Code review comment for lp:~wgrant/launchpad/bug-432832

update-sourcecode is currently broken if the user doesn't have access to shipit or canonical-identity-provider branches.

A Branch.open() call will fail if the user cannot access the branch, but only the sprout and pull calls are wrapped in a try/except block. This branch moves the try/excepts to around the Branch.open() calls, allowing update-sourcecode to again complete for unprivileged users.

I believe removing the sprout/pull protection is fine, because the point of the 'optional' sourcedep flag is for update-sourcecode to not die if the branches are inaccessible due to a lack of privileges. If the Branch.open() succeeds, the correct privilege is clearly held, so any subsequent failure is real.