Merge lp:~bac/launchpad/bug-588773 into lp:launchpad
- bug-588773
- Merge into devel
Status: | Merged |
---|---|
Approved by: | Aaron Bentley |
Approved revision: | no longer in the source branch. |
Merged at revision: | 10966 |
Proposed branch: | lp:~bac/launchpad/bug-588773 |
Merge into: | lp:launchpad |
Diff against target: |
1369 lines (+286/-17) 3 files modified
lib/canonical/launchpad/security.py (+186/-11) lib/lp/registry/browser/tests/test_edit_permissions.py (+97/-0) lib/lp/registry/stories/product/xx-product-edit.txt (+3/-6) |
To merge this branch: | bzr merge lp:~bac/launchpad/bug-588773 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Aaron Bentley (community) | code | Approve | |
Review via email: mp+26968@code.launchpad.net |
Commit message
Allow registry admins to access +edit on persons and pillars.
Description of the change
= Summary =
We want registry experts (members of ~registry) to have more abilities
in order to perform CHR duties. Often things like person or pillar
editing has to be deferred to LP admins which is not an efficient use of
their nor the CHR's time.
== Proposed fix ==
Change the security settings for launchpad.Edit for pillars and persons
to include registry experts.
== Pre-implementation notes ==
Chats with Curtis.
== Implementation details ==
As above.
== Tests ==
bin/test -vvm lp.registry -t test_edit_
== Demo and Q/A ==
In our sample data, only mark is in the registry admin team, but he is
also a LP admin, so using that account to test proves nothing. A
non-admin (such as bac) needs to be added to the registry team.
Once that is done, simply demonstrate that the registry expert can edit
people, project, project groups, and distros.
= Launchpad lint =
Checking for conflicts. and issues in doctests and templates.
Running jslint, xmllint, pyflakes, and pylint.
Using normal rules.
Linting changed files:
lib/canonical
lib/lp/
== Pyflakes notices ==
lib/canonical/
1170: undefined name 'EditDistributi
== Pylint notices ==
lib/canonical/
1170: [E0602, AdminDistributi
Undefined variable 'EditDistributi
I'll sort this out.
Brad Crittenden (bac) wrote : | # |
Aaron Bentley (abentley) wrote : | # |
Looks good. As discussed on IRC, there are a few spots that could use an additional blank line.
Brad Crittenden (bac) wrote : | # |
Thanks Aaron. The file was a bit of a mess regarding blank lines between the class/docstring and the first line of code. I fixed them all.
Brad Crittenden (bac) wrote : | # |
Fixed a failing test:
Preview Diff
1 | === modified file 'lib/canonical/launchpad/security.py' | |||
2 | --- lib/canonical/launchpad/security.py 2010-06-07 12:01:14 +0000 | |||
3 | +++ lib/canonical/launchpad/security.py 2010-06-08 13:20:48 +0000 | |||
4 | @@ -132,6 +132,7 @@ | |||
5 | 132 | 132 | ||
6 | 133 | 133 | ||
7 | 134 | class AuthorizationBase: | 134 | class AuthorizationBase: |
8 | 135 | |||
9 | 135 | implements(IAuthorization) | 136 | implements(IAuthorization) |
10 | 136 | permission = None | 137 | permission = None |
11 | 137 | usedfor = None | 138 | usedfor = None |
12 | @@ -176,6 +177,7 @@ | |||
13 | 176 | By default, any logged-in user can see anything. More restrictive | 177 | By default, any logged-in user can see anything. More restrictive |
14 | 177 | rulesets are defined in other IAuthorization implementations. | 178 | rulesets are defined in other IAuthorization implementations. |
15 | 178 | """ | 179 | """ |
16 | 180 | |||
17 | 179 | permission = 'launchpad.View' | 181 | permission = 'launchpad.View' |
18 | 180 | usedfor = Interface | 182 | usedfor = Interface |
19 | 181 | 183 | ||
20 | @@ -186,6 +188,7 @@ | |||
21 | 186 | 188 | ||
22 | 187 | class AnonymousAuthorization(AuthorizationBase): | 189 | class AnonymousAuthorization(AuthorizationBase): |
23 | 188 | """Allow any authenticated and unauthenticated user access.""" | 190 | """Allow any authenticated and unauthenticated user access.""" |
24 | 191 | |||
25 | 189 | permission = 'launchpad.View' | 192 | permission = 'launchpad.View' |
26 | 190 | 193 | ||
27 | 191 | def checkUnauthenticated(self): | 194 | def checkUnauthenticated(self): |
28 | @@ -198,6 +201,7 @@ | |||
29 | 198 | 201 | ||
30 | 199 | 202 | ||
31 | 200 | class AdminByAdminsTeam(AuthorizationBase): | 203 | class AdminByAdminsTeam(AuthorizationBase): |
32 | 204 | |||
33 | 201 | permission = 'launchpad.Admin' | 205 | permission = 'launchpad.Admin' |
34 | 202 | usedfor = Interface | 206 | usedfor = Interface |
35 | 203 | 207 | ||
36 | @@ -206,6 +210,7 @@ | |||
37 | 206 | 210 | ||
38 | 207 | 211 | ||
39 | 208 | class AdminByCommercialTeamOrAdmins(AuthorizationBase): | 212 | class AdminByCommercialTeamOrAdmins(AuthorizationBase): |
40 | 213 | |||
41 | 209 | permission = 'launchpad.Commercial' | 214 | permission = 'launchpad.Commercial' |
42 | 210 | usedfor = Interface | 215 | usedfor = Interface |
43 | 211 | 216 | ||
44 | @@ -214,6 +219,7 @@ | |||
45 | 214 | 219 | ||
46 | 215 | 220 | ||
47 | 216 | class EditByRegistryExpertsOrAdmins(AuthorizationBase): | 221 | class EditByRegistryExpertsOrAdmins(AuthorizationBase): |
48 | 222 | |||
49 | 217 | permission = 'launchpad.Edit' | 223 | permission = 'launchpad.Edit' |
50 | 218 | usedfor = ILaunchpadRoot | 224 | usedfor = ILaunchpadRoot |
51 | 219 | 225 | ||
52 | @@ -222,6 +228,7 @@ | |||
53 | 222 | 228 | ||
54 | 223 | 229 | ||
55 | 224 | class ReviewByRegistryExpertsOrAdmins(AuthorizationBase): | 230 | class ReviewByRegistryExpertsOrAdmins(AuthorizationBase): |
56 | 231 | |||
57 | 225 | permission = 'launchpad.ProjectReview' | 232 | permission = 'launchpad.ProjectReview' |
58 | 226 | usedfor = None | 233 | usedfor = None |
59 | 227 | 234 | ||
60 | @@ -230,27 +237,33 @@ | |||
61 | 230 | 237 | ||
62 | 231 | 238 | ||
63 | 232 | class ReviewProduct(ReviewByRegistryExpertsOrAdmins): | 239 | class ReviewProduct(ReviewByRegistryExpertsOrAdmins): |
64 | 240 | |||
65 | 233 | usedfor = IProduct | 241 | usedfor = IProduct |
66 | 234 | 242 | ||
67 | 235 | 243 | ||
68 | 236 | class ReviewProductSet(ReviewByRegistryExpertsOrAdmins): | 244 | class ReviewProductSet(ReviewByRegistryExpertsOrAdmins): |
69 | 245 | |||
70 | 237 | usedfor = IProductSet | 246 | usedfor = IProductSet |
71 | 238 | 247 | ||
72 | 239 | 248 | ||
73 | 240 | class ReviewProject(ReviewByRegistryExpertsOrAdmins): | 249 | class ReviewProject(ReviewByRegistryExpertsOrAdmins): |
74 | 250 | |||
75 | 241 | usedfor = IProjectGroup | 251 | usedfor = IProjectGroup |
76 | 242 | 252 | ||
77 | 243 | 253 | ||
78 | 244 | class ReviewProjectGroupSet(ReviewByRegistryExpertsOrAdmins): | 254 | class ReviewProjectGroupSet(ReviewByRegistryExpertsOrAdmins): |
79 | 255 | |||
80 | 245 | usedfor = IProjectGroupSet | 256 | usedfor = IProjectGroupSet |
81 | 246 | 257 | ||
82 | 247 | 258 | ||
83 | 248 | class ModeratePerson(ReviewByRegistryExpertsOrAdmins): | 259 | class ModeratePerson(ReviewByRegistryExpertsOrAdmins): |
84 | 260 | |||
85 | 249 | permission = 'launchpad.Moderate' | 261 | permission = 'launchpad.Moderate' |
86 | 250 | usedfor = IPerson | 262 | usedfor = IPerson |
87 | 251 | 263 | ||
88 | 252 | 264 | ||
89 | 253 | class ViewPillar(AuthorizationBase): | 265 | class ViewPillar(AuthorizationBase): |
90 | 266 | |||
91 | 254 | usedfor = IPillar | 267 | usedfor = IPillar |
92 | 255 | permission = 'launchpad.View' | 268 | permission = 'launchpad.View' |
93 | 256 | 269 | ||
94 | @@ -268,6 +281,7 @@ | |||
95 | 268 | 281 | ||
96 | 269 | 282 | ||
97 | 270 | class EditAccountBySelfOrAdmin(AuthorizationBase): | 283 | class EditAccountBySelfOrAdmin(AuthorizationBase): |
98 | 284 | |||
99 | 271 | permission = 'launchpad.Edit' | 285 | permission = 'launchpad.Edit' |
100 | 272 | usedfor = IAccount | 286 | usedfor = IAccount |
101 | 273 | 287 | ||
102 | @@ -282,10 +296,12 @@ | |||
103 | 282 | 296 | ||
104 | 283 | 297 | ||
105 | 284 | class ViewAccount(EditAccountBySelfOrAdmin): | 298 | class ViewAccount(EditAccountBySelfOrAdmin): |
106 | 299 | |||
107 | 285 | permission = 'launchpad.View' | 300 | permission = 'launchpad.View' |
108 | 286 | 301 | ||
109 | 287 | 302 | ||
110 | 288 | class SpecialAccount(EditAccountBySelfOrAdmin): | 303 | class SpecialAccount(EditAccountBySelfOrAdmin): |
111 | 304 | |||
112 | 289 | permission = 'launchpad.Special' | 305 | permission = 'launchpad.Special' |
113 | 290 | 306 | ||
114 | 291 | def checkAuthenticated(self, user): | 307 | def checkAuthenticated(self, user): |
115 | @@ -294,14 +310,16 @@ | |||
116 | 294 | 310 | ||
117 | 295 | 311 | ||
118 | 296 | class ModerateAccountByRegistryExpert(AuthorizationBase): | 312 | class ModerateAccountByRegistryExpert(AuthorizationBase): |
119 | 313 | |||
120 | 314 | permission = 'launchpad.Moderate' | ||
121 | 297 | usedfor = IAccount | 315 | usedfor = IAccount |
122 | 298 | permission = 'launchpad.Moderate' | ||
123 | 299 | 316 | ||
124 | 300 | def checkAuthenticated(self, user): | 317 | def checkAuthenticated(self, user): |
125 | 301 | return user.in_admin or user.in_registry_experts | 318 | return user.in_admin or user.in_registry_experts |
126 | 302 | 319 | ||
127 | 303 | 320 | ||
128 | 304 | class EditOAuthAccessToken(AuthorizationBase): | 321 | class EditOAuthAccessToken(AuthorizationBase): |
129 | 322 | |||
130 | 305 | permission = 'launchpad.Edit' | 323 | permission = 'launchpad.Edit' |
131 | 306 | usedfor = IOAuthAccessToken | 324 | usedfor = IOAuthAccessToken |
132 | 307 | 325 | ||
133 | @@ -310,11 +328,13 @@ | |||
134 | 310 | 328 | ||
135 | 311 | 329 | ||
136 | 312 | class EditOAuthRequestToken(EditOAuthAccessToken): | 330 | class EditOAuthRequestToken(EditOAuthAccessToken): |
137 | 331 | |||
138 | 313 | permission = 'launchpad.Edit' | 332 | permission = 'launchpad.Edit' |
139 | 314 | usedfor = IOAuthRequestToken | 333 | usedfor = IOAuthRequestToken |
140 | 315 | 334 | ||
141 | 316 | 335 | ||
142 | 317 | class EditBugNominationStatus(AuthorizationBase): | 336 | class EditBugNominationStatus(AuthorizationBase): |
143 | 337 | |||
144 | 318 | permission = 'launchpad.Driver' | 338 | permission = 'launchpad.Driver' |
145 | 319 | usedfor = IBugNomination | 339 | usedfor = IBugNomination |
146 | 320 | 340 | ||
147 | @@ -323,6 +343,7 @@ | |||
148 | 323 | 343 | ||
149 | 324 | 344 | ||
150 | 325 | class EditByOwnersOrAdmins(AuthorizationBase): | 345 | class EditByOwnersOrAdmins(AuthorizationBase): |
151 | 346 | |||
152 | 326 | permission = 'launchpad.Edit' | 347 | permission = 'launchpad.Edit' |
153 | 327 | usedfor = IHasOwner | 348 | usedfor = IHasOwner |
154 | 328 | 349 | ||
155 | @@ -330,15 +351,28 @@ | |||
156 | 330 | return user.isOwner(self.obj) or user.in_admin | 351 | return user.isOwner(self.obj) or user.in_admin |
157 | 331 | 352 | ||
158 | 332 | 353 | ||
160 | 333 | class EditProduct(EditByOwnersOrAdmins): | 354 | class EditByOwnersRegistryExpertsOrAdmins(AuthorizationBase): |
161 | 355 | |||
162 | 356 | permission = 'launchpad.Edit' | ||
163 | 357 | |||
164 | 358 | def checkAuthenticated(self, user): | ||
165 | 359 | return (user.isOwner(self.obj) or | ||
166 | 360 | user.in_registry_experts or | ||
167 | 361 | user.in_admin) | ||
168 | 362 | |||
169 | 363 | |||
170 | 364 | class EditProduct(EditByOwnersRegistryExpertsOrAdmins): | ||
171 | 365 | |||
172 | 334 | usedfor = IProduct | 366 | usedfor = IProduct |
173 | 335 | 367 | ||
174 | 336 | 368 | ||
175 | 337 | class EditPackaging(EditByOwnersOrAdmins): | 369 | class EditPackaging(EditByOwnersOrAdmins): |
176 | 370 | |||
177 | 338 | usedfor = IPackaging | 371 | usedfor = IPackaging |
178 | 339 | 372 | ||
179 | 340 | 373 | ||
180 | 341 | class EditProductReleaseFile(AuthorizationBase): | 374 | class EditProductReleaseFile(AuthorizationBase): |
181 | 375 | |||
182 | 342 | permission = 'launchpad.Edit' | 376 | permission = 'launchpad.Edit' |
183 | 343 | usedfor = IProductReleaseFile | 377 | usedfor = IProductReleaseFile |
184 | 344 | 378 | ||
185 | @@ -349,6 +383,7 @@ | |||
186 | 349 | 383 | ||
187 | 350 | class AdminDistributionMirrorByDistroOwnerOrMirrorAdminsOrAdmins( | 384 | class AdminDistributionMirrorByDistroOwnerOrMirrorAdminsOrAdmins( |
188 | 351 | AuthorizationBase): | 385 | AuthorizationBase): |
189 | 386 | |||
190 | 352 | permission = 'launchpad.Admin' | 387 | permission = 'launchpad.Admin' |
191 | 353 | usedfor = IDistributionMirror | 388 | usedfor = IDistributionMirror |
192 | 354 | 389 | ||
193 | @@ -360,6 +395,7 @@ | |||
194 | 360 | 395 | ||
195 | 361 | class EditDistributionMirrorByOwnerOrDistroOwnerOrMirrorAdminsOrAdmins( | 396 | class EditDistributionMirrorByOwnerOrDistroOwnerOrMirrorAdminsOrAdmins( |
196 | 362 | AuthorizationBase): | 397 | AuthorizationBase): |
197 | 398 | |||
198 | 363 | permission = 'launchpad.Edit' | 399 | permission = 'launchpad.Edit' |
199 | 364 | usedfor = IDistributionMirror | 400 | usedfor = IDistributionMirror |
200 | 365 | 401 | ||
201 | @@ -371,11 +407,13 @@ | |||
202 | 371 | 407 | ||
203 | 372 | class ViewDistributionMirror(AnonymousAuthorization): | 408 | class ViewDistributionMirror(AnonymousAuthorization): |
204 | 373 | """Anyone can view an IDistributionMirror.""" | 409 | """Anyone can view an IDistributionMirror.""" |
205 | 410 | |||
206 | 374 | usedfor = IDistributionMirror | 411 | usedfor = IDistributionMirror |
207 | 375 | 412 | ||
208 | 376 | 413 | ||
209 | 377 | class ViewMilestone(AnonymousAuthorization): | 414 | class ViewMilestone(AnonymousAuthorization): |
210 | 378 | """Anyone can view an IMilestone.""" | 415 | """Anyone can view an IMilestone.""" |
211 | 416 | |||
212 | 379 | usedfor = IMilestone | 417 | usedfor = IMilestone |
213 | 380 | 418 | ||
214 | 381 | 419 | ||
215 | @@ -426,6 +464,7 @@ | |||
216 | 426 | 464 | ||
217 | 427 | 465 | ||
218 | 428 | class AdminSpecification(AuthorizationBase): | 466 | class AdminSpecification(AuthorizationBase): |
219 | 467 | |||
220 | 429 | permission = 'launchpad.Admin' | 468 | permission = 'launchpad.Admin' |
221 | 430 | usedfor = ISpecification | 469 | usedfor = ISpecification |
222 | 431 | 470 | ||
223 | @@ -437,6 +476,7 @@ | |||
224 | 437 | 476 | ||
225 | 438 | 477 | ||
226 | 439 | class DriverSpecification(AuthorizationBase): | 478 | class DriverSpecification(AuthorizationBase): |
227 | 479 | |||
228 | 440 | permission = 'launchpad.Driver' | 480 | permission = 'launchpad.Driver' |
229 | 441 | usedfor = ISpecification | 481 | usedfor = ISpecification |
230 | 442 | 482 | ||
231 | @@ -455,6 +495,7 @@ | |||
232 | 455 | """The sprint owner or driver can say what makes it onto the agenda for | 495 | """The sprint owner or driver can say what makes it onto the agenda for |
233 | 456 | the sprint. | 496 | the sprint. |
234 | 457 | """ | 497 | """ |
235 | 498 | |||
236 | 458 | permission = 'launchpad.Driver' | 499 | permission = 'launchpad.Driver' |
237 | 459 | usedfor = ISprintSpecification | 500 | usedfor = ISprintSpecification |
238 | 460 | 501 | ||
239 | @@ -467,6 +508,7 @@ | |||
240 | 467 | """The sprint owner or driver can say what makes it onto the agenda for | 508 | """The sprint owner or driver can say what makes it onto the agenda for |
241 | 468 | the sprint. | 509 | the sprint. |
242 | 469 | """ | 510 | """ |
243 | 511 | |||
244 | 470 | permission = 'launchpad.Driver' | 512 | permission = 'launchpad.Driver' |
245 | 471 | usedfor = ISprint | 513 | usedfor = ISprint |
246 | 472 | 514 | ||
247 | @@ -478,6 +520,7 @@ | |||
248 | 478 | 520 | ||
249 | 479 | class Sprint(AuthorizationBase): | 521 | class Sprint(AuthorizationBase): |
250 | 480 | """An attendee, owner, or driver of a sprint.""" | 522 | """An attendee, owner, or driver of a sprint.""" |
251 | 523 | |||
252 | 481 | permission = 'launchpad.View' | 524 | permission = 'launchpad.View' |
253 | 482 | usedfor = ISprint | 525 | usedfor = ISprint |
254 | 483 | 526 | ||
255 | @@ -492,6 +535,7 @@ | |||
256 | 492 | class EditSpecificationSubscription(AuthorizationBase): | 535 | class EditSpecificationSubscription(AuthorizationBase): |
257 | 493 | """The subscriber, and people related to the spec or the target of the | 536 | """The subscriber, and people related to the spec or the target of the |
258 | 494 | spec can determine who is essential.""" | 537 | spec can determine who is essential.""" |
259 | 538 | |||
260 | 495 | permission = 'launchpad.Edit' | 539 | permission = 'launchpad.Edit' |
261 | 496 | usedfor = ISpecificationSubscription | 540 | usedfor = ISpecificationSubscription |
262 | 497 | 541 | ||
263 | @@ -519,6 +563,7 @@ | |||
264 | 519 | 563 | ||
265 | 520 | 564 | ||
266 | 521 | class AdminProjectTranslations(AuthorizationBase): | 565 | class AdminProjectTranslations(AuthorizationBase): |
267 | 566 | |||
268 | 522 | permission = 'launchpad.TranslationsAdmin' | 567 | permission = 'launchpad.TranslationsAdmin' |
269 | 523 | usedfor = IProjectGroup | 568 | usedfor = IProjectGroup |
270 | 524 | 569 | ||
271 | @@ -534,6 +579,7 @@ | |||
272 | 534 | 579 | ||
273 | 535 | 580 | ||
274 | 536 | class AdminProductTranslations(AuthorizationBase): | 581 | class AdminProductTranslations(AuthorizationBase): |
275 | 582 | |||
276 | 537 | permission = 'launchpad.TranslationsAdmin' | 583 | permission = 'launchpad.TranslationsAdmin' |
277 | 538 | usedfor = IProduct | 584 | usedfor = IProduct |
278 | 539 | 585 | ||
279 | @@ -548,7 +594,13 @@ | |||
280 | 548 | user.in_admin) | 594 | user.in_admin) |
281 | 549 | 595 | ||
282 | 550 | 596 | ||
283 | 597 | class EditProject(EditByOwnersRegistryExpertsOrAdmins): | ||
284 | 598 | |||
285 | 599 | usedfor = IProjectGroup | ||
286 | 600 | |||
287 | 601 | |||
288 | 551 | class EditProjectMilestoneNever(AuthorizationBase): | 602 | class EditProjectMilestoneNever(AuthorizationBase): |
289 | 603 | |||
290 | 552 | permission = 'launchpad.Edit' | 604 | permission = 'launchpad.Edit' |
291 | 553 | usedfor = IProjectGroupMilestone | 605 | usedfor = IProjectGroupMilestone |
292 | 554 | 606 | ||
293 | @@ -558,6 +610,7 @@ | |||
294 | 558 | 610 | ||
295 | 559 | 611 | ||
296 | 560 | class EditMilestoneByTargetOwnerOrAdmins(AuthorizationBase): | 612 | class EditMilestoneByTargetOwnerOrAdmins(AuthorizationBase): |
297 | 613 | |||
298 | 561 | permission = 'launchpad.Edit' | 614 | permission = 'launchpad.Edit' |
299 | 562 | usedfor = IMilestone | 615 | usedfor = IMilestone |
300 | 563 | 616 | ||
301 | @@ -575,6 +628,7 @@ | |||
302 | 575 | 628 | ||
303 | 576 | 629 | ||
304 | 577 | class AdminMilestoneByLaunchpadAdmins(AuthorizationBase): | 630 | class AdminMilestoneByLaunchpadAdmins(AuthorizationBase): |
305 | 631 | |||
306 | 578 | permission = 'launchpad.Admin' | 632 | permission = 'launchpad.Admin' |
307 | 579 | usedfor = IMilestone | 633 | usedfor = IMilestone |
308 | 580 | 634 | ||
309 | @@ -586,11 +640,13 @@ | |||
310 | 586 | 640 | ||
311 | 587 | 641 | ||
312 | 588 | class ModeratePersonSetByExpertsOrAdmins(ReviewByRegistryExpertsOrAdmins): | 642 | class ModeratePersonSetByExpertsOrAdmins(ReviewByRegistryExpertsOrAdmins): |
313 | 643 | |||
314 | 589 | permission = 'launchpad.Moderate' | 644 | permission = 'launchpad.Moderate' |
315 | 590 | usedfor = IPersonSet | 645 | usedfor = IPersonSet |
316 | 591 | 646 | ||
317 | 592 | 647 | ||
318 | 593 | class EditTeamByTeamOwnerOrLaunchpadAdmins(AuthorizationBase): | 648 | class EditTeamByTeamOwnerOrLaunchpadAdmins(AuthorizationBase): |
319 | 649 | |||
320 | 594 | permission = 'launchpad.Owner' | 650 | permission = 'launchpad.Owner' |
321 | 595 | usedfor = ITeam | 651 | usedfor = ITeam |
322 | 596 | 652 | ||
323 | @@ -601,6 +657,7 @@ | |||
324 | 601 | 657 | ||
325 | 602 | 658 | ||
326 | 603 | class EditTeamByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): | 659 | class EditTeamByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): |
327 | 660 | |||
328 | 604 | permission = 'launchpad.Edit' | 661 | permission = 'launchpad.Edit' |
329 | 605 | usedfor = ITeam | 662 | usedfor = ITeam |
330 | 606 | 663 | ||
331 | @@ -613,6 +670,7 @@ | |||
