3rd part PPA uploaders should also benefit of the right UI permissions
Bug #397831 reported by
Celso Providelo
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Fix Released
|
High
|
Celso Providelo | ||
Bug Description
Since the fix of bug #382793, it is possible to allow any person to upload sources to PPAs, even if they are not members of team owning.
However, those 3rd part uploaders are not granted the right permission in the UI domain (lp.Append) on public PPAs, resulting in the fact that cannot copy packages to that PPA.
3rd-part upload right on private ppas are worst, because the user won't be able to access its page in LP.
Summing up, the IArchive security-adapter should be integrated with the infrastructure used for calculating upload ACLs (IArchive.
Revision history for this message
| Celso Providelo (cprov) wrote | #1 |
| Changed in soyuz: | |
| status: | In Progress → Fix Committed |
| Changed in soyuz: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
r8846 (devel)