 | @@ -1400,7 +1297,8 @@ | |||
| 688 | 1400 | """ | 1297 | """ |
| 689 | 1401 | policy = IBranchNamespacePolicy( | 1298 | policy = IBranchNamespacePolicy( |
| 690 | 1402 | get_branch_namespace(owner, product=self.product)) | 1299 | get_branch_namespace(owner, product=self.product)) |
| 692 | 1403 | self.assertTrue(policy.canBranchesBePrivate()) | 1300 | self.assertIn( |
| 693 | 1301 | InformationType.USERDATA, policy.getAllowedInformationTypes()) | ||
| 694 | 1404 | if subscriber is None: | 1302 | if subscriber is None: |
| 695 | 1405 | self.assertIs(None, policy.getPrivacySubscriber()) | 1303 | self.assertIs(None, policy.getPrivacySubscriber()) |
| 696 | 1406 | else: | 1304 | else: |
Thank you.