332 | 613 | 670 | ||
333 | 614 | 671 | ||
334 | 615 | class ModerateTeam(ReviewByRegistryExpertsOrAdmins): | 672 | class ModerateTeam(ReviewByRegistryExpertsOrAdmins): |
335 | 673 | |||
336 | 616 | permission = 'launchpad.Moderate' | 674 | permission = 'launchpad.Moderate' |
337 | 617 | usedfor = ITeam | 675 | usedfor = ITeam |
338 | 618 | 676 | ||
339 | @@ -628,6 +686,7 @@ | |||
340 | 628 | 686 | ||
341 | 629 | 687 | ||
342 | 630 | class EditTeamMembershipByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): | 688 | class EditTeamMembershipByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): |
343 | 689 | |||
344 | 631 | permission = 'launchpad.Edit' | 690 | permission = 'launchpad.Edit' |
345 | 632 | usedfor = ITeamMembership | 691 | usedfor = ITeamMembership |
346 | 633 | 692 | ||
347 | @@ -640,6 +699,7 @@ | |||
348 | 640 | # going to be used only on the webservice (which explicitly checks for | 699 | # going to be used only on the webservice (which explicitly checks for |
349 | 641 | # launchpad.View) so that we don't leak memberships of private teams. | 700 | # launchpad.View) so that we don't leak memberships of private teams. |
350 | 642 | class ViewTeamMembership(AuthorizationBase): | 701 | class ViewTeamMembership(AuthorizationBase): |
351 | 702 | |||
352 | 643 | permission = 'launchpad.View' | 703 | permission = 'launchpad.View' |
353 | 644 | usedfor = ITeamMembership | 704 | usedfor = ITeamMembership |
354 | 645 | 705 | ||
355 | @@ -660,19 +720,23 @@ | |||
356 | 660 | return False | 720 | return False |
357 | 661 | 721 | ||
358 | 662 | 722 | ||
360 | 663 | class EditPersonBySelfOrAdmins(AuthorizationBase): | 723 | class EditPersonBySelfRegistryExpertsOrAdmins(AuthorizationBase): |
361 | 724 | |||
362 | 664 | permission = 'launchpad.Edit' | 725 | permission = 'launchpad.Edit' |
363 | 665 | usedfor = IPerson | 726 | usedfor = IPerson |
364 | 666 | 727 | ||
365 | 667 | def checkAuthenticated(self, user): | 728 | def checkAuthenticated(self, user): |
367 | 668 | """A user can edit the Person who is herself. | 729 | """A user can edit his or her own object. |
368 | 669 | 730 | ||
370 | 670 | The admin team can also edit any Person. | 731 | The registry experts or admin teams can also edit any Person. |
371 | 671 | """ | 732 | """ |
373 | 672 | return self.obj.id == user.person.id or user.in_admin | 733 | return (self.obj.id == user.person.id or |
374 | 734 | user.in_registry_experts or | ||
375 | 735 | user.in_admin) | ||
376 | 673 | 736 | ||
377 | 674 | 737 | ||
378 | 675 | class EditTranslationsPersonByPerson(AuthorizationBase): | 738 | class EditTranslationsPersonByPerson(AuthorizationBase): |
379 | 739 | |||
380 | 676 | permission = 'launchpad.Edit' | 740 | permission = 'launchpad.Edit' |
381 | 677 | usedfor = ITranslationsPerson | 741 | usedfor = ITranslationsPerson |
382 | 678 | 742 | ||
383 | @@ -682,6 +746,7 @@ | |||
384 | 682 | 746 | ||
385 | 683 | 747 | ||
386 | 684 | class ViewPersonLocation(AuthorizationBase): | 748 | class ViewPersonLocation(AuthorizationBase): |
387 | 749 | |||
388 | 685 | permission = 'launchpad.View' | 750 | permission = 'launchpad.View' |
389 | 686 | usedfor = IPersonLocation | 751 | usedfor = IPersonLocation |
390 | 687 | 752 | ||
391 | @@ -696,6 +761,7 @@ | |||
392 | 696 | 761 | ||
393 | 697 | 762 | ||
394 | 698 | class EditPersonBySelf(AuthorizationBase): | 763 | class EditPersonBySelf(AuthorizationBase): |
395 | 764 | |||
396 | 699 | permission = 'launchpad.Special' | 765 | permission = 'launchpad.Special' |
397 | 700 | usedfor = IPerson | 766 | usedfor = IPerson |
398 | 701 | 767 | ||
399 | @@ -710,6 +776,7 @@ | |||
400 | 710 | Only members of a team with a private membership can view the | 776 | Only members of a team with a private membership can view the |
401 | 711 | membership list. | 777 | membership list. |
402 | 712 | """ | 778 | """ |
403 | 779 | |||
404 | 713 | permission = 'launchpad.View' | 780 | permission = 'launchpad.View' |
405 | 714 | usedfor = IPerson | 781 | usedfor = IPerson |
406 | 715 | 782 | ||
407 | @@ -740,17 +807,20 @@ | |||
408 | 740 | 807 | ||
409 | 741 | class EditPollByTeamOwnerOrTeamAdminsOrAdmins( | 808 | class EditPollByTeamOwnerOrTeamAdminsOrAdmins( |
410 | 742 | EditTeamMembershipByTeamOwnerOrTeamAdminsOrAdmins): | 809 | EditTeamMembershipByTeamOwnerOrTeamAdminsOrAdmins): |
411 | 810 | |||
412 | 743 | permission = 'launchpad.Edit' | 811 | permission = 'launchpad.Edit' |
413 | 744 | usedfor = IPoll | 812 | usedfor = IPoll |
414 | 745 | 813 | ||
415 | 746 | 814 | ||
416 | 747 | class EditPollSubsetByTeamOwnerOrTeamAdminsOrAdmins( | 815 | class EditPollSubsetByTeamOwnerOrTeamAdminsOrAdmins( |
417 | 748 | EditPollByTeamOwnerOrTeamAdminsOrAdmins): | 816 | EditPollByTeamOwnerOrTeamAdminsOrAdmins): |
418 | 817 | |||
419 | 749 | permission = 'launchpad.Edit' | 818 | permission = 'launchpad.Edit' |
420 | 750 | usedfor = IPollSubset | 819 | usedfor = IPollSubset |
421 | 751 | 820 | ||
422 | 752 | 821 | ||
423 | 753 | class EditPollOptionByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): | 822 | class EditPollOptionByTeamOwnerOrTeamAdminsOrAdmins(AuthorizationBase): |
424 | 823 | |||
425 | 754 | permission = 'launchpad.Edit' | 824 | permission = 'launchpad.Edit' |
426 | 755 | usedfor = IPollOption | 825 | usedfor = IPollOption |
427 | 756 | 826 | ||
428 | @@ -762,21 +832,21 @@ | |||
429 | 762 | """Soyuz involves huge chunks of data in the archive and librarian, | 832 | """Soyuz involves huge chunks of data in the archive and librarian, |
430 | 763 | so for the moment we are locking down admin and edit on distributions | 833 | so for the moment we are locking down admin and edit on distributions |
431 | 764 | and distroseriess to the Launchpad admin team.""" | 834 | and distroseriess to the Launchpad admin team.""" |
432 | 835 | |||
433 | 765 | permission = 'launchpad.Admin' | 836 | permission = 'launchpad.Admin' |
434 | 766 | usedfor = IDistribution | 837 | usedfor = IDistribution |
435 | 767 | 838 | ||
436 | 768 | 839 | ||
438 | 769 | class EditDistributionByDistroOwnersOrAdmins(AuthorizationBase): | 840 | class EditDistributionByOwnersRegistryExpertsOrAdmins( |
439 | 841 | EditByOwnersRegistryExpertsOrAdmins): | ||
440 | 770 | """The owner of a distribution should be able to edit its | 842 | """The owner of a distribution should be able to edit its |
441 | 771 | information; it is mainly administrative data, such as bug | 843 | information; it is mainly administrative data, such as bug |
442 | 772 | contacts. Note that creation of new distributions and distribution | 844 | contacts. Note that creation of new distributions and distribution |
443 | 773 | series is still protected with launchpad.Admin""" | 845 | series is still protected with launchpad.Admin""" |
444 | 846 | |||
445 | 774 | permission = 'launchpad.Edit' | 847 | permission = 'launchpad.Edit' |
446 | 775 | usedfor = IDistribution | 848 | usedfor = IDistribution |
447 | 776 | 849 | ||
448 | 777 | def checkAuthenticated(self, user): | ||
449 | 778 | return user.isOwner(self.obj) or user.in_admin | ||
450 | 779 | |||
451 | 780 | 850 | ||
452 | 781 | class AppendDistributionByDriversOrOwnersOrAdmins(AuthorizationBase): | 851 | class AppendDistributionByDriversOrOwnersOrAdmins(AuthorizationBase): |
453 | 782 | """Distribution drivers, owners, and admins may plan releases. | 852 | """Distribution drivers, owners, and admins may plan releases. |
454 | @@ -784,6 +854,7 @@ | |||
455 | 784 | Drivers of `IDerivativeDistribution`s can create series. Owners and | 854 | Drivers of `IDerivativeDistribution`s can create series. Owners and |
456 | 785 | admins can create series for all `IDistribution`s. | 855 | admins can create series for all `IDistribution`s. |
457 | 786 | """ | 856 | """ |
458 | 857 | |||
459 | 787 | permission = 'launchpad.Append' | 858 | permission = 'launchpad.Append' |
460 | 788 | usedfor = IDistribution | 859 | usedfor = IDistribution |
461 | 789 | 860 | ||
462 | @@ -798,6 +869,7 @@ | |||
463 | 798 | class EditDistributionSourcePackageByDistroOwnersOrAdmins(AuthorizationBase): | 869 | class EditDistributionSourcePackageByDistroOwnersOrAdmins(AuthorizationBase): |
464 | 799 | """The owner of a distribution should be able to edit its source | 870 | """The owner of a distribution should be able to edit its source |
465 | 800 | package information""" | 871 | package information""" |
466 | 872 | |||
467 | 801 | permission = 'launchpad.Edit' | 873 | permission = 'launchpad.Edit' |
468 | 802 | usedfor = IDistributionSourcePackage | 874 | usedfor = IDistributionSourcePackage |
469 | 803 | 875 | ||
470 | @@ -816,6 +888,7 @@ | |||
471 | 816 | files moved to the new namespace, and mirrors would get very very | 888 | files moved to the new namespace, and mirrors would get very very |
472 | 817 | upset. Then James T would be on your case. | 889 | upset. Then James T would be on your case. |
473 | 818 | """ | 890 | """ |
474 | 891 | |||
475 | 819 | permission = 'launchpad.Admin' | 892 | permission = 'launchpad.Admin' |
476 | 820 | usedfor = IDistroSeries | 893 | usedfor = IDistroSeries |
477 | 821 | 894 | ||
478 | @@ -828,6 +901,7 @@ | |||
479 | 828 | please consult with Kiko and MDZ on the mailing list before modifying | 901 | please consult with Kiko and MDZ on the mailing list before modifying |
480 | 829 | these permissions. | 902 | these permissions. |
481 | 830 | """ | 903 | """ |
482 | 904 | |||
483 | 831 | permission = 'launchpad.Edit' | 905 | permission = 'launchpad.Edit' |
484 | 832 | usedfor = IDistroSeries | 906 | usedfor = IDistroSeries |
485 | 833 | 907 | ||
486 | @@ -844,11 +918,13 @@ | |||
487 | 844 | 918 | ||
488 | 845 | class ViewDistroSeries(AnonymousAuthorization): | 919 | class ViewDistroSeries(AnonymousAuthorization): |
489 | 846 | """Anyone can view a DistroSeries.""" | 920 | """Anyone can view a DistroSeries.""" |
490 | 921 | |||
491 | 847 | usedfor = IDistroSeries | 922 | usedfor = IDistroSeries |
492 | 848 | 923 | ||
493 | 849 | 924 | ||
494 | 850 | class ViewCountry(AnonymousAuthorization): | 925 | class ViewCountry(AnonymousAuthorization): |
495 | 851 | """Anyone can view a Country.""" | 926 | """Anyone can view a Country.""" |
496 | 927 | |||
497 | 852 | usedfor = ICountry | 928 | usedfor = ICountry |
498 | 853 | 929 | ||
499 | 854 | 930 | ||
500 | @@ -858,6 +934,7 @@ | |||
501 | 858 | Drivers exist for distribution and product series. Distribution and | 934 | Drivers exist for distribution and product series. Distribution and |
502 | 859 | product owners are implicitly drivers too. | 935 | product owners are implicitly drivers too. |
503 | 860 | """ | 936 | """ |
504 | 937 | |||
505 | 861 | permission = 'launchpad.Driver' | 938 | permission = 'launchpad.Driver' |
506 | 862 | usedfor = IHasDrivers | 939 | usedfor = IHasDrivers |
507 | 863 | 940 | ||
508 | @@ -873,6 +950,7 @@ | |||
509 | 873 | 950 | ||
510 | 874 | 951 | ||
511 | 875 | class EditProductSeries(EditByOwnersOrAdmins): | 952 | class EditProductSeries(EditByOwnersOrAdmins): |
512 | 953 | |||
513 | 876 | usedfor = IProductSeries | 954 | usedfor = IProductSeries |
514 | 877 | 955 | ||
515 | 878 | def checkAuthenticated(self, user): | 956 | def checkAuthenticated(self, user): |
516 | @@ -898,6 +976,7 @@ | |||
517 | 898 | bugs. Allow only explicit subscribers to edit objects linked to | 976 | bugs. Allow only explicit subscribers to edit objects linked to |
518 | 899 | private bugs. | 977 | private bugs. |
519 | 900 | """ | 978 | """ |
520 | 979 | |||
521 | 901 | permission = 'launchpad.Edit' | 980 | permission = 'launchpad.Edit' |
522 | 902 | usedfor = IHasBug | 981 | usedfor = IHasBug |
523 | 903 | 982 | ||
524 | @@ -923,6 +1002,7 @@ | |||
525 | 923 | 1002 | ||
526 | 924 | 1003 | ||
527 | 925 | class PublicToAllOrPrivateToExplicitSubscribersForBugTask(AuthorizationBase): | 1004 | class PublicToAllOrPrivateToExplicitSubscribersForBugTask(AuthorizationBase): |
528 | 1005 | |||
529 | 926 | permission = 'launchpad.View' | 1006 | permission = 'launchpad.View' |
530 | 927 | usedfor = IHasBug | 1007 | usedfor = IHasBug |
531 | 928 | 1008 | ||
532 | @@ -936,6 +1016,7 @@ | |||
533 | 936 | 1016 | ||
534 | 937 | class EditPublicByLoggedInUserAndPrivateByExplicitSubscribers( | 1017 | class EditPublicByLoggedInUserAndPrivateByExplicitSubscribers( |
535 | 938 | AuthorizationBase): | 1018 | AuthorizationBase): |
536 | 1019 | |||
537 | 939 | permission = 'launchpad.Edit' | 1020 | permission = 'launchpad.Edit' |
538 | 940 | usedfor = IBug | 1021 | usedfor = IBug |
539 | 941 | 1022 | ||
540 | @@ -963,6 +1044,7 @@ | |||
541 | 963 | 1044 | ||
542 | 964 | 1045 | ||
543 | 965 | class PublicToAllOrPrivateToExplicitSubscribersForBug(AuthorizationBase): | 1046 | class PublicToAllOrPrivateToExplicitSubscribersForBug(AuthorizationBase): |
544 | 1047 | |||
545 | 966 | permission = 'launchpad.View' | 1048 | permission = 'launchpad.View' |
546 | 967 | usedfor = IBug | 1049 | usedfor = IBug |
547 | 968 | 1050 | ||
548 | @@ -978,6 +1060,7 @@ | |||
549 | 978 | 1060 | ||
550 | 979 | 1061 | ||
551 | 980 | class EditBugBranch(EditPublicByLoggedInUserAndPrivateByExplicitSubscribers): | 1062 | class EditBugBranch(EditPublicByLoggedInUserAndPrivateByExplicitSubscribers): |
552 | 1063 | |||
553 | 981 | permission = 'launchpad.Edit' | 1064 | permission = 'launchpad.Edit' |
554 | 982 | usedfor = IBugBranch | 1065 | usedfor = IBugBranch |
555 | 983 | 1066 | ||
556 | @@ -994,6 +1077,7 @@ | |||
557 | 994 | If the user is authorized to view the bug, he's allowed to view the | 1077 | If the user is authorized to view the bug, he's allowed to view the |
558 | 995 | attachment. | 1078 | attachment. |
559 | 996 | """ | 1079 | """ |
560 | 1080 | |||
561 | 997 | permission = 'launchpad.View' | 1081 | permission = 'launchpad.View' |
562 | 998 | usedfor = IBugAttachment | 1082 | usedfor = IBugAttachment |
563 | 999 | 1083 | ||
564 | @@ -1009,6 +1093,7 @@ | |||
565 | 1009 | If the user is authorized to view the bug, he's allowed to edit the | 1093 | If the user is authorized to view the bug, he's allowed to edit the |
566 | 1010 | attachment. | 1094 | attachment. |
567 | 1011 | """ | 1095 | """ |
568 | 1096 | |||
569 | 1012 | permission = 'launchpad.Edit' | 1097 | permission = 'launchpad.Edit' |
570 | 1013 | usedfor = IBugAttachment | 1098 | usedfor = IBugAttachment |
571 | 1014 | 1099 | ||
572 | @@ -1028,6 +1113,7 @@ | |||
573 | 1028 | 1113 | ||
574 | 1029 | 1114 | ||
575 | 1030 | class ViewAnnouncement(AuthorizationBase): | 1115 | class ViewAnnouncement(AuthorizationBase): |
576 | 1116 | |||
577 | 1031 | permission = 'launchpad.View' | 1117 | permission = 'launchpad.View' |
578 | 1032 | usedfor = IAnnouncement | 1118 | usedfor = IAnnouncement |
579 | 1033 | 1119 | ||
580 | @@ -1054,6 +1140,7 @@ | |||
581 | 1054 | 1140 | ||
582 | 1055 | 1141 | ||
583 | 1056 | class EditAnnouncement(AuthorizationBase): | 1142 | class EditAnnouncement(AuthorizationBase): |
584 | 1143 | |||
585 | 1057 | permission = 'launchpad.Edit' | 1144 | permission = 'launchpad.Edit' |
586 | 1058 | usedfor = IAnnouncement | 1145 | usedfor = IAnnouncement |
587 | 1059 | 1146 | ||
588 | @@ -1067,6 +1154,7 @@ | |||
589 | 1067 | 1154 | ||
590 | 1068 | 1155 | ||
591 | 1069 | class UseApiDoc(AuthorizationBase): | 1156 | class UseApiDoc(AuthorizationBase): |
592 | 1157 | |||
593 | 1070 | permission = 'zope.app.apidoc.UseAPIDoc' | 1158 | permission = 'zope.app.apidoc.UseAPIDoc' |
594 | 1071 | usedfor = Interface | 1159 | usedfor = Interface |
595 | 1072 | 1160 | ||
596 | @@ -1096,6 +1184,7 @@ | |||
597 | 1096 | Currently, we restrict the visibility of the new code import | 1184 | Currently, we restrict the visibility of the new code import |
598 | 1097 | system to members of ~vcs-imports and Launchpad admins. | 1185 | system to members of ~vcs-imports and Launchpad admins. |
599 | 1098 | """ | 1186 | """ |
600 | 1187 | |||
601 | 1099 | permission = 'launchpad.Edit' | 1188 | permission = 'launchpad.Edit' |
602 | 1100 | usedfor = ICodeImport | 1189 | usedfor = ICodeImport |
603 | 1101 | 1190 | ||
604 | @@ -1106,6 +1195,7 @@ | |||
605 | 1106 | Currently, we restrict the visibility of the new code import | 1195 | Currently, we restrict the visibility of the new code import |
606 | 1107 | system to members of ~vcs-imports and Launchpad admins. | 1196 | system to members of ~vcs-imports and Launchpad admins. |
607 | 1108 | """ | 1197 | """ |
608 | 1198 | |||
609 | 1109 | permission = 'launchpad.View' | 1199 | permission = 'launchpad.View' |
610 | 1110 | usedfor = ICodeImportJobSet | 1200 | usedfor = ICodeImportJobSet |
611 | 1111 | 1201 | ||
612 | @@ -1116,6 +1206,7 @@ | |||
613 | 1116 | Currently, we restrict the visibility of the new code import | 1206 | Currently, we restrict the visibility of the new code import |
614 | 1117 | system to members of ~vcs-imports and Launchpad admins. | 1207 | system to members of ~vcs-imports and Launchpad admins. |
615 | 1118 | """ | 1208 | """ |
616 | 1209 | |||
617 | 1119 | permission = 'launchpad.Edit' | 1210 | permission = 'launchpad.Edit' |
618 | 1120 | usedfor = ICodeImportJobWorkflow | 1211 | usedfor = ICodeImportJobWorkflow |
619 | 1121 | 1212 | ||
620 | @@ -1125,6 +1216,7 @@ | |||
621 | 1125 | 1216 | ||
622 | 1126 | Access is restricted to members of ~bazaar-experts and Launchpad admins. | 1217 | Access is restricted to members of ~bazaar-experts and Launchpad admins. |
623 | 1127 | """ | 1218 | """ |
624 | 1219 | |||
625 | 1128 | permission = 'launchpad.Edit' | 1220 | permission = 'launchpad.Edit' |
626 | 1129 | usedfor = ICodeImportMachine | 1221 | usedfor = ICodeImportMachine |
627 | 1130 | 1222 | ||
628 | @@ -1137,6 +1229,7 @@ | |||
629 | 1137 | and limits access to Rosetta experts, Launchpad admins and distribution | 1229 | and limits access to Rosetta experts, Launchpad admins and distribution |
630 | 1138 | translation group owner. | 1230 | translation group owner. |
631 | 1139 | """ | 1231 | """ |
632 | 1232 | |||
633 | 1140 | permission = 'launchpad.TranslationsAdmin' | 1233 | permission = 'launchpad.TranslationsAdmin' |
634 | 1141 | usedfor = IDistribution | 1234 | usedfor = IDistribution |
635 | 1142 | 1235 | ||
636 | @@ -1154,12 +1247,13 @@ | |||
637 | 1154 | return True | 1247 | return True |
638 | 1155 | else: | 1248 | else: |
639 | 1156 | return (user.in_rosetta_experts or | 1249 | return (user.in_rosetta_experts or |
641 | 1157 | EditDistributionByDistroOwnersOrAdmins( | 1250 | EditByOwnersOrAdmins( |
642 | 1158 | self.obj).checkAuthenticated(user)) | 1251 | self.obj).checkAuthenticated(user)) |
643 | 1159 | 1252 | ||
644 | 1160 | 1253 | ||
645 | 1161 | class ViewPOTemplates(AnonymousAuthorization): | 1254 | class ViewPOTemplates(AnonymousAuthorization): |
646 | 1162 | """Anyone can view an IPOTemplate.""" | 1255 | """Anyone can view an IPOTemplate.""" |
647 | 1256 | |||
648 | 1163 | usedfor = IPOTemplate | 1257 | usedfor = IPOTemplate |
649 | 1164 | 1258 | ||
650 | 1165 | 1259 | ||
651 | @@ -1191,6 +1285,7 @@ | |||
652 | 1191 | 1285 | ||
653 | 1192 | 1286 | ||
654 | 1193 | class EditPOTemplateDetails(AdminPOTemplateDetails, EditByOwnersOrAdmins): | 1287 | class EditPOTemplateDetails(AdminPOTemplateDetails, EditByOwnersOrAdmins): |
655 | 1288 | |||
656 | 1194 | permission = 'launchpad.Edit' | 1289 | permission = 'launchpad.Edit' |
657 | 1195 | usedfor = IPOTemplate | 1290 | usedfor = IPOTemplate |
658 | 1196 | 1291 | ||
659 | @@ -1211,16 +1306,19 @@ | |||
660 | 1211 | # XXX: Carlos Perello Marin 2005-05-24 bug=753: | 1306 | # XXX: Carlos Perello Marin 2005-05-24 bug=753: |
661 | 1212 | # This should be using SuperSpecialPermissions when implemented. | 1307 | # This should be using SuperSpecialPermissions when implemented. |
662 | 1213 | class AddPOTemplate(OnlyRosettaExpertsAndAdmins): | 1308 | class AddPOTemplate(OnlyRosettaExpertsAndAdmins): |
