Launchpad itself

lib/lp/soyuz/stories/soyuz/xx-private-builds.txt (+47/-77)
lib/lp/soyuz/stories/soyuz/xx-queue-pages-delayed-copies.txt (+9/-9)
lib/lp/soyuz/stories/webservice/xx-archive.txt (+28/-28)
lib/lp/soyuz/stories/webservice/xx-archivedependency.txt (+18/-24)
lib/lp/soyuz/stories/webservice/xx-binary-package-publishing.txt (+21/-10)
lib/lp/soyuz/stories/webservice/xx-source-package-publishing.txt (+35/-19)

To merge this branch:

bzr merge lp:~michael.nelson/launchpad/ppa-privatisation-test-refactor6

High

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Gary Poster (community)		2010-02-26	Approve on 2010-02-26
Review via email: mp+20227@code.launchpad.net

Commit message

Ensures that the privacy of a PPA cannot be altered once it has published packages (and updates a gazillion tests that depended on being able to do just that)

Revision history for this message

Michael Nelson (michael.nelson) wrote on 2010-02-26:

This is the sixth (and final!) branch in a series to refactor soyuz tests after fixing bug 506203.

The MP for the branch that actually fixed the bug is at:

https://code.edge.launchpad.net/~michael.nelson/launchpad/506203-ppa-privatisation-check/+merge/19415

The original fix ensures that the privacy of a PPA cannot be altered once it has packages published. Unfortunately most of our test infrastructure does exactly that (switches the privacy to do a few tests and then switches it back).

The complete test breakages are as follows:
http://pastebin.ubuntu.com/378292/

This branch fixes:
bin/test -vv -t xx-private-builds.txt -t xx-queue-pages-delayed-copies.txt -t webservice/xx-archive.txt -t xx-archivedependency.txt -t xx-binary-package-publishing.txt -t xx-source-package-publishing.txt

Thanks.

Revision history for this message

Gary Poster (gary) wrote on 2010-02-26:

Download full text (4.0 KiB)

Hi Michael. These look like nice fixes.

I asked some questions on IRC to which you replied to my satisfaction. I'll include the log beneath for reference.

I did ask you to consider whether the duplicated code for private setup in xx-source-package-publishing.txt and xx-binary-package-publishing.txt (">>> from lp.registry.interfaces.distribution import IDistributionSet...") should be factored into a testing helper. You thought this was a reasonable idea, which is great by me. :-)

Thank you!

Gary

Edited IRC log:

gary_poster: noodles775: why did you remove test_login.py?
noodles775: gary_poster: I didn't... a local diff between this pipe and the prev shows everything but the test_login.py.
noodles775: I was just trying to figure out what was going on with the MP.
gary_poster: noodles775: ok, I'll just clarify in the review that merging that removal is not ok, and leave you to handle the mechanism
noodles775: gary_poster: I'll merge RF into the initial pipe (there are 7 in total) and push it through and see if it's still there when the diff regenerates on the MP.
gary_poster: noodles775: ack, ok
salgado: gary_poster, noodles775, in my openid branch I added a test_new_login.py file and later removed test_login.py. then on a subsequent branch I renamed test_new_login.py to test_login.py. that, together with pipes, might have confused bzr?
noodles775: salgado: thanks for the info - I thought it may have been related to your branch I reviewed yesterday. If that's the case, pumping a fresh RF through my pipes should resolve the issue. (I hope)
gary_poster: noodles775: in xx-private-builds.txt, why is it OK to remove diff line 375ff? ("Now visit the same page as an admin we can see that there are four more...")
gary_poster: thanks salgado
gary_poster: noodles775: also, in the previous section of the same file, why did the result change (5 of 17 results, and different values)? If explaining it takes too long, I'll accept "because of changes that have previously passed review"
gary_poster: but I'd like reassurance that you are confident of the change, at least
gary_poster: hm, I could understand an increase of 1, since we added the private p3a archive, but I don't understand 14 -> 17
noodles775: gary_poster: so, regarding your first question, 375ff, the test for authorised viewers seeing the builds in the history was moved to just below with the Frog builder.
noodles775: It looks like a lot less test-code because the Frog builder only has the one build in its history (it's not polluted with sample data :)).
gary_poster: noodles775: ah ok cool thanks
noodles775: gary_poster: and your second question is related, because previously cprov's ppa was switched to private (which is no longer allowed), and had a bunch of publishings.
noodles775: So the 14 -> 17 is because there are 3 packages in cprov's public archive (when it was private ,they did not show up).
Topic changed to "on call: adeuring,gary_poster || reviewing: ?,noodles775, sinzui || queue [] || This channel is logged: http://irclogs.ubuntu.com/ || https://code.edge.launchpad.net/launchpad/+activereviews" by sinzui.
noodles775: s/packages/builds of course.
gary_poster: noodles775: we ...

Hi Michael.  These look like nice fixes.

I asked some questions on IRC to which you replied to my satisfaction.  I'll include the log beneath for reference.

I did ask you to consider whether the duplicated code for private setup in xx-source-package-publishing.txt and xx-binary-package-publishing.txt (">>> from lp.registry.interfaces.distribution import IDistributionSet...") should be factored into a testing helper.  You thought this was a reasonable idea, which is great by me. :-)

Thank you!

Gary

Edited IRC log:

gary_poster: noodles775: why did you remove test_login.py? 
noodles775: gary_poster: I didn't... a local diff between this pipe and the prev shows everything but the test_login.py.
noodles775: I was just trying to figure out what was going on with the MP.
gary_poster: noodles775: ok, I'll just clarify in the review that merging that removal is not ok, and leave you to handle the mechanism 
noodles775: gary_poster: I'll merge RF into the initial pipe (there are 7 in total) and push it through and see if it's still there when the diff regenerates on the MP.
gary_poster: noodles775: ack, ok
salgado: gary_poster, noodles775, in my openid branch I added a test_new_login.py file and later removed test_login.py.  then on a subsequent branch I renamed test_new_login.py to test_login.py.  that, together with pipes, might have confused  bzr?
noodles775: salgado: thanks for the info - I thought it may have been related to your branch I reviewed yesterday. If that's the case, pumping a fresh RF through my pipes should resolve the issue. (I hope)
gary_poster: noodles775: in xx-private-builds.txt, why is it OK to remove diff line 375ff? ("Now visit the same page as an admin we can see that there are four more...")
gary_poster: thanks salgado
gary_poster: noodles775: also, in the previous section of the same file, why did the result change (5 of 17 results, and different values)?  If explaining it takes too long, I'll accept "because of changes that have previously passed review"
gary_poster: but I'd like reassurance that you are confident of the change, at least 
gary_poster: hm, I could understand an increase of 1, since we added the private p3a archive, but I don't understand 14 -> 17
noodles775: gary_poster: so, regarding your first question, 375ff, the test for authorised viewers seeing the builds in the history was moved to just below with the Frog builder.
noodles775: It looks like a lot less test-code because the Frog builder only has the one build in its history (it's not polluted with sample data :)).
gary_poster: noodles775: ah ok cool thanks
noodles775: gary_poster: and your second question is related, because previously cprov's ppa was switched to private (which is no longer allowed), and had a bunch of publishings.
noodles775: So the 14 -> 17 is because there are 3 packages in cprov's public archive (when it was private ,they did not show up).
Topic changed to "on call: adeuring,gary_poster || reviewing: ?,noodles775, sinzui || queue [] || This channel is logged: http://irclogs.ubuntu.com/ || https://code.edge.launchpad.net/launchpad/+activereviews" by sinzui.
noodles775: s/packages/builds of course.
gary_poster: noodles775: we dupe the private setup in xx-source-package-publishing.txt and xx-binary-package-publishing.txt (">>> from lp.registry.interfaces.distribution import IDistributionSet...").  You considered and rejected a helper function?  Two copies is arguable, maybe.  Three, much less so. 
gary_poster: So if you considered and rejected then I'm OK, but otherwise, please consider 
noodles775: gary_poster: no I didn't consider it - sounds good.
gary_poster: ok cool noodles775
gary_poster: noodles775: I'm finishing the review, but merge-conditional on not landing the deletion of test_login.py
gary_poster: I mean, I'm writing it up
gary_poster: but it is r=gary with that
noodles775: gary_poster: thanks. Actually, if you re-load the MP you'll see that it's no longer there (pumping a fresh RF through seems to have helped)
gary_poster: noodles775: confirmed, awesome

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Barki Mustapha

Celso Providelo

Christian Reis

Christy Awad

Colin Watson

Harpianto,ANDI

James Troup

John A Meinel

Kevin bush

Launchpad code reviewers

Launchpad code reviewers from Canonical

Matthew Tanner

Maximiliano Bertacchini

Michael Nelson

Oguz Ersoz

Simon Brakhane

Ubuntu-BR DevOps

William Grant

alhawiti

api.ng

pedro cavazos

todaioan

wenjingwen

to status/vote changes:

Tzaddi

Tzaddi Belding

 === modified file 'lib/lp/soyuz/stories/soyuz/xx-private-builds.txt'
 --- lib/lp/soyuz/stories/soyuz/xx-private-builds.txt	2009-12-24 01:41:54 +0000
 +++ lib/lp/soyuz/stories/soyuz/xx-private-builds.txt	2010-02-26 15:44:20 +0000
@@ -20,6 +20,7 @@
      >>> from zope.component import getUtility
      >>> from canonical.launchpad.interfaces import (
      ...     IBuilderSet, IPersonSet)
++    >>> from lp.registry.interfaces.distribution import IDistributionSet
      >>> from lp.soyuz.tests.test_publishing import (
      ...      SoyuzTestPublisher)
      >>> from lp.soyuz.interfaces.publishing import (
@@ -29,14 +30,16 @@
      >>> login("foo.bar@canonical.com")
      >>> cprov = getUtility(IPersonSet).getByName("cprov")
--    >>> cprov.archive.buildd_secret = "secret"
--    >>> cprov.archive.private = True
++    >>> ubuntu = getUtility(IDistributionSet).getByName('ubuntu')
++    >>> cprov_private_ppa = factory.makeArchive(
++    ...     private=True, owner=cprov, name="p3a",
++    ...     distribution=ubuntu)
      >>> test_publisher = SoyuzTestPublisher()
      >>> test_publisher.prepareBreezyAutotest()
      >>> private_source_pub = test_publisher.getPubSource(
      ...     status=PackagePublishingStatus.PUBLISHED,
      ...     sourcename='privacy-test',
--    ...     archive=cprov.archive)
++    ...     archive=cprov_private_ppa)
      >>> [private_build] = private_source_pub.createMissingBuilds()
      >>> frog = getUtility(IBuilderSet)['frog']
      >>> frog.builderok = True
@@ -105,7 +108,7 @@
  users:
      >>> anon_browser.open(
--    ...     "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...     "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...     private_build.id)
      Traceback (most recent call last):
      ...
@@ -114,10 +117,10 @@
  But it is fine for authorised users:
      >>> cprov_browser.open(
--    ...     "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...     "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...     private_build.id)
      >>> print cprov_browser.url
--    http://launchpad.dev/~cprov/+archive/ppa/+build/...
++    http://launchpad.dev/~cprov/+archive/p3a/+build/...
  == Builder history page ==
@@ -130,7 +133,7 @@
  user is viewing it.
  The builder "bob" has lots of builds in the sample data, including some
--for cprov's private archive.  We can visit bob's history page and see
++for cprov's public archive.  We can visit bob's history page and see
  what it shows a non-privileged user:
      >>> anon_browser.open("http://launchpad.dev/+builds/bob/+history")
@@ -141,63 +144,20 @@
      ...
      hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
      ...
--    i386 build of cdrkit 1.0 in ubuntu warty RELEASE
--    ...
--    i386 build of cdrkit 1.0 in ubuntu breezy-autotest RELEASE
--    ...
--    i386 build of foobar 1.0 in ubuntu warty RELEASE
--    ...
--    i386 build of netapplet 0.99.6-1 in ubuntu warty RELEASE
--    ...
--    5 of 14 results
--    ...
--
--Now visit the same page as an admin we can see that there are four more
--results in the total set of results with an extra "mozilla-firefox"
--build at the top of the first batch.
--
--    >>> admin_browser.open("http://launchpad.dev/+builds/bob/+history")
--    >>> [builds_list] = find_tags_by_class(
--    ...     admin_browser.contents, 'builds_list')
--    >>> print extract_text(builds_list)
--    Package:
--    ...
--    hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
--    ...
--    hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
--    ...
--    i386 build of pmount 0.1-1 in ubuntu warty RELEASE
--    ...
--    i386 build of cdrkit 1.0 in ubuntu breezy-autotest RELEASE
--    ...
--    i386 build of cdrkit 1.0 in ubuntu warty RELEASE
--    ...
--    5 of 17 results
--    ...
--
--If cprov browses the list he will also see his own builds in the list.
--
--    >>> cprov_browser.open("http://launchpad.dev/+builds/bob/+history")
--    >>> [builds_list] = find_tags_by_class(
--    ...     cprov_browser.contents, 'builds_list')
--    >>> print extract_text(builds_list)
--    Package:
--    ...
--    hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
--    ...
--    hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
--    ...
--    i386 build of pmount 0.1-1 in ubuntu warty RELEASE
--    ...
--    i386 build of cdrkit 1.0 in ubuntu breezy-autotest RELEASE
--    ...
--    i386 build of cdrkit 1.0 in ubuntu warty RELEASE
--    ...
--    5 of 17 results
--    ...
--
--"Frog" is currently building a private build but again the unauthorised user
--cannot see any of the private details.
++    hppa build of mozilla-firefox 0.9 in ubuntu warty RELEASE
++    ...
++    i386 build of pmount 0.1-1 in ubuntu warty RELEASE
++    ...
++    i386 build of cdrkit 1.0 in ubuntu breezy-autotest RELEASE
++    ...
++    i386 build of cdrkit 1.0 in ubuntu warty RELEASE
++    ...
++    5 of 17 results
++    ...
++
++
++The builder "Frog" has only the one build created above. So viewing the
++history as an unauthorised user shows an empty history.
      >>> anon_browser.open("http://launchpad.dev/+builds/frog/+history")
      >>> [builds_list] = find_tags_by_class(
@@ -207,7 +167,17 @@
      ...
      No build records.
--An authorised user will see the build however:
++Both admin and the owner of the build, cprov, can see the build in
++"Frog"'s build history.
++
++    >>> admin_browser.open("http://launchpad.dev/+builds/frog/+history")
++    >>> [builds_list] = find_tags_by_class(
++    ...     admin_browser.contents, 'builds_list')
++    >>> print extract_text(builds_list)
++    Package:
++    ...
++    i386 build of privacy-test 666 in ubuntutest breezy-autotest RELEASE
++    ...
      >>> cprov_browser.open("http://launchpad.dev/+builds/frog/+history")
      >>> [builds_list] = find_tags_by_class(
@@ -233,7 +203,7 @@
      ...
      Name  Processor  Status
      bob   386        Building i386 build of mozilla-firefox ...
--    frog  386        Building i386 build of privacy-test ... [cprov/ppa]
++    frog  386        Building i386 build of privacy-test ... [cprov/p3a]
      ...
  Launchpad Buildd admins cannot see private builds.
@@ -255,7 +225,7 @@
      ...
      Name  Processor  Status
      bob   386        Building i386 build of mozilla-firefox ...
--    frog  386        Building i386 build of privacy-test ... [cprov/ppa]
++    frog  386        Building i386 build of privacy-test ... [cprov/p3a]
      Updated on ...
  Anonymous users cannot see the private build:
@@ -282,7 +252,7 @@
      >>> from zope.security.interfaces import Unauthorized
      >>> try:
      ...     anon_browser.open(
--    ...         "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...         "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...         private_build.id)
      ... except Unauthorized:
      ...     print "Got expected exception"
@@ -293,7 +263,7 @@
      >>> browser = setupBrowser(auth="Basic no-priv@canonical.com:test")
      >>> try:
      ...     browser.open(
--    ...         "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...         "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...         private_build.id)
      ... except Unauthorized:
      ...     print "Got expected exception"
@@ -331,7 +301,7 @@
      ...
      Name  Processor Status
      bob   386       Building i386 build of mozilla-firefox ...
--    frog  386       Building i386 build of privacy-test 666 ... [cprov/ppa]
++    frog  386       Building i386 build of privacy-test 666 ... [cprov/p3a]
      ...
  Any other logged-in user will also see the build:
@@ -342,22 +312,22 @@
      ...
      Name  Processor Status
      bob   386       Building i386 build of mozilla-firefox ...
--    frog  386       Building i386 build of privacy-test 666 ... [cprov/ppa]
++    frog  386       Building i386 build of privacy-test 666 ... [cprov/p3a]
      ...
  Accessing the build page will now also work:
      >>> anon_browser.open(
--    ...     "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...     "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...     private_build.id)
      >>> print anon_browser.title
--    PPA for Celso Providelo : Celso Providelo
++    PPA named p3a for Celso Providelo : Celso Providelo
      >>> browser.open(
--    ...     "http://launchpad.dev/~cprov/+archive/ppa/+build/%s" %
++    ...     "http://launchpad.dev/~cprov/+archive/p3a/+build/%s" %
      ...     private_build.id)
      >>> print browser.title
--    PPA for Celso Providelo : Celso Providelo
++    PPA named p3a for Celso Providelo : Celso Providelo
  When accessing the distroseries source package release page, the builds
  portlet will display a link to the newly unembargoed build:
@@ -371,7 +341,7 @@
      breezy-autotest i386 Successfully built
      >>> print browser.getLink('i386').url
--    http://launchpad.dev/~cprov/+archive/ppa/+build/...
++    http://launchpad.dev/~cprov/+archive/p3a/+build/...
  Similarly, when accessing the distribution source package release page,
  the main content will display a link to the newly unembargoed build:
@@ -384,4 +354,4 @@
      Breezy Badger Autotest: i386
      >>> print browser.getLink('i386').url
--    http://launchpad.dev/~cprov/+archive/ppa/+build/...
++    http://launchpad.dev/~cprov/+archive/p3a/+build/...
 === modified file 'lib/lp/soyuz/stories/soyuz/xx-queue-pages-delayed-copies.txt'
 --- lib/lp/soyuz/stories/soyuz/xx-queue-pages-delayed-copies.txt	2009-11-16 21:42:53 +0000
 +++ lib/lp/soyuz/stories/soyuz/xx-queue-pages-delayed-copies.txt	2010-02-26 15:44:20 +0000
@@ -15,12 +15,12 @@
      >>> login('foo.bar@canonical.com')
      >>> ubuntu = getUtility(IDistributionSet).getByName('ubuntu')
      >>> cprov = getUtility(IPersonSet).getByName('cprov')
--    >>> cprov.archive.buildd_secret = 'x'
--    >>> cprov.archive.private = True
--    >>> cprov.archive.require_virtualized = False
++    >>> cprov_private_ppa = factory.makeArchive(
++    ...     private=True, owner=cprov, distribution=ubuntu,
++    ...     virtualized=False, name="p3a")
      >>> stp = SoyuzTestPublisher()
      >>> stp.prepareBreezyAutotest()
--    >>> [bin_hppa, bin_i386] = stp.getPubBinaries(archive=cprov.archive)
++    >>> [bin_hppa, bin_i386] = stp.getPubBinaries(archive=cprov_private_ppa)
      >>> build = bin_hppa.binarypackagerelease.build
      >>> breezy_autotest = ubuntu.getSeries('breezy-autotest')
      >>> stp.addFakeChroots(breezy_autotest)
@@ -63,12 +63,12 @@
      >>> print extract_text(
      ...     first_tag_by_class(anon_browser.contents,
      ...                        'queue-%s' % delayed_copy.id))
--    Copied from PPA for Celso Providelo
++    Copied from PPA named p3a for Celso Providelo
  The delayed-copy source archive is not linked, since the requester has
  no permission to view it.
--    >>> anon_browser.getLink('PPA for Celso Providelo')
++    >>> anon_browser.getLink('PPA named p3a for Celso Providelo')
      Traceback (most recent call last):
      ...
      LinkNotFoundError
@@ -95,10 +95,10 @@
      >>> print extract_text(
      ...     first_tag_by_class(cprov_browser.contents,
      ...                        'queue-%s' % delayed_copy.id))
--    Copied from PPA for Celso Providelo
++    Copied from PPA named p3a for Celso Providelo
--    >>> print cprov_browser.getLink('PPA for Celso Providelo').url
--    http://launchpad.dev/~cprov/+archive/ppa
++    >>> print cprov_browser.getLink('PPA named p3a for Celso Providelo').url
++    http://launchpad.dev/~cprov/+archive/p3a
  When the delayed-copy is processed (moved to DONE queue) its contents
  become available to everyone.
 === modified file 'lib/lp/soyuz/stories/webservice/xx-archive.txt'
 --- lib/lp/soyuz/stories/webservice/xx-archive.txt	2010-02-02 12:04:19 +0000
 +++ lib/lp/soyuz/stories/webservice/xx-archive.txt	2010-02-26 15:44:20 +0000
@@ -736,15 +736,14 @@
  == Private archives ==
--Make Celso's PPA private and create a private source publication.
++Create a private PPA for Celso with a private source publication.
      >>> login('foo.bar@canonical.com')
--
--    >>> cprov.archive.buildd_secret = 'boing'
--    >>> cprov.archive.private = True
--
++    >>> cprov_private_ppa_db = factory.makeArchive(
++    ...     private=True, owner=cprov, distribution=ubuntu_db, name="p3a",
++    ...     description="packages to help my friends.")
      >>> private_publication = test_publisher.createSource(
--    ...     cprov.archive, 'foocomm', '1.0-1')
++    ...     cprov_private_ppa_db, 'foocomm', '1.0-1')
      >>> private_publication.secure_record.status = (
      ...     PackagePublishingStatus.PUBLISHED)
@@ -760,28 +759,28 @@
  attributes are only exposed when the requestor has View permission in
  the IArchive context, in this case only Celso has it.
--    >>> pprint_entry(user_webservice.get("/~cprov/+archive/ppa").jsonBody())
--    dependencies_collection_link: u'http://.../~cprov/+archive/ppa/dependencies'
++    >>> pprint_entry(user_webservice.get("/~cprov/+archive/p3a").jsonBody())
++    dependencies_collection_link: u'http://.../~cprov/+archive/p3a/dependencies'
      description: u'tag:launchpad.net:2008:redacted'
--    displayname: u'PPA for Celso Providelo'
++    displayname: u'PPA named p3a for Celso Providelo'
      distribution_link: u'http://.../ubuntu'
--    name: u'ppa'
++    name: u'p3a'
      owner_link: u'http://.../~cprov'
      private: True
      resource_type_link: u'http://.../#archive'
--    self_link: u'http://.../~cprov/+archive/ppa'
++    self_link: u'http://.../~cprov/+archive/p3a'
      signing_key_fingerprint: u'tag:launchpad.net:2008:redacted'
--    >>> pprint_entry(cprov_webservice.get("/~cprov/+archive/ppa").jsonBody())
--    dependencies_collection_link: u'http://.../~cprov/+archive/ppa/dependencies'
++    >>> pprint_entry(cprov_webservice.get("/~cprov/+archive/p3a").jsonBody())
++    dependencies_collection_link: u'http://.../~cprov/+archive/p3a/dependencies'
      description: u'packages to help my friends.'
--    displayname: u'PPA for Celso Providelo'
++    displayname: u'PPA named p3a for Celso Providelo'
      distribution_link: u'http://.../ubuntu'
--    name: u'ppa'
++    name: u'p3a'
      owner_link: u'http://.../~cprov'
      private: True
      resource_type_link: u'http://.../#archive'
--    self_link: u'http://.../~cprov/+archive/ppa'
++    self_link: u'http://.../~cprov/+archive/p3a'
      signing_key_fingerprint: u'ABCDEF0123456789ABCDDCBA0000111112345678'
  == Creating subscriptions to a (private) archive ==
@@ -813,9 +812,10 @@
  First we'll subscribe mark to cprov's archive:
      >>> mark = webservice.get("/~mark").jsonBody()
--    >>> cprov_archive = cprov_webservice.get("/~cprov/+archive/ppa").jsonBody()
++    >>> cprov_private_ppa = cprov_webservice.get(
++    ...     "/~cprov/+archive/p3a").jsonBody()
      >>> response = cprov_webservice.named_post(
--    ...     cprov_archive['self_link'], 'newSubscription',
++    ...     cprov_private_ppa['self_link'], 'newSubscription',
      ...     subscriber=mark['self_link'])
      >>> print response
@@ -823,20 +823,20 @@
      ...
      >>> print response.getHeader('Location')
--    http://.../~cprov/+archive/ppa/+subscriptions/mark
++    http://.../~cprov/+archive/p3a/+subscriptions/mark
  We publish a subset of the IArchiveSubscriber attributes.
      >>> new_subscription = cprov_webservice.get(
      ...     response.getHeader('Location')).jsonBody()
      >>> pprint_entry(new_subscription)
--    archive_link: u'http://api.launchpad.dev/beta/~cprov/+archive/ppa'
++    archive_link: u'http://api.launchpad.dev/beta/~cprov/+archive/p3a'
      date_created: ...
      date_expires: None
      description: None
      registrant_link: u'http://api.launchpad.dev/beta/~cprov'
      resource_type_link: u'http://api.launchpad.dev/beta/#archive_subscriber'
--    self_link: u'http://api.launchpad.dev/beta/~cprov/+archive/ppa/+subscriptions/mark'
++    self_link: u'http://api.../~cprov/+archive/p3a/+subscriptions/mark'
      status: u'Active'
      subscriber_link: u'http://api.launchpad.dev/beta/~mark'
@@ -854,7 +854,7 @@
      >>> response = user_webservice.named_post(
      ...     cprov_archive['self_link'], 'newSubscription',
--    ...     subscriber=cprov_archive['owner_link'])
++    ...     subscriber=cprov_private_ppa['owner_link'])
      >>> print response
      HTTP/1.1 401 Unauthorized
      ...
@@ -863,13 +863,13 @@
  is already a current subscription:
      >>> response = cprov_webservice.named_post(
--    ...     cprov_archive['self_link'], 'newSubscription',
++    ...     cprov_private_ppa['self_link'], 'newSubscription',
      ...     subscriber=mark['self_link'])
      >>> print response
      HTTP/1.1 400 Bad Request
      ...
      AlreadySubscribed: Mark Shuttleworth already has a current subscription
--    for 'PPA for Celso Providelo'.
++    for 'PPA named p3a for Celso Providelo'.
  == Modifying privacy ==
@@ -904,7 +904,7 @@
      >>> print cprov_webservice.named_post(
      ...     ubuntu['main_archive_link'], 'syncSource', {},
      ...     source_name='foocomm', version='1.0-1', to_pocket='release',
--    ...     from_archive=cprov_archive['self_link'],
++    ...     from_archive=cprov_private_ppa['self_link'],
      ...     to_series="hoary")
      HTTP/1.1 200 Ok
      ...
@@ -914,7 +914,7 @@
      >>> login('foo.bar@canonical.com')
      >>> subsequent_version = test_publisher.createSource(
--    ...     cprov.archive, 'foocomm', '1.0-2')
++    ...     cprov_private_ppa_db, 'foocomm', '1.0-2')
      >>> subsequent_version.secure_record.status = (
      ...     PackagePublishingStatus.PUBLISHED)
      >>> logout()
@@ -922,7 +922,7 @@
      >>> print cprov_webservice.named_post(
      ...     ubuntu['main_archive_link'], 'syncSources', {},
      ...     source_names=['foocomm'], to_pocket='release',
--    ...     from_archive=cprov_archive['self_link'],
++    ...     from_archive=cprov_private_ppa['self_link'],
      ...     to_series="hoary")
      HTTP/1.1 200 Ok
      ...
@@ -933,7 +933,7 @@
      >>> print cprov_webservice.named_post(
      ...     ubuntu['main_archive_link'], 'syncSource', {},
      ...     source_name='foocomm', version='1.0-2', to_pocket='release',
--    ...     from_archive=cprov_archive['self_link'],
++    ...     from_archive=cprov_private_ppa['self_link'],
      ...     to_series="hoary")
      HTTP/1.1 400 Bad Request
      ...
 === modified file 'lib/lp/soyuz/stories/webservice/xx-archivedependency.txt'
 --- lib/lp/soyuz/stories/webservice/xx-archivedependency.txt	2009-08-28 06:39:38 +0000
 +++ lib/lp/soyuz/stories/webservice/xx-archivedependency.txt	2010-02-26 15:44:20 +0000
@@ -1,14 +1,15 @@
  = Archive dependencies =
  `ArchiveDependency` records represent build-dependencies between
--archives, and are exposed through the API.
++archives, and are exposed through the API.
  Most of the tests live in
  lib/lp/soyuz/stories/webservice/xx-archive.txt.
  Firstly we need to set some things up: we need a PPA with a dependency.
  We'll use Celso's PPA, and give it a custom dependency on the primary
--archive.
++archive, and then create a private PPA for Celso with a similar custom
++dependency.
      >>> import simplejson
      >>> from zope.component import getUtility
@@ -22,14 +23,18 @@
      ...     cprov_ppa_db.distribution.main_archive,
      ...     PackagePublishingPocket.RELEASE,
      ...     component=getUtility(IComponentSet)['universe'])
++    >>> cprov_private_ppa_db = factory.makeArchive(
++    ...     private=True, owner=cprov_db, name="p3a",
++    ...     distribution=cprov_ppa_db.distribution,
++    ...     description="packages to help my friends.")
++    >>> dep = cprov_private_ppa_db.addArchiveDependency(
++    ...     cprov_ppa_db.distribution.main_archive,
++    ...     PackagePublishingPocket.RELEASE,
++    ...     component=getUtility(IComponentSet)['universe'])
      >>> logout()
  Any user can retrieve a public PPA's dependencies.
--    >>> login('foo.bar@canonical.com')
--    >>> cprov_ppa_db.private = False
--    >>> logout()
--
      >>> print user_webservice.get(
      ...     '/~cprov/+archive/ppa/dependencies')
      HTTP/1.1 200 Ok
@@ -40,18 +45,11 @@
      HTTP/1.1 200 Ok
      ...
--The dependencies of a private archive are private. Let's make
--Celso's PPA private.
--
--    >>> login('foo.bar@canonical.com')
--    >>> cprov_ppa_db.private = True
--    >>> cprov_ppa_db.buildd_secret = 'foobar'
--    >>> logout()
--
--Now our unprivileged user can't get a list of the dependencies.
++The dependencies of a private archive are private.  Unprivileged users
++can't get a list of the dependencies.
      >>> print user_webservice.get(
--    ...     '/~cprov/+archive/ppa/dependencies')
++    ...     '/~cprov/+archive/p3a/dependencies')
      HTTP/1.1 401 Unauthorized
      ...
      Unauthorized: (<Archive at ...>, 'dependencies', 'launchpad.View')
@@ -60,31 +58,27 @@
  Nor can said user craft a URL to a dependency.
      >>> print user_webservice.get(
--    ...     '/~cprov/+archive/ppa/+dependency/1')
++    ...     '/~cprov/+archive/p3a/+dependency/1')
      HTTP/1.1 401 Unauthorized
      ...
      Unauthorized: (<Archive at ...>, 'getArchiveDependency', 'launchpad.View')
      <BLANKLINE>
--Celso can still see them if we grant private permissions, of course.
++Celso can see them if we grant private permissions, of course.
      >>> from canonical.launchpad.testing.pages import webservice_for_person
      >>> from canonical.launchpad.webapp.interfaces import OAuthPermission
      >>> cprov_webservice = webservice_for_person(
      ...     cprov_db, permission=OAuthPermission.WRITE_PRIVATE)
      >>> print cprov_webservice.get(
--    ...     '/~cprov/+archive/ppa/dependencies')
++    ...     '/~cprov/+archive/p3a/dependencies')
      HTTP/1.1 200 Ok
      ...
      >>> print cprov_webservice.get(
--    ...     '/~cprov/+archive/ppa/+dependency/1')
++    ...     '/~cprov/+archive/p3a/+dependency/1')
      HTTP/1.1 200 Ok
      ...
--    >>> login('foo.bar@canonical.com')
--    >>> cprov_ppa_db.private = False
--    >>> logout()
--
  But even he can't write to a dependency.
      >>> mark_ppa = cprov_webservice.get(
 === modified file 'lib/lp/soyuz/stories/webservice/xx-binary-package-publishing.txt'
 --- lib/lp/soyuz/stories/webservice/xx-binary-package-publishing.txt	2009-08-20 04:46:48 +0000
 +++ lib/lp/soyuz/stories/webservice/xx-binary-package-publishing.txt	2010-02-26 15:44:20 +0000
@@ -90,26 +90,36 @@
  Security
  ========
--When Celso's PPA becomes private ...
++Create a private PPA for Celso with some binaries.
      >>> login("foo.bar@canonical.com")
      >>> from zope.component import getUtility
      >>> from lp.registry.interfaces.person import IPersonSet
--
--    >>> cprov = getUtility(IPersonSet).getByName('cprov')
--    >>> cprov.archive.buildd_secret = 'boing'
--    >>> cprov.archive.private = True
--
--    >>> transaction.commit()
--
++    >>> from lp.registry.interfaces.distribution import IDistributionSet
++    >>> from lp.soyuz.tests.test_publishing import (
++    ...      SoyuzTestPublisher)
++    >>> from lp.soyuz.interfaces.publishing import (
++    ...     PackagePublishingStatus)
++    >>> cprov_db = getUtility(IPersonSet).getByName('cprov')
++    >>> ubuntu_db = getUtility(IDistributionSet).getByName('ubuntu')
++    >>> cprov_private_ppa_db = factory.makeArchive(
++    ...     private=True, owner=cprov_db, name="p3a",
++    ...     distribution=ubuntu_db)
++    >>> test_publisher = SoyuzTestPublisher()
++    >>> test_publisher.prepareBreezyAutotest()
++    >>> private_source_pub = test_publisher.getPubBinaries(
++    ...     status=PackagePublishingStatus.PUBLISHED,
++    ...     binaryname='privacy-test-bin',
++    ...     archive=cprov_private_ppa_db)
      >>> logout()
  Only Celso (or anyone who participates on the PPA owner team) has
  access to the PPA publications.
++    >>> cprov_private_ppa = webservice.get("/~cprov/+archive/p3a").jsonBody()
      >>> cprov_bins_response = webservice.named_get(
--    ...     cprov_archive['self_link'], 'getPublishedBinaries')
++    ...     cprov_private_ppa['self_link'], 'getPublishedBinaries')
      >>> print cprov_bins_response
      HTTP/1.1 200 Ok
      ...
@@ -117,7 +127,7 @@
  Any other user attempt would result in a 401 error.
      >>> response = user_webservice.named_get(
--    ...     cprov_archive['self_link'], 'getPublishedBinaries')
++    ...     cprov_private_ppa['self_link'], 'getPublishedBinaries')
      >>> print response
      HTTP/1.1 401 Unauthorized
      ...
@@ -125,6 +135,7 @@
  If the user attempts to access the publication URL directly they will
  also fail in their quest.
++    >>> pubs = cprov_bins_response.jsonBody()
      >>> private_publication_url = pubs['entries'][0]['self_link']
      >>> response = user_webservice.get(private_publication_url)
      >>> print response
 === modified file 'lib/lp/soyuz/stories/webservice/xx-source-package-publishing.txt'
 --- lib/lp/soyuz/stories/webservice/xx-source-package-publishing.txt	2010-01-13 05:18:26 +0000
 +++ lib/lp/soyuz/stories/webservice/xx-source-package-publishing.txt	2010-02-26 15:44:20 +0000
@@ -21,12 +21,12 @@
      >>> for pub in ppa.getPublishedSources():
      ...     pub = removeSecurityProxy(pub)
      ...     pub.sourcepackagerelease.dscsigningkey = fake_signer
--    >>> transaction.commit()
      >>> logout()
      >>> cprov_archive = webservice.get("/~cprov/+archive/ppa").jsonBody()
--    >>> pubs = webservice.named_get(
--    ...     cprov_archive['self_link'], 'getPublishedSources').jsonBody()
++    >>> cprov_srcs_response = pubs = webservice.named_get(
++    ...     cprov_archive['self_link'], 'getPublishedSources')
++    >>> pubs = cprov_srcs_response.jsonBody()
      >>> def print_publications(pubs):
      ...     for display_name in sorted(
@@ -150,7 +150,6 @@
      >>> for pub in ppa.getPublishedSources():
      ...     pub = removeSecurityProxy(pub)
      ...     pub.sourcepackagerelease.dscsigningkey = None
--    >>> transaction.commit()
      >>> logout()
  Query the source again:
@@ -181,9 +180,9 @@
  Anonymous users can't remove packages.
      >>> response = webservice.named_post(
--    ...     package, 'requestDeletion',
++    ...     package, 'requestDeletion',
      ...     removal_comment="No longer needed")
--    >>> print response
++    >>> print response
      HTTP/1.1 401 Unauthorized
      ...
@@ -194,12 +193,12 @@
      >>> logout()
      >>> from canonical.launchpad.testing.pages import webservice_for_person
      >>> from canonical.launchpad.webapp.interfaces import OAuthPermission
--    >>> cprov_webservice = webservice_for_person(cprov,
++    >>> cprov_webservice = webservice_for_person(cprov,
      ...     permission=OAuthPermission.WRITE_PUBLIC)
      >>> response = cprov_webservice.named_post(
--    ...     package, 'requestDeletion',
++    ...     package, 'requestDeletion',
      ...     removal_comment="No longer needed")
--    >>> print response
++    >>> print response
      HTTP/1.1 200 Ok
      ...
@@ -215,30 +214,46 @@
  Privacy
  =======
--When Celso's PPA becomes private ...
++Create a private PPA for Celso with some binaries.
      >>> login("foo.bar@canonical.com")
--    >>> cprov_ppa.buildd_secret = 'boing'
--    >>> cprov_ppa.private = True
--
--    >>> transaction.commit()
--
++    >>> from zope.component import getUtility
++    >>> from lp.registry.interfaces.person import IPersonSet
++    >>> from lp.registry.interfaces.distribution import IDistributionSet
++    >>> from lp.soyuz.tests.test_publishing import (
++    ...      SoyuzTestPublisher)
++    >>> from lp.soyuz.interfaces.publishing import (
++    ...     PackagePublishingStatus)
++    >>> cprov_db = getUtility(IPersonSet).getByName('cprov')
++    >>> ubuntu_db = getUtility(IDistributionSet).getByName('ubuntu')
++    >>> cprov_private_ppa_db = factory.makeArchive(
++    ...     private=True, owner=cprov_db, name="p3a",
++    ...     distribution=ubuntu_db)
++    >>> test_publisher = SoyuzTestPublisher()
++    >>> test_publisher.prepareBreezyAutotest()
++    >>> private_source_pub = test_publisher.getPubBinaries(
++    ...     status=PackagePublishingStatus.PUBLISHED,
++    ...     binaryname='privacy-test-bin',
++    ...     archive=cprov_private_ppa_db)
      >>> logout()
++
  Only Celso (or anyone who participates on the PPA owner team) has
  access to the PPA publications.
--    >>> cprov_srcs_response = webservice.named_get(
--    ...     cprov_archive['self_link'], 'getPublishedSources')
--    >>> print cprov_srcs_response
++    >>> cprov_private_ppa = webservice.get(
++    ...     "/~cprov/+archive/p3a").jsonBody()
++    >>> cprov_srcs_response_private = webservice.named_get(
++    ...     cprov_private_ppa['self_link'], 'getPublishedSources')
++    >>> print cprov_srcs_response_private
      HTTP/1.1 200 Ok
      ...
  Any other user attempt would result in a 401 error.
      >>> response = user_webservice.named_get(
--    ...     cprov_archive['self_link'], 'getPublishedSources')
++    ...     cprov_private_ppa['self_link'], 'getPublishedSources')
      >>> print response
      HTTP/1.1 401 Unauthorized
      ...
@@ -246,6 +261,7 @@
  If the user attempts to access the publication URL directly they will
  also fail in their quest.
++    >>> pubs = cprov_srcs_response_private.jsonBody()
      >>> private_publication_url = pubs['entries'][0]['self_link']
      >>> response = user_webservice.get(private_publication_url)
      >>> print response

Launchpad itself

Merge lp:~michael.nelson/launchpad/ppa-privatisation-test-refactor6 into lp:launchpad

Commit message

Description of the change

Preview Diff

Subscribers