Launchpad itself

CopyChecker.checkCopy uses check_permission badly

Bug #780429 reported by William Grant
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Fix Released
Critical
William Grant

Bug Description

CopyChecker.checkCopy recently gained a check to assist in the perpetuation of the ubuntu-security permission special case. It is bad for three reasons: 1) check_permission isn't to be used in model code, nor code that takes a user explicitly for permission checking -- and checkCopy falls in both categories. 2) It always checks for launchpad.Append on the primary archive, rather than the archive being copied to. 3) The hack is only needed in Archive.syncSource(s), so it should not plague the rest of the codebase.

Related branches

lp:~wgrant/launchpad/checkcopy-permissions-betterer
Julian Edwards (community): Approve
Diff: 120 lines (+42/-37)
4 files modified
lib/lp/registry/browser/tests/test_distroseries.py (+0/-27)
lib/lp/soyuz/model/archive.py (+7/-2)
lib/lp/soyuz/scripts/packagecopier.py (+1/-8)
lib/lp/soyuz/tests/test_archive.py (+34/-0)
William Grant (wgrant)
Changed in launchpad:
status: In Progress → Fix Released
milestone: none → 11.06
Revision history for this message
Robert Collins (lifeless) wrote :

FTR the regression is because using the primary archive always is a security regression

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.