Comment 3 for bug 1056881

Revision history for this message
Abel Deuring (adeuring) wrote : Re: [Bug 1056881] Re: Specifications privacy: subscribers can't see private blueprints

On 23.11.2012 18:17, Данило Шеган wrote:
> I assume the missing bit is to create artifact grants for all the
> subscribers that might not have them now? FWIW, Linaro can work around
> that once this hits production by unsubscribing and subscribing people
> again (I assume you don't have too many private blueprint users, so it
> might not be worth the effort to come up with migration plan).

Yes, this is an issue, and I'd appreciate your offer to do the
unsubscribe/subscribe cycle.

But my mistake is something else: Even people with an artfact grant
can't yet access blueprint pages. They'll get a 403 error when
product.getSpecifcation() is called during traversal. Nice example of
"too narrow" testing: create_inititalized_view(proprietary_blueprint)
works fine -- but this does not involve traversing to the blueprint...

> Will this also include assignees who are not explicitely granted
> permissions to view a blueprint?
>

No, I'm not addressing this right now. I see your point: Having to
explicitly subscribe an assignee is somwhat weird.

But:
  - we have the at present same problem with bugtask assignees, so for
    consistency sake both "assignment steps" should behave identically
  - we will have to discuss a few issues around the details. The most
    important one: Should we simply subscribe the assignee
    automatically, or should we issue the artifact grant independently?