663 | 1309 | |||
664 | 1214 | permission = 'launchpad.Append' | 1310 | permission = 'launchpad.Append' |
665 | 1215 | usedfor = IProductSeries | 1311 | usedfor = IProductSeries |
666 | 1216 | 1312 | ||
667 | 1217 | 1313 | ||
668 | 1218 | class ViewPOFile(AnonymousAuthorization): | 1314 | class ViewPOFile(AnonymousAuthorization): |
669 | 1219 | """Anyone can view an IPOFile.""" | 1315 | """Anyone can view an IPOFile.""" |
670 | 1316 | |||
671 | 1220 | usedfor = IPOFile | 1317 | usedfor = IPOFile |
672 | 1221 | 1318 | ||
673 | 1222 | 1319 | ||
674 | 1223 | class EditPOFileDetails(EditByOwnersOrAdmins): | 1320 | class EditPOFileDetails(EditByOwnersOrAdmins): |
675 | 1321 | |||
676 | 1224 | usedfor = IPOFile | 1322 | usedfor = IPOFile |
677 | 1225 | 1323 | ||
678 | 1226 | def checkAuthenticated(self, user): | 1324 | def checkAuthenticated(self, user): |
679 | @@ -1233,6 +1331,7 @@ | |||
680 | 1233 | 1331 | ||
681 | 1234 | 1332 | ||
682 | 1235 | class AdminTranslator(OnlyRosettaExpertsAndAdmins): | 1333 | class AdminTranslator(OnlyRosettaExpertsAndAdmins): |
683 | 1334 | |||
684 | 1236 | permission = 'launchpad.Admin' | 1335 | permission = 'launchpad.Admin' |
685 | 1237 | usedfor = ITranslator | 1336 | usedfor = ITranslator |
686 | 1238 | 1337 | ||
687 | @@ -1244,6 +1343,7 @@ | |||
688 | 1244 | 1343 | ||
689 | 1245 | 1344 | ||
690 | 1246 | class EditTranslator(OnlyRosettaExpertsAndAdmins): | 1345 | class EditTranslator(OnlyRosettaExpertsAndAdmins): |
691 | 1346 | |||
692 | 1247 | permission = 'launchpad.Edit' | 1347 | permission = 'launchpad.Edit' |
693 | 1248 | usedfor = IEditTranslator | 1348 | usedfor = IEditTranslator |
694 | 1249 | 1349 | ||
695 | @@ -1256,6 +1356,7 @@ | |||
696 | 1256 | 1356 | ||
697 | 1257 | 1357 | ||
698 | 1258 | class EditTranslationGroup(OnlyRosettaExpertsAndAdmins): | 1358 | class EditTranslationGroup(OnlyRosettaExpertsAndAdmins): |
699 | 1359 | |||
700 | 1259 | permission = 'launchpad.Edit' | 1360 | permission = 'launchpad.Edit' |
701 | 1260 | usedfor = ITranslationGroup | 1361 | usedfor = ITranslationGroup |
702 | 1261 | 1362 | ||
703 | @@ -1267,6 +1368,7 @@ | |||
704 | 1267 | 1368 | ||
705 | 1268 | 1369 | ||
706 | 1269 | class EditTranslationGroupSet(OnlyRosettaExpertsAndAdmins): | 1370 | class EditTranslationGroupSet(OnlyRosettaExpertsAndAdmins): |
707 | 1371 | |||
708 | 1270 | permission = 'launchpad.Admin' | 1372 | permission = 'launchpad.Admin' |
709 | 1271 | usedfor = ITranslationGroupSet | 1373 | usedfor = ITranslationGroupSet |
710 | 1272 | 1374 | ||
711 | @@ -1312,10 +1414,12 @@ | |||
712 | 1312 | 1414 | ||
713 | 1313 | class ViewBugTracker(AnonymousAuthorization): | 1415 | class ViewBugTracker(AnonymousAuthorization): |
714 | 1314 | """Anyone can view a bug tracker.""" | 1416 | """Anyone can view a bug tracker.""" |
715 | 1417 | |||
716 | 1315 | usedfor = IBugTracker | 1418 | usedfor = IBugTracker |
717 | 1316 | 1419 | ||
718 | 1317 | 1420 | ||
719 | 1318 | class EditBugTracker(AuthorizationBase): | 1421 | class EditBugTracker(AuthorizationBase): |
720 | 1422 | |||
721 | 1319 | permission = 'launchpad.Edit' | 1423 | permission = 'launchpad.Edit' |
722 | 1320 | usedfor = IBugTracker | 1424 | usedfor = IBugTracker |
723 | 1321 | 1425 | ||
724 | @@ -1325,6 +1429,7 @@ | |||
725 | 1325 | 1429 | ||
726 | 1326 | 1430 | ||
727 | 1327 | class EditProductRelease(EditByOwnersOrAdmins): | 1431 | class EditProductRelease(EditByOwnersOrAdmins): |
728 | 1432 | |||
729 | 1328 | permission = 'launchpad.Edit' | 1433 | permission = 'launchpad.Edit' |
730 | 1329 | usedfor = IProductRelease | 1434 | usedfor = IProductRelease |
731 | 1330 | 1435 | ||
732 | @@ -1344,6 +1449,7 @@ | |||
733 | 1344 | 1449 | ||
734 | 1345 | 1450 | ||
735 | 1346 | class AdminTranslationImportQueueEntry(AuthorizationBase): | 1451 | class AdminTranslationImportQueueEntry(AuthorizationBase): |
736 | 1452 | |||
737 | 1347 | permission = 'launchpad.Admin' | 1453 | permission = 'launchpad.Admin' |
738 | 1348 | usedfor = ITranslationImportQueueEntry | 1454 | usedfor = ITranslationImportQueueEntry |
739 | 1349 | 1455 | ||
740 | @@ -1352,6 +1458,7 @@ | |||
741 | 1352 | 1458 | ||
742 | 1353 | 1459 | ||
743 | 1354 | class EditTranslationImportQueueEntry(AuthorizationBase): | 1460 | class EditTranslationImportQueueEntry(AuthorizationBase): |
744 | 1461 | |||
745 | 1355 | permission = 'launchpad.Edit' | 1462 | permission = 'launchpad.Edit' |
746 | 1356 | usedfor = ITranslationImportQueueEntry | 1463 | usedfor = ITranslationImportQueueEntry |
747 | 1357 | 1464 | ||
748 | @@ -1363,11 +1470,13 @@ | |||
749 | 1363 | 1470 | ||
750 | 1364 | 1471 | ||
751 | 1365 | class AdminTranslationImportQueue(OnlyRosettaExpertsAndAdmins): | 1472 | class AdminTranslationImportQueue(OnlyRosettaExpertsAndAdmins): |
752 | 1473 | |||
753 | 1366 | permission = 'launchpad.Admin' | 1474 | permission = 'launchpad.Admin' |
754 | 1367 | usedfor = ITranslationImportQueue | 1475 | usedfor = ITranslationImportQueue |
755 | 1368 | 1476 | ||
756 | 1369 | 1477 | ||
757 | 1370 | class EditPackageUploadQueue(AdminByAdminsTeam): | 1478 | class EditPackageUploadQueue(AdminByAdminsTeam): |
758 | 1479 | |||
759 | 1371 | permission = 'launchpad.Edit' | 1480 | permission = 'launchpad.Edit' |
760 | 1372 | usedfor = IPackageUploadQueue | 1481 | usedfor = IPackageUploadQueue |
761 | 1373 | 1482 | ||
762 | @@ -1384,6 +1493,7 @@ | |||
763 | 1384 | 1493 | ||
764 | 1385 | 1494 | ||
765 | 1386 | class EditPackageUpload(AdminByAdminsTeam): | 1495 | class EditPackageUpload(AdminByAdminsTeam): |
766 | 1496 | |||
767 | 1387 | permission = 'launchpad.Edit' | 1497 | permission = 'launchpad.Edit' |
768 | 1388 | usedfor = IPackageUpload | 1498 | usedfor = IPackageUpload |
769 | 1389 | 1499 | ||
770 | @@ -1416,6 +1526,7 @@ | |||
771 | 1416 | 1526 | ||
772 | 1417 | 1527 | ||
773 | 1418 | class AdminByBuilddAdmin(AuthorizationBase): | 1528 | class AdminByBuilddAdmin(AuthorizationBase): |
774 | 1529 | |||
775 | 1419 | permission = 'launchpad.Admin' | 1530 | permission = 'launchpad.Admin' |
776 | 1420 | 1531 | ||
777 | 1421 | def checkAuthenticated(self, user): | 1532 | def checkAuthenticated(self, user): |
778 | @@ -1424,10 +1535,12 @@ | |||
779 | 1424 | 1535 | ||
780 | 1425 | 1536 | ||
781 | 1426 | class AdminBuilderSet(AdminByBuilddAdmin): | 1537 | class AdminBuilderSet(AdminByBuilddAdmin): |
782 | 1538 | |||
783 | 1427 | usedfor = IBuilderSet | 1539 | usedfor = IBuilderSet |
784 | 1428 | 1540 | ||
785 | 1429 | 1541 | ||
786 | 1430 | class AdminBuilder(AdminByBuilddAdmin): | 1542 | class AdminBuilder(AdminByBuilddAdmin): |
787 | 1543 | |||
788 | 1431 | usedfor = IBuilder | 1544 | usedfor = IBuilder |
789 | 1432 | 1545 | ||
790 | 1433 | 1546 | ||
791 | @@ -1435,20 +1548,24 @@ | |||
792 | 1435 | # in the original plan, we should grant some rights to the owners and | 1548 | # in the original plan, we should grant some rights to the owners and |
793 | 1436 | # that's what Edit is for. | 1549 | # that's what Edit is for. |
794 | 1437 | class EditBuilder(AdminByBuilddAdmin): | 1550 | class EditBuilder(AdminByBuilddAdmin): |
795 | 1551 | |||
796 | 1438 | permission = 'launchpad.Edit' | 1552 | permission = 'launchpad.Edit' |
797 | 1439 | usedfor = IBuilder | 1553 | usedfor = IBuilder |
798 | 1440 | 1554 | ||
799 | 1441 | 1555 | ||
800 | 1442 | class AdminBuildRecord(AdminByBuilddAdmin): | 1556 | class AdminBuildRecord(AdminByBuilddAdmin): |
801 | 1557 | |||
802 | 1443 | usedfor = IBuildFarmJob | 1558 | usedfor = IBuildFarmJob |
803 | 1444 | 1559 | ||
804 | 1445 | 1560 | ||
805 | 1446 | class EditBuildFarmJob(AdminByBuilddAdmin): | 1561 | class EditBuildFarmJob(AdminByBuilddAdmin): |
806 | 1562 | |||
807 | 1447 | permission = 'launchpad.Edit' | 1563 | permission = 'launchpad.Edit' |
808 | 1448 | usedfor = IBuildFarmJob | 1564 | usedfor = IBuildFarmJob |
809 | 1449 | 1565 | ||
810 | 1450 | 1566 | ||
811 | 1451 | class EditPackageBuild(EditBuildFarmJob): | 1567 | class EditPackageBuild(EditBuildFarmJob): |
812 | 1568 | |||
813 | 1452 | usedfor = IPackageBuild | 1569 | usedfor = IPackageBuild |
814 | 1453 | 1570 | ||
815 | 1454 | def checkAuthenticated(self, user): | 1571 | def checkAuthenticated(self, user): |
816 | @@ -1463,6 +1580,7 @@ | |||
817 | 1463 | user.inTeam(self.obj.archive.owner)) | 1580 | user.inTeam(self.obj.archive.owner)) |
818 | 1464 | 1581 | ||
819 | 1465 | class EditBinaryPackageBuild(EditPackageBuild): | 1582 | class EditBinaryPackageBuild(EditPackageBuild): |
820 | 1583 | |||
821 | 1466 | permission = 'launchpad.Edit' | 1584 | permission = 'launchpad.Edit' |
822 | 1467 | usedfor = IBinaryPackageBuild | 1585 | usedfor = IBinaryPackageBuild |
823 | 1468 | 1586 | ||
824 | @@ -1492,6 +1610,7 @@ | |||
825 | 1492 | 1610 | ||
826 | 1493 | 1611 | ||
827 | 1494 | class ViewBinaryPackageBuild(EditBinaryPackageBuild): | 1612 | class ViewBinaryPackageBuild(EditBinaryPackageBuild): |
828 | 1613 | |||
829 | 1495 | permission = 'launchpad.View' | 1614 | permission = 'launchpad.View' |
830 | 1496 | 1615 | ||
831 | 1497 | # This code MUST match the logic in | 1616 | # This code MUST match the logic in |
832 | @@ -1539,6 +1658,7 @@ | |||
833 | 1539 | This permission is based entirely on permission to view the | 1658 | This permission is based entirely on permission to view the |
834 | 1540 | associated `IBinaryPackageBuild` and/or `IBranch`. | 1659 | associated `IBinaryPackageBuild` and/or `IBranch`. |
835 | 1541 | """ | 1660 | """ |
836 | 1661 | |||
837 | 1542 | permission = 'launchpad.View' | 1662 | permission = 'launchpad.View' |
838 | 1543 | usedfor = IBuildFarmJobOld | 1663 | usedfor = IBuildFarmJobOld |
839 | 1544 | 1664 | ||
840 | @@ -1581,6 +1701,7 @@ | |||
841 | 1581 | 1701 | ||
842 | 1582 | 1702 | ||
843 | 1583 | class AdminQuestion(AdminByAdminsTeam): | 1703 | class AdminQuestion(AdminByAdminsTeam): |
844 | 1704 | |||
845 | 1584 | permission = 'launchpad.Admin' | 1705 | permission = 'launchpad.Admin' |
846 | 1585 | usedfor = IQuestion | 1706 | usedfor = IQuestion |
847 | 1586 | 1707 | ||
848 | @@ -1592,6 +1713,7 @@ | |||
849 | 1592 | 1713 | ||
850 | 1593 | 1714 | ||
851 | 1594 | class ModerateQuestion(AdminQuestion): | 1715 | class ModerateQuestion(AdminQuestion): |
852 | 1716 | |||
853 | 1595 | permission = 'launchpad.Moderate' | 1717 | permission = 'launchpad.Moderate' |
854 | 1596 | usedfor = IQuestion | 1718 | usedfor = IQuestion |
855 | 1597 | 1719 | ||
856 | @@ -1606,6 +1728,7 @@ | |||
857 | 1606 | 1728 | ||
858 | 1607 | 1729 | ||
859 | 1608 | class QuestionOwner(AuthorizationBase): | 1730 | class QuestionOwner(AuthorizationBase): |
860 | 1731 | |||
861 | 1609 | permission = 'launchpad.Owner' | 1732 | permission = 'launchpad.Owner' |
862 | 1610 | usedfor = IQuestion | 1733 | usedfor = IQuestion |
863 | 1611 | 1734 | ||
864 | @@ -1615,6 +1738,7 @@ | |||
865 | 1615 | 1738 | ||
866 | 1616 | 1739 | ||
867 | 1617 | class ModerateFAQTarget(EditByOwnersOrAdmins): | 1740 | class ModerateFAQTarget(EditByOwnersOrAdmins): |
868 | 1741 | |||
869 | 1618 | permission = 'launchpad.Moderate' | 1742 | permission = 'launchpad.Moderate' |
870 | 1619 | usedfor = IFAQTarget | 1743 | usedfor = IFAQTarget |
871 | 1620 | 1744 | ||
872 | @@ -1630,6 +1754,7 @@ | |||
873 | 1630 | 1754 | ||
874 | 1631 | 1755 | ||
875 | 1632 | class EditFAQ(AuthorizationBase): | 1756 | class EditFAQ(AuthorizationBase): |
876 | 1757 | |||
877 | 1633 | permission = 'launchpad.Edit' | 1758 | permission = 'launchpad.Edit' |
878 | 1634 | usedfor = IFAQ | 1759 | usedfor = IFAQ |
879 | 1635 | 1760 | ||
880 | @@ -1649,20 +1774,24 @@ | |||
881 | 1649 | 1774 | ||
882 | 1650 | class ViewLanguageSet(AnonymousAuthorization): | 1775 | class ViewLanguageSet(AnonymousAuthorization): |
883 | 1651 | """Anyone can view an ILangaugeSet.""" | 1776 | """Anyone can view an ILangaugeSet.""" |
884 | 1777 | |||
885 | 1652 | usedfor = ILanguageSet | 1778 | usedfor = ILanguageSet |
886 | 1653 | 1779 | ||
887 | 1654 | 1780 | ||
888 | 1655 | class AdminLanguageSet(OnlyRosettaExpertsAndAdmins): | 1781 | class AdminLanguageSet(OnlyRosettaExpertsAndAdmins): |
889 | 1782 | |||
890 | 1656 | permission = 'launchpad.Admin' | 1783 | permission = 'launchpad.Admin' |
891 | 1657 | usedfor = ILanguageSet | 1784 | usedfor = ILanguageSet |
892 | 1658 | 1785 | ||
893 | 1659 | 1786 | ||
894 | 1660 | class ViewLanguage(AnonymousAuthorization): | 1787 | class ViewLanguage(AnonymousAuthorization): |
895 | 1661 | """Anyone can view an ILangauge.""" | 1788 | """Anyone can view an ILangauge.""" |
896 | 1789 | |||
897 | 1662 | usedfor = ILanguage | 1790 | usedfor = ILanguage |
898 | 1663 | 1791 | ||
899 | 1664 | 1792 | ||
900 | 1665 | class AdminLanguage(OnlyRosettaExpertsAndAdmins): | 1793 | class AdminLanguage(OnlyRosettaExpertsAndAdmins): |
901 | 1794 | |||
902 | 1666 | permission = 'launchpad.Admin' | 1795 | permission = 'launchpad.Admin' |
903 | 1667 | usedfor = ILanguage | 1796 | usedfor = ILanguage |
904 | 1668 | 1797 | ||
905 | @@ -1674,6 +1803,7 @@ | |||
906 | 1674 | of the branch, they are in the team that owns the branch, subscribed to | 1803 | of the branch, they are in the team that owns the branch, subscribed to |
907 | 1675 | the branch, or a launchpad administrator. | 1804 | the branch, or a launchpad administrator. |
908 | 1676 | """ | 1805 | """ |
909 | 1806 | |||
910 | 1677 | permission = 'launchpad.View' | 1807 | permission = 'launchpad.View' |
911 | 1678 | usedfor = IBranch | 1808 | usedfor = IBranch |
912 | 1679 | 1809 | ||
913 | @@ -1686,6 +1816,7 @@ | |||
914 | 1686 | 1816 | ||
915 | 1687 | class EditBranch(AuthorizationBase): | 1817 | class EditBranch(AuthorizationBase): |
916 | 1688 | """The owner, bazaar experts or admins can edit branches.""" | 1818 | """The owner, bazaar experts or admins can edit branches.""" |
917 | 1819 | |||
918 | 1689 | permission = 'launchpad.Edit' | 1820 | permission = 'launchpad.Edit' |
919 | 1690 | usedfor = IBranch | 1821 | usedfor = IBranch |
920 | 1691 | 1822 | ||
921 | @@ -1734,6 +1865,7 @@ | |||
922 | 1734 | 1865 | ||
923 | 1735 | class AdminBranch(AuthorizationBase): | 1866 | class AdminBranch(AuthorizationBase): |
924 | 1736 | """The bazaar experts or admins can administer branches.""" | 1867 | """The bazaar experts or admins can administer branches.""" |
925 | 1868 | |||
926 | 1737 | permission = 'launchpad.Admin' | 1869 | permission = 'launchpad.Admin' |
927 | 1738 | usedfor = IBranch | 1870 | usedfor = IBranch |
928 | 1739 | 1871 | ||
929 | @@ -1743,6 +1875,7 @@ | |||
930 | 1743 | 1875 | ||
931 | 1744 | 1876 | ||
932 | 1745 | class AdminDistroSeriesTranslations(AuthorizationBase): | 1877 | class AdminDistroSeriesTranslations(AuthorizationBase): |
933 | 1878 | |||
934 | 1746 | permission = 'launchpad.TranslationsAdmin' | 1879 | permission = 'launchpad.TranslationsAdmin' |
935 | 1747 | usedfor = IDistroSeries | 1880 | usedfor = IDistroSeries |
936 | 1748 | 1881 | ||
937 | @@ -1757,6 +1890,7 @@ | |||
938 | 1757 | 1890 | ||
939 | 1758 | 1891 | ||
940 | 1759 | class BranchMergeProposalView(AuthorizationBase): | 1892 | class BranchMergeProposalView(AuthorizationBase): |
941 | 1893 | |||
942 | 1760 | permission = 'launchpad.View' | 1894 | permission = 'launchpad.View' |
943 | 1761 | usedfor = IBranchMergeProposal | 1895 | usedfor = IBranchMergeProposal |
944 | 1762 | 1896 | ||
945 | @@ -1781,6 +1915,7 @@ | |||
946 | 1781 | 1915 | ||
947 | 1782 | 1916 | ||
948 | 1783 | class PreviewDiffView(AuthorizationBase): | 1917 | class PreviewDiffView(AuthorizationBase): |
949 | 1918 | |||
950 | 1784 | permission = 'launchpad.View' | 1919 | permission = 'launchpad.View' |
951 | 1785 | usedfor = IPreviewDiff | 1920 | usedfor = IPreviewDiff |
952 | 1786 | 1921 | ||
953 | @@ -1804,6 +1939,7 @@ | |||
954 | 1804 | 1939 | ||
955 | 1805 | 1940 | ||
956 | 1806 | class CodeReviewVoteReferenceEdit(AuthorizationBase): | 1941 | class CodeReviewVoteReferenceEdit(AuthorizationBase): |
957 | 1942 | |||
958 | 1807 | permission = 'launchpad.Edit' | 1943 | permission = 'launchpad.Edit' |
959 | 1808 | usedfor = ICodeReviewVoteReference | 1944 | usedfor = ICodeReviewVoteReference |
960 | 1809 | 1945 | ||
961 | @@ -1825,6 +1961,7 @@ | |||
962 | 1825 | 1961 | ||
963 | 1826 | 1962 | ||
964 | 1827 | class CodeReviewCommentView(AuthorizationBase): | 1963 | class CodeReviewCommentView(AuthorizationBase): |
965 | 1964 | |||
966 | 1828 | permission = 'launchpad.View' | 1965 | permission = 'launchpad.View' |
967 | 1829 | usedfor = ICodeReviewComment | 1966 | usedfor = ICodeReviewComment |
968 | 1830 | 1967 | ||
969 | @@ -1848,6 +1985,7 @@ | |||
970 | 1848 | 1985 | ||
971 | 1849 | 1986 | ||
972 | 1850 | class CodeReviewCommentDelete(AuthorizationBase): | 1987 | class CodeReviewCommentDelete(AuthorizationBase): |
973 | 1988 | |||
974 | 1851 | permission = 'launchpad.Edit' | 1989 | permission = 'launchpad.Edit' |
975 | 1852 | usedfor = ICodeReviewCommentDeletion | 1990 | usedfor = ICodeReviewCommentDeletion |
976 | 1853 | 1991 | ||
977 | @@ -1871,6 +2009,7 @@ | |||
978 | 1871 | 2009 | ||
979 | 1872 | 2010 | ||
980 | 1873 | class BranchMergeProposalEdit(AuthorizationBase): | 2011 | class BranchMergeProposalEdit(AuthorizationBase): |
981 | 2012 | |||
982 | 1874 | permission = 'launchpad.Edit' | 2013 | permission = 'launchpad.Edit' |
983 | 1875 | usedfor = IBranchMergeProposal | 2014 | usedfor = IBranchMergeProposal |
984 | 1876 | 2015 | ||
985 | @@ -1896,6 +2035,7 @@ | |||
986 | 1896 | Allow the owner of the entitlement, the entitlement registrant, | 2035 | Allow the owner of the entitlement, the entitlement registrant, |
987 | 1897 | or any member of the team or any admin to view the entitlement. | 2036 | or any member of the team or any admin to view the entitlement. |
988 | 1898 | """ | 2037 | """ |
989 | 2038 | |||
990 | 1899 | permission = 'launchpad.View' | 2039 | permission = 'launchpad.View' |
991 | 1900 | usedfor = IEntitlement | 2040 | usedfor = IEntitlement |
992 | 1901 | 2041 | ||
993 | @@ -1913,6 +2053,7 @@ | |||
994 | 1913 | class AdminDistroSeriesLanguagePacks( | 2053 | class AdminDistroSeriesLanguagePacks( |
995 | 1914 | OnlyRosettaExpertsAndAdmins, | 2054 | OnlyRosettaExpertsAndAdmins, |
996 | 1915 | EditDistroSeriesByOwnersOrDistroOwnersOrAdmins): | 2055 | EditDistroSeriesByOwnersOrDistroOwnersOrAdmins): |
997 | 2056 | |||
998 | 1916 | permission = 'launchpad.LanguagePacksAdmin' | 2057 | permission = 'launchpad.LanguagePacksAdmin' |
999 | 1917 | usedfor = IDistroSeries | 2058 | usedfor = IDistroSeries |
1000 | 1918 | 2059 | ||
1001 | @@ -1931,11 +2072,13 @@ | |||
1002 | 1931 | 2072 | ||
1003 | 1932 | 2073 | ||
1004 | 1933 | class AdminLanguagePack(OnlyRosettaExpertsAndAdmins): | 2074 | class AdminLanguagePack(OnlyRosettaExpertsAndAdmins): |
1005 | 2075 | |||
1006 | 1934 | permission = 'launchpad.LanguagePacksAdmin' | 2076 | permission = 'launchpad.LanguagePacksAdmin' |
1007 | 1935 | usedfor = ILanguagePack | 2077 | usedfor = ILanguagePack |
1008 | 1936 | 2078 | ||
1009 | 1937 | 2079 | ||
1010 | 1938 | class ViewHWSubmission(AuthorizationBase): | 2080 | class ViewHWSubmission(AuthorizationBase): |
1011 | 2081 | |||
1012 | 1939 | permission = 'launchpad.View' | 2082 | permission = 'launchpad.View' |
1013 | 1940 | usedfor = IHWSubmission | 2083 | usedfor = IHWSubmission |
1014 | 1941 | 2084 | ||
1015 | @@ -1956,6 +2099,7 @@ | |||
1016 | 1956 | 2099 | ||
1017 | 1957 | 2100 | ||
1018 | 1958 | class EditHWSubmission(AdminByAdminsTeam): | 2101 | class EditHWSubmission(AdminByAdminsTeam): |
1019 | 2102 | |||
1020 | 1959 | permission = 'launchpad.Edit' | 2103 | permission = 'launchpad.Edit' |
1021 | 1960 | usedfor = IHWSubmission | 2104 | usedfor = IHWSubmission |
1022 | 1961 | 2105 | ||
1023 | @@ -1963,6 +2107,7 @@ | |||
1024 | 1963 | class ViewHWDBBase(AuthorizationBase): | 2107 | class ViewHWDBBase(AuthorizationBase): |
1025 | 1964 | """Base class to restrict access to HWDB data to members of the HWDB team. | 2108 | """Base class to restrict access to HWDB data to members of the HWDB team. |
1026 | 1965 | """ | 2109 | """ |
1027 | 2110 | |||
1028 | 1966 | permission = 'launchpad.View' | 2111 | permission = 'launchpad.View' |
1029 | 1967 | 2112 | ||
1030 | 1968 | def checkAuthenticated(self, user): | 2113 | def checkAuthenticated(self, user): |
1031 | @@ -1975,34 +2120,42 @@ | |||
1032 | 1975 | 2120 | ||
1033 | 1976 | 2121 | ||
1034 | 1977 | class ViewHWDriver(ViewHWDBBase): | 2122 | class ViewHWDriver(ViewHWDBBase): |
1035 | 2123 | |||
1036 | 1978 | usedfor = IHWDriver | 2124 | usedfor = IHWDriver |
1037 | 1979 | 2125 | ||
1038 | 1980 | 2126 | ||
1039 | 1981 | class ViewHWDriverName(ViewHWDBBase): | 2127 | class ViewHWDriverName(ViewHWDBBase): |
1040 | 2128 | |||
1041 | 1982 | usedfor = IHWDriverName | 2129 | usedfor = IHWDriverName |
1042 | 1983 | 2130 | ||
1043 | 1984 | 2131 | ||
1044 | 1985 | class ViewHWDriverPackageName(ViewHWDBBase): | 2132 | class ViewHWDriverPackageName(ViewHWDBBase): |
1045 | 2133 | |||
1046 | 1986 | usedfor = IHWDriverPackageName | 2134 | usedfor = IHWDriverPackageName |
1047 | 1987 | 2135 | ||
1048 | 1988 | 2136 | ||
1049 | 1989 | class ViewHWVendorID(ViewHWDBBase): | 2137 | class ViewHWVendorID(ViewHWDBBase): |
1050 | 2138 | |||
1051 | 1990 | usedfor = IHWVendorID | 2139 | usedfor = IHWVendorID |
1052 | 1991 | 2140 | ||
1053 | 1992 | 2141 | ||
1054 | 1993 | class ViewHWDevice(ViewHWDBBase): | 2142 | class ViewHWDevice(ViewHWDBBase): |
1055 | 2143 | |||
1056 | 1994 | usedfor = IHWDevice | 2144 | usedfor = IHWDevice |
1057 | 1995 | 2145 | ||
1058 | 1996 | 2146 | ||
1059 | 1997 | class ViewHWSubmissionDevice(ViewHWDBBase): | 2147 | class ViewHWSubmissionDevice(ViewHWDBBase): |
1060 | 2148 | |||
1061 | 1998 | usedfor = IHWSubmissionDevice | 2149 | usedfor = IHWSubmissionDevice |
1062 | 1999 | 2150 | ||
1063 | 2000 | 2151 | ||
1064 | 2001 | class ViewHWDBApplication(ViewHWDBBase): | 2152 | class ViewHWDBApplication(ViewHWDBBase): |
1065 | 2153 | |||
1066 | 2002 | usedfor = IHWDBApplication | 2154 | usedfor = IHWDBApplication |
1067 | 2003 | 2155 | ||
1068 | 2004 | 2156 | ||
1069 | 2005 | class ViewHWDeviceClass(ViewHWDBBase): | 2157 | class ViewHWDeviceClass(ViewHWDBBase): |
1070 | 2158 | |||
1071 | 2006 | usedfor = IHWDeviceClass | 2159 | usedfor = IHWDeviceClass |
1072 | 2007 | 2160 | ||
1073 | 2008 | 2161 | ||
1074 | @@ -2012,6 +2165,7 @@ | |||
1075 | 2012 | Only admins or members of a team with a private membership can | 2165 | Only admins or members of a team with a private membership can |
1076 | 2013 | view the archive. | 2166 | view the archive. |
1077 | 2014 | """ | 2167 | """ |
1078 | 2168 | |||
1079 | 2015 | permission = 'launchpad.View' | 2169 | permission = 'launchpad.View' |
1080 | 2016 | usedfor = IArchive | 2170 | usedfor = IArchive |
1081 | 2017 | 2171 | ||
1082 | @@ -2059,6 +2213,7 @@ | |||
1083 | 2059 | Appending to ubuntu main archives can also be done by the | 2213 | Appending to ubuntu main archives can also be done by the |
1084 | 2060 | 'ubuntu-security' celebrity. | 2214 | 'ubuntu-security' celebrity. |
1085 | 2061 | """ | 2215 | """ |
1086 | 2216 | |||
1087 | 2062 | permission = 'launchpad.Append' | 2217 | permission = 'launchpad.Append' |
1088 | 2063 | usedfor = IArchive | 2218 | usedfor = IArchive |
1089 | 2064 | 2219 | ||
1090 | @@ -2087,6 +2242,7 @@ | |||
1091 | 2087 | The user just needs to be mentioned in the token, have append privilege | 2242 | The user just needs to be mentioned in the token, have append privilege |
1092 | 2088 | to the archive or be an admin. | 2243 | to the archive or be an admin. |
1093 | 2089 | """ | 2244 | """ |
1094 | 2245 | |||
1095 | 2090 | permission = "launchpad.View" | 2246 | permission = "launchpad.View" |
1096 | 2091 | usedfor = IArchiveAuthToken | 2247 | usedfor = IArchiveAuthToken |
1097 | 2092 | 2248 | ||
1098 | @@ -2103,6 +2259,7 @@ | |||
1099 | 2103 | The user should have append privileges to the context archive, or be an | 2259 | The user should have append privileges to the context archive, or be an |
1100 | 2104 | admin. | 2260 | admin. |
1101 | 2105 | """ | 2261 | """ |
1102 | 2262 | |||
1103 | 2106 | permission = "launchpad.Edit" | 2263 | permission = "launchpad.Edit" |
1104 | 2107 | usedfor = IArchiveAuthToken | 2264 | usedfor = IArchiveAuthToken |
1105 | 2108 | 2265 | ||
1106 | @@ -2119,6 +2276,7 @@ | |||
1107 | 2119 | The user should be the subscriber, have append privilege to the archive | 2276 | The user should be the subscriber, have append privilege to the archive |
1108 | 2120 | or be an admin. | 2277 | or be an admin. |
1109 | 2121 | """ | 2278 | """ |
1110 | 2279 | |||
1111 | 2122 | permission = "launchpad.View" | 2280 | permission = "launchpad.View" |
1112 | 2123 | usedfor = IPersonalArchiveSubscription | 2281 | usedfor = IPersonalArchiveSubscription |
1113 | 2124 | 2282 | ||
1114 | @@ -2139,6 +2297,7 @@ | |||
1115 | 2139 | The user should be the subscriber, have append privilege to the | 2297 | The user should be the subscriber, have append privilege to the |
1116 | 2140 | archive or be an admin. | 2298 | archive or be an admin. |
1117 | 2141 | """ | 2299 | """ |
1118 | 2300 | |||
1119 | 2142 | permission = "launchpad.View" | 2301 | permission = "launchpad.View" |
1120 | 2143 | usedfor = IArchiveSubscriber | 2302 | usedfor = IArchiveSubscriber |
1121 | 2144 | 2303 | ||
1122 | @@ -2154,6 +2313,7 @@ | |||
1123 | 2154 | 2313 | ||
1124 | 2155 | The user should have append privilege to the archive or be an admin. | 2314 | The user should have append privilege to the archive or be an admin. |
1125 | 2156 | """ | 2315 | """ |
1126 | 2316 | |||
1127 | 2157 | permission = "launchpad.Edit" | 2317 | permission = "launchpad.Edit" |
1128 | 2158 | usedfor = IArchiveSubscriber | 2318 | usedfor = IArchiveSubscriber |
1129 | 2159 | 2319 | ||
1130 | @@ -2212,6 +2372,7 @@ | |||
1131 | 2212 | 2372 | ||
1132 | 2213 | class ViewSourcePackagePublishingHistory(ViewArchive): | 2373 | class ViewSourcePackagePublishingHistory(ViewArchive): |
1133 | 2214 | """Restrict viewing of source publications.""" | 2374 | """Restrict viewing of source publications.""" |
1134 | 2375 | |||
1135 | 2215 | permission = "launchpad.View" | 2376 | permission = "launchpad.View" |
1136 | 2216 | usedfor = ISourcePackagePublishingHistory | 2377 | usedfor = ISourcePackagePublishingHistory |
1137 | 2217 | 2378 | ||
1138 | @@ -2221,6 +2382,7 @@ | |||
1139 | 2221 | 2382 | ||
1140 | 2222 | class EditPublishing(AuthorizationBase): | 2383 | class EditPublishing(AuthorizationBase): |
1141 | 2223 | """Restrict editing of source and binary packages..""" | 2384 | """Restrict editing of source and binary packages..""" |
1142 | 2385 | |||
1143 | 2224 | permission = "launchpad.Edit" | 2386 | permission = "launchpad.Edit" |
1144 | 2225 | usedfor = IPublishingEdit | 2387 | usedfor = IPublishingEdit |
1145 | 2226 | 2388 | ||
1146 | @@ -2230,12 +2392,14 @@ | |||
1147 | 2230 | 2392 | ||
1148 | 2231 | class ViewBinaryPackagePublishingHistory(ViewSourcePackagePublishingHistory): | 2393 | class ViewBinaryPackagePublishingHistory(ViewSourcePackagePublishingHistory): |
1149 | 2232 | """Restrict viewing of binary publications.""" | 2394 | """Restrict viewing of binary publications.""" |
1150 | 2395 | |||
1151 | 2233 | usedfor = IBinaryPackagePublishingHistory | 2396 | usedfor = IBinaryPackagePublishingHistory |
1152 | 2234 | 2397 | ||
1153 | 2235 | 2398 | ||
1154 | 2236 | class ViewBinaryPackageReleaseDownloadCount( | 2399 | class ViewBinaryPackageReleaseDownloadCount( |
1155 | 2237 | ViewSourcePackagePublishingHistory): | 2400 | ViewSourcePackagePublishingHistory): |
1156 | 2238 | """Restrict viewing of binary package download counts.""" | 2401 | """Restrict viewing of binary package download counts.""" |
1157 | 2402 | |||
1158 | 2239 | usedfor = IBinaryPackageReleaseDownloadCount | 2403 | usedfor = IBinaryPackageReleaseDownloadCount |
1159 | 2240 | 2404 | ||
1160 | 2241 | 2405 | ||
1161 | @@ -2249,6 +2413,7 @@ | |||
1162 | 2249 | automatically viewable even if the package is also published in | 2413 | automatically viewable even if the package is also published in |
1163 | 2250 | a private archive. | 2414 | a private archive. |
1164 | 2251 | """ | 2415 | """ |
1165 | 2416 | |||
1166 | 2252 | permission = 'launchpad.View' | 2417 | permission = 'launchpad.View' |
1167 | 2253 | usedfor = ISourcePackageRelease | 2418 | usedfor = ISourcePackageRelease |
1168 | 2254 | 2419 | ||
1169 | @@ -2273,6 +2438,7 @@ | |||
1170 | 2273 | 2438 | ||
1171 | 2274 | 2439 | ||
1172 | 2275 | class MailingListApprovalByExperts(AuthorizationBase): | 2440 | class MailingListApprovalByExperts(AuthorizationBase): |
1173 | 2441 | |||
1174 | 2276 | permission = 'launchpad.Admin' | 2442 | permission = 'launchpad.Admin' |
1175 | 2277 | usedfor = IMailingListSet | 2443 | usedfor = IMailingListSet |
1176 | 2278 | 2444 | ||
1177 | @@ -2281,6 +2447,7 @@ | |||
1178 | 2281 | 2447 | ||
1179 | 2282 | 2448 | ||
1180 | 2283 | class ConfigureTeamMailingList(AuthorizationBase): | 2449 | class ConfigureTeamMailingList(AuthorizationBase): |
1181 | 2450 | |||
1182 | 2284 | permission = 'launchpad.MailingListManager' | 2451 | permission = 'launchpad.MailingListManager' |
1183 | 2285 | usedfor = ITeam | 2452 | usedfor = ITeam |
1184 | 2286 | 2453 | ||
1185 | @@ -2305,6 +2472,7 @@ | |||
1186 | 2305 | 2472 | ||
1187 | 2306 | 2473 | ||
1188 | 2307 | class ViewEmailAddress(AuthorizationBase): | 2474 | class ViewEmailAddress(AuthorizationBase): |
1189 | 2475 | |||
1190 | 2308 | permission = 'launchpad.View' | 2476 | permission = 'launchpad.View' |
1191 | 2309 | usedfor = IEmailAddress | 2477 | usedfor = IEmailAddress |
1192 | 2310 | 2478 | ||
1193 | @@ -2342,6 +2510,7 @@ | |||
1194 | 2342 | 2510 | ||
1195 | 2343 | 2511 | ||
1196 | 2344 | class EditEmailAddress(EditByOwnersOrAdmins): | 2512 | class EditEmailAddress(EditByOwnersOrAdmins): |
1197 | 2513 | |||
1198 | 2345 | permission = 'launchpad.Edit' | 2514 | permission = 'launchpad.Edit' |
1199 | 2346 | usedfor = IEmailAddress | 2515 | usedfor = IEmailAddress |
1200 | 2347 | 2516 | ||
1201 | @@ -2354,18 +2523,22 @@ | |||
1202 | 2354 | 2523 | ||
1203 | 2355 | 2524 | ||
1204 | 2356 | class ViewGPGKey(AnonymousAuthorization): | 2525 | class ViewGPGKey(AnonymousAuthorization): |
1205 | 2526 | |||
1206 | 2357 | usedfor = IGPGKey | 2527 | usedfor = IGPGKey |
1207 | 2358 | 2528 | ||
1208 | 2359 | 2529 | ||
1209 | 2360 | class ViewIrcID(AnonymousAuthorization): | 2530 | class ViewIrcID(AnonymousAuthorization): |
1210 | 2531 | |||
1211 | 2361 | usedfor = IIrcID | 2532 | usedfor = IIrcID |
1212 | 2362 | 2533 | ||
1213 | 2363 | 2534 | ||
1214 | 2364 | class ViewWikiName(AnonymousAuthorization): | 2535 | class ViewWikiName(AnonymousAuthorization): |
1215 | 2536 | |||
1216 | 2365 | usedfor = IWikiName | 2537 | usedfor = IWikiName |
1217 | 2366 | 2538 | ||
1218 | 2367 | 2539 | ||
1219 | 2368 | class EditArchivePermissionSet(AuthorizationBase): | 2540 | class EditArchivePermissionSet(AuthorizationBase): |
1220 | 2541 | |||
1221 | 2369 | permission = 'launchpad.Edit' | 2542 | permission = 'launchpad.Edit' |
1222 | 2370 | usedfor = IArchivePermissionSet | 2543 | usedfor = IArchivePermissionSet |
1223 | 2371 | 2544 | ||
1224 | @@ -2407,6 +2580,7 @@ | |||
1225 | 2407 | 2580 | ||
1226 | 2408 | 2581 | ||
1227 | 2409 | class EditPackageset(AuthorizationBase): | 2582 | class EditPackageset(AuthorizationBase): |
1228 | 2583 | |||
1229 | 2410 | permission = 'launchpad.Edit' | 2584 | permission = 'launchpad.Edit' |
1230 | 2411 | usedfor = IPackageset | 2585 | usedfor = IPackageset |
1231 | 2412 | 2586 | ||
1232 | @@ -2416,6 +2590,7 @@ | |||
1233 | 2416 | 2590 | ||
1234 | 2417 | 2591 | ||
1235 | 2418 | class EditPackagesetSet(AuthorizationBase): | 2592 | class EditPackagesetSet(AuthorizationBase): |
1236 | 2593 | |||
1237 | 2419 | permission = 'launchpad.Edit' | 2594 | permission = 'launchpad.Edit' |
1238 | 2420 | usedfor = IPackagesetSet | 2595 | usedfor = IPackagesetSet |
1239 | 2421 | 2596 | ||
1240 | 2422 | 2597 | ||
1241 | === added file 'lib/lp/registry/browser/tests/test_edit_permissions.py' | |||
1242 | --- lib/lp/registry/browser/tests/test_edit_permissions.py 1970-01-01 00:00:00 +0000 | |||
1243 | +++ lib/lp/registry/browser/tests/test_edit_permissions.py 2010-06-08 13:20:48 +0000 | |||
1244 | @@ -0,0 +1,97 @@ | |||
1245 | 1 | # Copyright 2010 Canonical Ltd. This software is licensed under the | ||
1246 | 2 | # GNU Affero General Public License version 3 (see the file LICENSE). | ||
1247 | 3 | |||
1248 | 4 | """Test harness for edit view permissions unit tests.""" | ||
1249 | 5 | |||
1250 | 6 | __metaclass__ = type | ||
1251 | 7 | |||
1252 | 8 | |||
1253 | 9 | import unittest | ||
1254 | 10 | |||
1255 | 11 | from zope.component import getUtility | ||
1256 | 12 | from canonical.testing.layers import DatabaseFunctionalLayer | ||
1257 | 13 | from canonical.launchpad.ftests import ANONYMOUS, login, login_person | ||
1258 | 14 | from canonical.launchpad.interfaces.launchpad import ILaunchpadCelebrities | ||
1259 | 15 | from canonical.launchpad.webapp.authorization import check_permission | ||
1260 | 16 | from canonical.launchpad.webapp.servers import LaunchpadTestRequest | ||
1261 | 17 | from lp.registry.interfaces.person import IPersonSet | ||
1262 | 18 | from lp.testing import TestCaseWithFactory | ||
1263 | 19 | from lp.testing.views import create_initialized_view | ||
1264 | 20 | |||
1265 | 21 | |||
1266 | 22 | class EditViewPermissionBase(TestCaseWithFactory): | ||
1267 | 23 | """Tests for permissions access the +edit page on the target.""" | ||
1268 | 24 | |||
1269 | 25 | layer = DatabaseFunctionalLayer | ||
1270 | 26 | |||
1271 | 27 | def setUp(self): | ||
1272 | 28 | super(EditViewPermissionBase, self).setUp() | ||
1273 | 29 | self.setupTarget() | ||
1274 | 30 | self.registry_admin = self.factory.makePerson(name='registry-admin') | ||
1275 | 31 | celebs = getUtility(ILaunchpadCelebrities) | ||
1276 | 32 | login_person(celebs.registry_experts.teamowner) | ||
1277 | 33 | celebs.registry_experts.addMember(self.registry_admin, | ||
1278 | 34 | self.registry_admin) | ||
1279 | 35 | self.request = LaunchpadTestRequest() | ||
1280 | 36 | |||
1281 | 37 | def setupTarget(self): | ||
1282 | 38 | """Set up the target context for the test suite.""" | ||
1283 | 39 | self.target = self.factory.makePerson(name='target-person') | ||
1284 | 40 | |||
1285 | 41 | def test_anon_cannot_edit(self): | ||
1286 | 42 | login(ANONYMOUS) | ||
1287 | 43 | view = create_initialized_view(self.target, '+edit') | ||
1288 | 44 | self.assertFalse(check_permission('launchpad.Edit', view)) | ||
1289 | 45 | |||
1290 | 46 | def test_arbitrary_user_cannot_edit(self): | ||
1291 | 47 | person = self.factory.makePerson(name='the-dude') | ||
1292 | 48 | login_person(person) | ||
1293 | 49 | view = create_initialized_view(self.target, '+edit') | ||
1294 | 50 | self.assertFalse(check_permission('launchpad.Edit', view)) | ||
1295 | 51 | |||
1296 | 52 | def test_admin_can_edit(self): | ||
1297 | 53 | admin = getUtility(IPersonSet).getByEmail('foo.bar@canonical.com') | ||
1298 | 54 | login_person(admin) | ||
1299 | 55 | view = create_initialized_view(self.target, '+edit') | ||
1300 | 56 | self.assertTrue(check_permission('launchpad.Edit', view)) | ||
1301 | 57 | |||
1302 | 58 | def test_registry_expert_can_edit(self): | ||
1303 | 59 | login_person(self.registry_admin) | ||
1304 | 60 | view = create_initialized_view(self.target, '+edit') | ||
1305 | 61 | self.assertTrue(check_permission('launchpad.Edit', view)) | ||
1306 | 62 | |||
1307 | 63 | |||
1308 | 64 | class PersonEditViewPermissionTestCase(EditViewPermissionBase): | ||
1309 | 65 | """Tests for permissions to access person +edit page.""" | ||
1310 | 66 | def test_arbitrary_user_can_edit_her_own_data(self): | ||
1311 | 67 | login_person(self.target) | ||
1312 | 68 | view = create_initialized_view(self.target, '+edit') | ||
1313 | 69 | self.assertTrue(check_permission('launchpad.Edit', view)) | ||
1314 | 70 | |||
1315 | 71 | |||
1316 | 72 | class ProductEditViewPermissionTestCase(EditViewPermissionBase): | ||
1317 | 73 | """Tests for permissions to access prodcut +edit page.""" | ||
1318 | 74 | def setupTarget(self): | ||
1319 | 75 | self.target = self.factory.makeProduct() | ||
1320 | 76 | |||
1321 | 77 | |||
1322 | 78 | class ProjectEditViewPermissionTestCase(EditViewPermissionBase): | ||
1323 | 79 | """Tests for permissions to access prodcut +edit page.""" | ||
1324 | 80 | def setupTarget(self): | ||
1325 | 81 | self.target = self.factory.makeProject() | ||
1326 | 82 | |||
1327 | 83 | |||
1328 | 84 | class DistributionEditViewPermissionTestCase(EditViewPermissionBase): | ||
1329 | 85 | """Tests for permissions to access prodcut +edit page.""" | ||
1330 | 86 | def setupTarget(self): | ||
1331 | 87 | self.target = self.factory.makeDistribution() | ||
1332 | 88 | |||
1333 | 89 | |||
1334 | 90 | def test_suite(): | ||
1335 | 91 | suite = unittest.TestSuite() | ||
1336 | 92 | suite.addTest(unittest.TestLoader().loadTestsFromName(__name__)) | ||
1337 | 93 | return suite | ||
1338 | 94 | |||
1339 | 95 | |||
1340 | 96 | if __name__ == '__main__': | ||
1341 | 97 | unittest.main() | ||
1342 | 0 | 98 | ||
1343 | === modified file 'lib/lp/registry/stories/product/xx-product-edit.txt' | |||
1344 | --- lib/lp/registry/stories/product/xx-product-edit.txt 2010-05-24 20:23:19 +0000 | |||
1345 | +++ lib/lp/registry/stories/product/xx-product-edit.txt 2010-06-08 13:20:48 +0000 | |||
1346 | @@ -235,20 +235,17 @@ | |||
1347 | 235 | ... | 235 | ... |
1348 | 236 | Unauthorized:... | 236 | Unauthorized:... |
1349 | 237 | 237 | ||
1351 | 238 | Even if we add them to the Registry Experts team: | 238 | If we add them to the Registry Experts team: |
1352 | 239 | 239 | ||
1353 | 240 | >>> admin_browser.open("http://launchpad.dev/~registry/+addmember") | 240 | >>> admin_browser.open("http://launchpad.dev/~registry/+addmember") |
1354 | 241 | >>> admin_browser.getControl('New member').value = 'no-priv' | 241 | >>> admin_browser.getControl('New member').value = 'no-priv' |
1355 | 242 | >>> admin_browser.getControl('Add Member').click() | 242 | >>> admin_browser.getControl('Add Member').click() |
1356 | 243 | 243 | ||
1358 | 244 | They still cannot edit projects. | 244 | They now can edit projects. |
1359 | 245 | 245 | ||
1360 | 246 | >>> browser.open('http://launchpad.dev/firefox/+edit') | 246 | >>> browser.open('http://launchpad.dev/firefox/+edit') |
1361 | 247 | Traceback (most recent call last): | ||
1362 | 248 | ... | ||
1363 | 249 | Unauthorized:... | ||
1364 | 250 | 247 | ||
1366 | 251 | And they still can't access +admin. | 248 | But they still can't access +admin. |
1367 | 252 | 249 | ||
1368 | 253 | >>> browser.open('http://launchpad.dev/firefox/+admin') | 250 | >>> browser.open('http://launchpad.dev/firefox/+admin') |
1369 | 254 | Traceback (most recent call last): | 251 | Traceback (most recent call last): |
Here is the incremental to fix the lint issue:
=== modified file 'lib/canonical/ launchpad/ security. py' launchpad/ security. py 2010-06-07 15:52:21 +0000 launchpad/ security. py 2010-06-07 16:29:17 +0000
--- lib/canonical/
+++ lib/canonical/
@@ -781,7 +781,7 @@
usedfor = IDistribution
-class EditDistroByOwn ersRegistryExpe rtOrAdmins( nByOwnersRegist ryExpertsOrAdmi ns( rsRegistryExper tsOrAdmins) : rosetta_ experts or nByDistroOwners OrAdmins( dmins(
self. obj).checkAuthe nticated( user))
+class EditDistributio
EditByOwne
"""The owner of a distribution should be able to edit its
information; it is mainly administrative data, such as bug
@@ -1167,7 +1167,7 @@
return True
else:
return (user.in_
- EditDistributio
+ EditByOwnersOrA