Launchpad itself

Merge lp:~james-w/launchpad/package-merge-proposal-permissions into lp:launchpad

  1. package-merge-proposal-permissions
  2. Merge into devel
Proposed by James Westby
Status: Merged
Approved by: Jonathan Lange
Approved revision: no longer in the source branch.
Merged at revision: not available
Proposed branch: lp:~james-w/launchpad/package-merge-proposal-permissions
Merge into: lp:launchpad
Diff against target: 97 lines (+78/-4)
2 files modified
lib/canonical/launchpad/security.py (+2/-4)
lib/lp/code/tests/test_branchmergeproposal.py (+76/-0)
To merge this branch: bzr merge lp:~james-w/launchpad/package-merge-proposal-permissions
Reviewer Review Type Date Requested Status
Jonathan Lange (community) Approve
Review via email: mp+21561@code.launchpad.net

Commit message

Edit permissions on merge proposals for source package branches now take in to account the special permissions that official branches have.

Description of the change

This allows merge proposals to work with the special permissions
of package branches.

Thanks,

James

To post a comment you must log in.
Revision history for this message
Jonathan Lange (jml) wrote :

Good catch. This is very much how the permission should have been designed in the first place. A few small points:

 * Remove the is_admin and is_bzr_expert checks from the merge proposal permission checks. They are already got with the new permission you add.
 * The new test should be test_package... not test_packge...
 * Why do you set "self.permission_set"?
 * Why do you have an "if" statement in a test? It smells like the behaviour varies from run to run, which is bad for a test.
 * Ideally, there would be two unit tests, with the second round of assertions being split out into a second test.

review: Needs Fixing
Revision history for this message
James Westby (james-w) wrote :

All fixed, thanks.

James

Revision history for this message
Jonathan Lange (jml) wrote :

Awesome. That makes the test much clearer, thanks.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'lib/canonical/launchpad/security.py'
--- lib/canonical/launchpad/security.py 2010-03-17 13:36:27 +0000
+++ lib/canonical/launchpad/security.py 2010-03-17 15:55:49 +0000
@@ -1872,10 +1872,8 @@
1872 """1872 """
1873 return (user.inTeam(self.obj.registrant) or1873 return (user.inTeam(self.obj.registrant) or
1874 user.inTeam(self.obj.source_branch.owner) or1874 user.inTeam(self.obj.source_branch.owner) or
1875 user.inTeam(self.obj.target_branch.owner) or1875 check_permission('launchpad.Edit', self.obj.target_branch) or
1876 user.inTeam(self.obj.target_branch.reviewer) or1876 user.inTeam(self.obj.target_branch.reviewer))
1877 user.in_admin or
1878 user.in_bazaar_experts)
18791877
18801878
1881class ViewEntitlement(AuthorizationBase):1879class ViewEntitlement(AuthorizationBase):
18821880
=== added file 'lib/lp/code/tests/test_branchmergeproposal.py'
--- lib/lp/code/tests/test_branchmergeproposal.py 1970-01-01 00:00:00 +0000
+++ lib/lp/code/tests/test_branchmergeproposal.py 2010-03-17 15:55:49 +0000
@@ -0,0 +1,76 @@
1# Copyright 2010 Canonical Ltd. This software is licensed under the
2# GNU Affero General Public License version 3 (see the file LICENSE).
3
4"""Unit tests for methods of BranchMergeProposal."""
5
6
7from zope.component import getUtility
8from zope.security.proxy import removeSecurityProxy
9
10from canonical.launchpad.interfaces.launchpad import ILaunchpadCelebrities
11from canonical.testing import DatabaseFunctionalLayer
12
13from lp.code.interfaces.linkedbranch import ICanHasLinkedBranch
14from lp.code.tests.test_branch import PermissionTest
15from lp.registry.interfaces.pocket import PackagePublishingPocket
16from lp.soyuz.interfaces.archivepermission import IArchivePermissionSet
17from lp.testing import run_with_login
18
19
20class TestEditMergeProposal(PermissionTest):
21 """Test who can edit branchmergeproposals."""
22
23 layer = DatabaseFunctionalLayer
24
25 def makePackageProposal(self):
26 branch = self.factory.makePackageBranch()
27 # Make sure the (distroseries, pocket) combination used allows us to
28 # upload to it.
29 pocket = PackagePublishingPocket.RELEASE
30 sourcepackage = branch.sourcepackage
31 suite_sourcepackage = sourcepackage.getSuiteSourcePackage(pocket)
32 registrant = self.factory.makePerson()
33 ubuntu_branches = getUtility(ILaunchpadCelebrities).ubuntu_branches
34 run_with_login(
35 ubuntu_branches.teamowner,
36 ICanHasLinkedBranch(suite_sourcepackage).setBranch,
37 branch, registrant)
38 source_branch = self.factory.makePackageBranch(
39 sourcepackage=branch.sourcepackage)
40 proposal = source_branch.addLandingTarget(
41 source_branch.registrant, branch)
42 return proposal
43
44 def test_package_merge_proposal_with_no_upload_permission(self):
45 # If you can't upload the package and have no other relationship
46 # to the proposal or branches then you can't edit the proposal.
47 person = self.factory.makePerson()
48 proposal = self.makePackageProposal()
49
50 # Person is not allowed to edit the branch presently.
51 self.assertCannotEdit(person, proposal.target_branch)
52 # And so isn't allowed to edit the merge proposal
53 self.assertCannotEdit(person, proposal)
54
55
56 def test_package_upload_permissions_grant_merge_proposal_edit(self):
57 # If you can upload to the package then you can edit merge
58 # proposals against the official branch.
59 person = self.factory.makePerson()
60 proposal = self.makePackageProposal()
61
62 permission_set = getUtility(IArchivePermissionSet)
63 # Only admins or techboard members can add permissions normally. That
64 # restriction isn't relevant to these tests.
65 permission_set = removeSecurityProxy(permission_set)
66 # Now give 'person' permission to upload to 'package'.
67 archive = proposal.target_branch.distroseries.distribution.main_archive
68 package = proposal.target_branch.sourcepackage
69 spn = package.sourcepackagename
70 permission_set.newPackageUploader(archive, person, spn)
71
72 # Now person can edit the branch on the basis of the upload
73 # permissions granted above.
74 self.assertCanEdit(person, proposal.target_branch)
75 # And that means they can edit the proposal too
76 self.assertCanEdit(person, proposal)