Launchpad itself

Proprietary branches break code import listing

Bug #1089023 reported by Curtis Hovey on 2012-12-11

This bug report is a duplicate of: Bug #612287: Unable to view failed imports if there are private imports in the list. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Launchpad itself	Triaged	Critical	Unassigned

Bug Description

The code import listing will raise a 403 if one of the import branch is Proprietary. This listing 403's for me, but since the set is changing the batch might be different
https://code.launchpad.net/+code-imports/+index?field.rcs_type=BZR_SVN&field.rcs_type-empty-marker=1&field.review_status=&field.review_status-empty-marker=1&submit=Submit&batch=75&direction=backwards&memo=1800&start=1725

The branch comes from a public souce (http://dokan.googlecode.com/svn/trunk/) and it is owned by a public team (fiecom-committers) in a public project (fiecom). The project's branch sharing policy is Proprietary only. This may be a contradiction of rules because I don't think it should be possible to have a non-public imported branch -- Lp would need to support user-specific authentication to import the branch. I think this branch should belong to the unregistered dokan project.

Expression: <PathExpr standard:u'codeimport/branch/target/name'>
   - Names:
      {'args': (),
       'context': <lp.code.model.codeimport.CodeImportSet object at 0x9795b10>,
       'default': <object object at 0x2b55fd7d2390>,
       'loop': {},
       'nothing': None,
       'options': {},
       'repeat': {},
       'request': <lp.code.publisher.CodeBrowserRequest instance URL=https://code.launchpad.net/+code-imports/+index>,
       'template': <z3c.ptcompat.ViewPageTemplateFile object at 0x947a790>,
       'view': <zope.browserpage.metaconfigure.SimpleViewClass from /srv/launchpad.net/production/launchpad-rev-16361/lib/lp/code/browser/../templates/codeimport-list.pt object at 0x131bf050>,
       'views': <zope.app.pagetemplate.viewpagetemplatefile.ViewMapper object at 0x10e4a3d0>}
...
__traceback_info__: (<Branch u'~fiecom-committers/fiecom/dokan' (555406)>, 'target', ['name'])
Unauthorized: (<Branch u'~fiecom-committers/fiecom/dokan' (555406)>, 'target', 'launchpad.View')

See original description

Tags:

Curtis Hovey (sinzui) on 2012-12-11

description:

updated

Revision history for this message

Curtis Hovey (sinzui) wrote on 2012-12-11:

select ci.url, b.unique_name from codeimport ci join branch b on ci.branch = b.id and b.information_type > 2;

shows that there are 15 confidential imported branches. None of the branches are specific the the projects that claim them. For example git://github.com/etsy/statsd.git is claimed to belong to ubuntu-one servers, but the branch has no common ancestor with the project's branches. No community can import and work with etsy's loveley statsd because one project has effectively stolen public code.

tags:

added: privacy
removed: regression sharing

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #612287 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.