Merge lp:~bac/launchpad/bug-498179 into lp:launchpad
Proposed by
Brad Crittenden
Status: | Merged |
---|---|
Approved by: | Edwin Grubbs |
Approved revision: | not available |
Merged at revision: | not available |
Proposed branch: | lp:~bac/launchpad/bug-498179 |
Merge into: | lp:launchpad |
Diff against target: |
125 lines (+99/-0) 3 files modified
lib/canonical/launchpad/security.py (+5/-0) lib/lp/registry/doc/private-team-roles.txt (+1/-0) lib/lp/registry/doc/private-team-visibility.txt (+93/-0) |
To merge this branch: | bzr merge lp:~bac/launchpad/bug-498179 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Edwin Grubbs (community) | code | Approve | |
Review via email: mp+16806@code.launchpad.net |
Commit message
Allow admins of a public team invited to join a private team to see the information for the private team.
To post a comment you must log in.
= Summary =
Private and Private Membership teams can invite public teams to become members. When
that happens an admin of the public team must go to a page to accept the membership.
Since the admin is likely not a member of the private team she is barred from
viewing anything related to the private team, resulting in an OOPS as reported in bug
498179.
== Proposed fix ==
Change the security rules to allow the admins of invited teams to see the private parts.
== Pre-implementation notes ==
None.
== Implementation details ==
As above.
== Tests ==
bin/test -vvt private- team-visibility .txt
== Demo and Q/A ==
Create a private team.
Create a public team.
As an admin on the private team invite the private team to be a member.
As an admin of the public team attempt to accept the invitation.
= Launchpad lint =
Checking for conflicts. and issues in doctests and templates.
Running jslint, xmllint, pyflakes, and pylint.
Using normal rules.
Linting changed files: /launchpad/ security. py registry/ doc/private- team-roles. txt registry/ doc/private- team-visibility .txt
lib/canonical
lib/lp/
lib/lp/