~vcs-imports team need privileges review

Bug #576090 reported by Brad Crittenden on 2010-05-05
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Launchpad itself
High
Tim Penhey

Bug Description

We want to open import reviews up to community members by adding them to the ~vcs-imports team. It appears the team currently has some extra privileges they should not. A thorough review needs to be done and the permissions set to be no more generous than necessary.

MaxB reports these current capabilities:

Privileges are:

lp.registry.browser.product: ~vcs-imports members can set the owner and license_reviewed flag of projects when registering a new project.

canonical.launchpad.security:

IProductSeries launchpad.Admin <--- weird!
IBazaarApplication launchpad.Admin
ICodeImport launchpad.Edit
ICodeImportJobSet launchpad.View
ICodeImportJobWorkflow launchpad.Edit
ICodeImportMachine launchpad.Edit
IBranch that is a code import launchpad.Edit

Related branches

Max Bowsher (maxb) wrote :

It has been hypothesized that the original purpose of IProductSeries launchpad.Admin might be to allow ~vcs-imports people to designate a newly created vcs import as the series development focus. This might not be sane, and should perhaps be handled through some other team. Perhaps ~launchpad-chr.

On Thu, 06 May 2010 10:25:42 you wrote:
> It has been hypothesized that the original purpose of IProductSeries
> launchpad.Admin might be to allow ~vcs-imports people to designate a
> newly created vcs import as the series development focus. This might not
> be sane, and should perhaps be handled through some other team. Perhaps
> ~launchpad-chr.

No, originally import details were always connected to a product series.

Historical rubbish.

Tim Penhey (thumper) on 2010-05-06
Changed in launchpad-code:
status: New → Triaged
importance: Undecided → High
tags: added: tech-debt
Changed in launchpad-code:
assignee: nobody → Tim Penhey (thumper)
milestone: none → 10.05
status: Triaged → Fix Committed
tags: added: qa-needstesting
Max Bowsher (maxb) wrote :

Remaining issues:

* thumper's branch didn't update the docstring of canonical.launchpad.security.EditCodeImportMachine, which now lies.

* thumper's branch didn't address the special access given to ~vcs-imports in lp.registry.browser.product.

Tim Penhey (thumper) on 2010-06-01
tags: added: qa-ok
removed: qa-needstesting
Curtis Hovey (sinzui) on 2010-06-02
Changed in launchpad-code:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers