Code review comment for lp:~adiroiban/launchpad/bug-509252-take-2
Revision history for this message
| Michael Nelson (michael.nelson) wrote | # |
review:
Needs Information
(code)
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Hi Adi,
Thanks for all the cleanups that you've done in this branch.
After reading the recent email discussion at:
https:/
and particularly BjornT's message:
https:/
I don't think putting the security check into a browser helper is the way to go.
As outlined in the above email:
"The current solution is to have this code in model code, and have the
security adapter ask the model. No code duplication really."
this ensures that any security can be applied not only in the view, but also via other modes of access (API), even if they are not yet enabled.
As it turns out in your code, it seems most of IDistroSeries.
So I wonder if we can do something like this:
http://
That is, simply add a launchpad.View check for IDistroSeriesLa
if not check_permission(
could be replaced simply by:
if not check_permission(
that way you'd have all the security in the right place, separate from the error generation (ie. translation_
I'm not 100%, but as far as I can see, the above should do what you're after while at the same time keeping all the security code in the one place. But I'll check with Henninge to be sure (hence marking this as needs info).
IRC log of conversation starts at:
http://