[Patchew-devel] [PATCH] test: more testcases around authorization
Shubham Jain
shubhamjain7495 at gmail.com
Thu May 17 18:06:06 UTC 2018
Yes. Could you please also explain how maintainers and importers play
different role?
On Thu, May 17, 2018 at 11:00 PM Paolo Bonzini <pbonzini at redhat.com> wrote:
> On 17/05/2018 19:25, Shubham Jain wrote:
> > > + if request.user.is_superuser or 'importers' in
> > user_group_names:
> > > + projects = [p for p in Project.objects.all() if
> > p.recognizes(m)]
> > > + else:
> > > + projects = [p for p in Project.objects.all() if
> > p.maintained_by(self.request.user)]
> >
> > I think the else branch should still union the p.recognizes()
> filtering.
> >
> > As you have mentioned in the test case below
> > "test_maintainer_of_project_x_import_a_patch_to_project_y()", does this
> > mean even if user is maintainer of one project, but result in message is
> > simply imported to all the recognised project. If yes, why are we just
> > not using only recognised condition?
>
> The idea is that if a user wants to import to a particular project he
> maintains, he uses /projects/.../messages. If a user wants to recognize
> the projects based on the recipients, he uses /messages.
>
> (In practice the former happens rarely, but it was already complicated
> enough and it makes sense to have it as part of the REST API!)
>
> Does it make sense?
>
> Paolo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/patchew-devel/attachments/20180517/bb352a41/attachment.htm>
More information about the Patchew-devel
mailing list