Launchpad itself

Merge lp:~wgrant/launchpad/no-tlt-encoded into lp:launchpad

no-tlt-encoded
Merge into devel

Proposed by William Grant on 2016-04-14

Status:	Merged
Merged at revision:	17997
Proposed branch:	lp:~wgrant/launchpad/no-tlt-encoded
Merge into:	lp:launchpad
Diff against target:	32 lines (+2/-9) 1 file modified lib/lp/services/librarianserver/db.py (+2/-9)
To merge this branch:	bzr merge lp:~wgrant/launchpad/no-tlt-encoded
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Colin Watson (community)		2016-04-14	Approve on 2016-04-14
Review via email: mp+291853@code.launchpad.net

Commit message

Drop compatibility for TimeLimitedTokens with encoded tildes. The new normal form has been in place for months.

Description of the change

Drop compatibility for TimeLimitedTokens with encoded tildes.

I meant to land this after we stopped generating them in like December, but forgot.

Revision history for this message

Colin Watson (cjwatson) wrote on 2016-04-14:

I'm a bit mystified as to how the second part of test_restricted_with_token_encoding apparently continues to work, which suggests there may be a test problem. But otherwise this looks OK.

review: Approve

Revision history for this message

William Grant (wgrant) wrote on 2016-04-15:

TLTs now store a normalised path with tildes decoded, so inbound URL encoding doesn't matter.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Barki Mustapha

Celso Providelo

Christian Reis

Christy Awad

Colin Watson

Harpianto,ANDI

James Troup

John A Meinel

Kevin bush

Launchpad code reviewers

Launchpad code reviewers from Canonical

Matthew Tanner

Maximiliano Bertacchini

Oguz Ersoz

Simon Brakhane

Ubuntu-BR DevOps

William Grant

alhawiti

api.ng

pedro cavazos

todaioan

wenjingwen

to status/vote changes:

Tzaddi

Tzaddi Belding

1	=== modified file 'lib/lp/services/librarianserver/db.py'
2	--- lib/lp/services/librarianserver/db.py 2015-12-10 00:37:05 +0000
3	+++ lib/lp/services/librarianserver/db.py 2016-04-14 06:44:40 +0000
4	@@ -13,7 +13,6 @@
5
6	from storm.expr import (
7	And,
8	- Or,
9	SQL,
10	)
11
12	@@ -69,18 +68,12 @@
13	# forcibly decodes it in any URL that it sees.
14	#
15	# This needs to match url_path_quote.
16	- plain_tilde_path = urllib.quote(urllib.unquote(path), safe='/~+')
17	- # XXX wgrant 2015-12-09: We used to generate URLs with
18	- # escaped tildes, so support those until the tokens are all
19	- # expired.
20	- encoded_tilde_path = urllib.quote(urllib.unquote(path), safe='/')
21	+ normalised_path = urllib.quote(urllib.unquote(path), safe='/~+')
22	store = session_store()
23	token_found = store.find(TimeLimitedToken,
24	SQL("age(created) < interval '1 day'"),
25	TimeLimitedToken.token == hashlib.sha256(token).hexdigest(),
26	- Or(
27	- TimeLimitedToken.path == plain_tilde_path,
28	- TimeLimitedToken.path == encoded_tilde_path)).is_empty()
29	+ TimeLimitedToken.path == normalised_path).is_empty()
30	store.reset()
31	if token_found:
32	raise LookupError("Token stale/pruned/path mismatch")