NameError: Unauthorized: when ~registry user tries to edit feature
Bug #651852 reported by
Martin Pool
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
Critical
|
Benji York |
Bug Description
Silly mistake:
https:/
tries to let all users read but only admin users write, but it has, at least, a missing import statement causing
Module zope.formlib.form, line 606, in success
return self.success_
Module lp.services.
raise Unauthorized()
NameError: global name 'Unauthorized' is not defined<br />
https:/
and I guess a missing test too.
I don't think this needs to block continued deployment though.
Related branches
lp:~benji/launchpad/bug-669701
- Edwin Grubbs (community): Approve (code)
- Curtis Hovey (community): Approve (ui)
- Leonard Richardson (community): Approve
-
Diff: 273 lines (+114/-28)6 files modifiedlib/lp/registry/browser/tests/test_projectgroup.py (+1/-3)
lib/lp/services/features/browser/edit.py (+35/-18)
lib/lp/services/features/browser/tests/test_feature_editor.py (+64/-2)
lib/lp/services/features/rulesource.py (+4/-1)
lib/lp/services/features/templates/feature-rules.pt (+7/-1)
lib/lp/services/features/tests/test_flags.py (+3/-3)
summary: |
- NameError: Unauthorized: when unauthorized user triest to edit feature + NameError: Unauthorized: when ~registry user tries to edit feature |
tags: | added: oops |
Changed in launchpad-foundations: | |
status: | Confirmed → Triaged |
Changed in launchpad: | |
assignee: | nobody → Benji York (benji) |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad: | |
importance: | Medium → Critical |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Some suggestions from canonical- launchpad, to make the overall form work better:
See BranchEditView. setUpFields( ) in lp.code. browser. Branch. py for an
example of hiding fields depending on a user's team permission.
If you want to make fields readonly instead of hiding them, set the osalEnqueueView .setUpFields( ) in browser. branchmergeprop osal.py for an example.
"for_display" attribute to True - see
BranchMergeProp
lp.code.
Basically, just override the setUpFields() method in your view class and
do whatever you need to in there.
---
There is a permission that you can add to the action I believe. This will make sure the button isn't there if the person doesn't have that permission.