Launchpad itself

No way of determining permissions for a particular role

Bug #701681 reported by Jonathan Lange
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Triaged
Low
Unassigned

Bug Description

Sometimes it's not clear what it would mean to make someone the driver of a distribution, or the owner of a branch, even to developers of Launchpad. It would be good if there were some automated way of enumerating the permissions that are granted to a particular role.

Even if the output of this is only from a script and not from the website, that would be enough to meet my use cases.

Tags: docs hardening
Revision history for this message
Curtis Hovey (sinzui) wrote :

This relates to bug 567889 which strives to create the page.

Revision history for this message
Curtis Hovey (sinzui) wrote :

This is neigh impossible to do given the current state of code because many permissions are determined in python checking specific fields. Consider that there was no bug supervisor permission until a few months ago, but the role has existed since 2005. Scanning security.py and ZCML will not be enough.

tags: added: docs
Revision history for this message
Robert Collins (lifeless) wrote :

We certainly need to be able to do this; I'm tagging it disclosure but thats possibly incorrect; also I've marked it low but if we want to make that high it would be ok with me. I suspect that its a relatively low return for the volume of work needed.

Changed in launchpad:
status: New → Triaged
importance: Undecided → Low
tags: added: disclosure
Curtis Hovey (sinzui)
tags: added: hardening
Curtis Hovey (sinzui)
tags: removed: disclosure
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.