Launchpad itself

Merge lp:~mwhudson/launchpad/allow-import-password into lp:launchpad

  1. allow-import-password
  2. Merge into devel
Proposed by Michael Hudson-Doyle
Status: Merged
Approved by: Michael Hudson-Doyle
Approved revision: no longer in the source branch.
Merged at revision: not available
Proposed branch: lp:~mwhudson/launchpad/allow-import-password
Merge into: lp:launchpad
Diff against target: 144 lines (+31/-15)
4 files modified
lib/lp/code/browser/codeimport.py (+4/-3)
lib/lp/code/interfaces/codeimport.py (+1/-1)
lib/lp/code/stories/codeimport/xx-admin-codeimport.txt (+8/-7)
lib/lp/code/stories/codeimport/xx-create-codeimport.txt (+18/-4)
To merge this branch: bzr merge lp:~mwhudson/launchpad/allow-import-password
Reviewer Review Type Date Requested Status
Tim Penhey (community) Approve
Jeroen T. Vermeulen (community) code Needs Fixing
Review via email: mp+22924@code.launchpad.net

Commit message

Allow a username and password to be specified in a code import's URL

Description of the change

Hi,

This branch adds the ability to specify a username and password in code import urls.

Cheers,
mwh

To post a comment you must log in.
Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

As per IRC, I have one problem with this: you're inviting users to enter complete login credentials which will then be shown publicly in the UI.

An option you proffered was a warning text. Another is to ensure that the password is never displayed except to the user who entered it.

review: Needs Fixing (code)
Revision history for this message
Tim Penhey (thumper) wrote :

I think that a warning on the page where they are entering it would be enough.

Revision history for this message
Tim Penhey (thumper) wrote :

I think if you add a warning on the page saying it will be publicly visible, we can land this.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'lib/lp/code/browser/codeimport.py'
--- lib/lp/code/browser/codeimport.py 2010-04-22 23:50:51 +0000
+++ lib/lp/code/browser/codeimport.py 2010-04-28 02:54:28 +0000
@@ -211,10 +211,11 @@
211 svn_branch_url = URIField(211 svn_branch_url = URIField(
212 title=_("Branch URL"), required=False,212 title=_("Branch URL"), required=False,
213 description=_(213 description=_(
214 "The URL of a Subversion branch, starting with svn:// or"214 "The URL of a Subversion branch, starting with svn:// or "
215 " http(s)://. Only trunk branches are imported."),215 "http(s)://. You can include a username and password as part "
216 "of the url, but this will be displayed on the branch page."),
216 allowed_schemes=["http", "https", "svn"],217 allowed_schemes=["http", "https", "svn"],
217 allow_userinfo=False,218 allow_userinfo=True,
218 allow_port=True,219 allow_port=True,
219 allow_query=False,220 allow_query=False,
220 allow_fragment=False,221 allow_fragment=False,
221222
=== modified file 'lib/lp/code/interfaces/codeimport.py'
--- lib/lp/code/interfaces/codeimport.py 2010-04-04 16:48:40 +0000
+++ lib/lp/code/interfaces/codeimport.py 2010-04-28 02:54:28 +0000
@@ -102,7 +102,7 @@
102 URIField(title=_("URL"), required=False, readonly=True,102 URIField(title=_("URL"), required=False, readonly=True,
103 description=_("The URL of the VCS branch."),103 description=_("The URL of the VCS branch."),
104 allowed_schemes=["http", "https", "svn", "git"],104 allowed_schemes=["http", "https", "svn", "git"],
105 allow_userinfo=False, # Only anonymous access is supported.105 allow_userinfo=True,
106 allow_port=True,106 allow_port=True,
107 allow_query=False, # Query makes no sense in Subversion.107 allow_query=False, # Query makes no sense in Subversion.
108 allow_fragment=False, # Fragment makes no sense in Subversion.108 allow_fragment=False, # Fragment makes no sense in Subversion.
109109
=== modified file 'lib/lp/code/stories/codeimport/xx-admin-codeimport.txt'
--- lib/lp/code/stories/codeimport/xx-admin-codeimport.txt 2010-03-26 02:40:29 +0000
+++ lib/lp/code/stories/codeimport/xx-admin-codeimport.txt 2010-04-28 02:54:28 +0000
@@ -124,13 +124,14 @@
124+++++++++++++++++++++++++++124+++++++++++++++++++++++++++
125125
126The +edit-import page allows the import operator to edit the location126The +edit-import page allows the import operator to edit the location
127an import is from.127an import is from, for example to add a user name and password to the
128url.
128129
129This is true for Subversion imports,130This is true for Subversion imports,
130131
131 >>> import_browser.open(svn_import_location + '/+edit-import')132 >>> import_browser.open(svn_import_location + '/+edit-import')
132 >>> import_browser.getControl('URL').value = \133 >>> import_browser.getControl('URL').value = \
133 ... 'svn://svn-new.example.com/fooix/trunk'134 ... 'svn://user:password@svn-new.example.com/fooix/trunk'
134 >>> import_browser.getControl('Update').click()135 >>> import_browser.getControl('Update').click()
135 >>> for message in get_feedback_messages(import_browser.contents):136 >>> for message in get_feedback_messages(import_browser.contents):
136 ... print extract_text(message)137 ... print extract_text(message)
@@ -140,7 +141,7 @@
140141
141 >>> import_browser.open(bzr_svn_import_location + '/+edit-import')142 >>> import_browser.open(bzr_svn_import_location + '/+edit-import')
142 >>> import_browser.getControl('URL').value = \143 >>> import_browser.getControl('URL').value = \
143 ... 'svn://svn-new.example.com/bzr-svn/trunk'144 ... 'svn://user:password@svn-new.example.com/bzr-svn/trunk'
144 >>> import_browser.getControl('Update').click()145 >>> import_browser.getControl('Update').click()
145 >>> for message in get_feedback_messages(import_browser.contents):146 >>> for message in get_feedback_messages(import_browser.contents):
146 ... print extract_text(message)147 ... print extract_text(message)
@@ -162,7 +163,7 @@
162163
163 >>> import_browser.open(git_import_location + '/+edit-import')164 >>> import_browser.open(git_import_location + '/+edit-import')
164 >>> import_browser.getControl('URL').value = \165 >>> import_browser.getControl('URL').value = \
165 ... 'git://git-new.example.org/fooix'166 ... 'git://user:password@git-new.example.org/fooix'
166 >>> import_browser.getControl('Update').click()167 >>> import_browser.getControl('Update').click()
167 >>> for message in get_feedback_messages(import_browser.contents):168 >>> for message in get_feedback_messages(import_browser.contents):
168 ... print extract_text(message)169 ... print extract_text(message)
@@ -172,7 +173,7 @@
172173
173 >>> import_browser.open(hg_import_location + '/+edit-import')174 >>> import_browser.open(hg_import_location + '/+edit-import')
174 >>> import_browser.getControl('URL').value = \175 >>> import_browser.getControl('URL').value = \
175 ... 'http://metal.example.org/bar'176 ... 'http://user:password@metal.example.org/bar'
176 >>> import_browser.getControl('Update').click()177 >>> import_browser.getControl('Update').click()
177 >>> for message in get_feedback_messages(import_browser.contents):178 >>> for message in get_feedback_messages(import_browser.contents):
178 ... print extract_text(message)179 ... print extract_text(message)
@@ -312,7 +313,7 @@
312 >>> print_import_details(import_browser)313 >>> print_import_details(import_browser)
313 Import Status: Reviewed314 Import Status: Reviewed
314 This branch is an import of the Subversion branch from315 This branch is an import of the Subversion branch from
315 svn://svn-new.example.com/fooix/trunk.316 svn://user:password@svn-new.example.com/fooix/trunk.
316 The next import is scheduled to run in 3 hours.317 The next import is scheduled to run in 3 hours.
317 Last successful import was on 2007-09-10.318 Last successful import was on 2007-09-10.
318 ...319 ...
@@ -349,7 +350,7 @@
349 >>> print_import_details(sample_person_browser)350 >>> print_import_details(sample_person_browser)
350 Import Status: Reviewed351 Import Status: Reviewed
351 This branch is an import of the Subversion branch from352 This branch is an import of the Subversion branch from
352 svn://svn-new.example.com/fooix/trunk.353 svn://user:password@svn-new.example.com/fooix/trunk.
353 The next import is scheduled to run as soon as possible (requested354 The next import is scheduled to run as soon as possible (requested
354 by Sample Person).355 by Sample Person).
355 Last successful import was on 2007-09-10.356 Last successful import was on 2007-09-10.
356357
=== modified file 'lib/lp/code/stories/codeimport/xx-create-codeimport.txt'
--- lib/lp/code/stories/codeimport/xx-create-codeimport.txt 2010-04-23 01:21:16 +0000
+++ lib/lp/code/stories/codeimport/xx-create-codeimport.txt 2010-04-28 02:54:28 +0000
@@ -41,8 +41,8 @@
41 (*) Subversion41 (*) Subversion
42 ( ) CVS42 ( ) CVS
4343
44The user is required to enter a project that the import is for,44The user is required to enter a project that the import is for, a name
45a name for the import branch, and a subversion branch location.45for the import branch, and a subversion branch location.
4646
47 >>> browser.getControl('Branch Name').value = "imported"47 >>> browser.getControl('Branch Name').value = "imported"
48 >>> browser.getControl('Branch URL').value = (48 >>> browser.getControl('Branch URL').value = (
@@ -68,6 +68,20 @@
68 >>> print svn_span['title']68 >>> print svn_span['title']
69 Subversion via bzr-svn69 Subversion via bzr-svn
7070
71If the user wants, they can include a username and password in the
72URL.
73
74 >>> browser.open("http://code.launchpad.dev/+code-imports/+new")
75 >>> browser.getControl('Branch Name').value = "with-password"
76 >>> browser.getControl('Branch URL').value = (
77 ... "http://user:password@svn.example.com/firefox/trunk")
78 >>> browser.getControl('Project').value = "firefox"
79 >>> browser.getControl('Request Import').click()
80 >>> print extract_text(find_tag_by_id(browser.contents, "import-details"))
81 Import Status: Pending Review
82 This branch is an import of the Subversion branch
83 from http://user:password@svn.example.com/firefox/trunk.
84
7185
72Requesting a Git import86Requesting a Git import
73=======================87=======================
@@ -234,8 +248,8 @@
234Requesting an import for a product that does not exist248Requesting an import for a product that does not exist
235======================================================249======================================================
236250
237If there are privacy policies that disallow the user from creating branches251If the name typed in the product field does not match that of an
238then an error is shown to the user.252existing product, an error is shown to the user.
239253
240 >>> browser.open("http://code.launchpad.dev/+code-imports/+new")254 >>> browser.open("http://code.launchpad.dev/+code-imports/+new")
241 >>> browser.getControl('Project').value = "no-such-product"255 >>> browser.getControl('Project').value = "no-such-product"