Closed Bug 1132636 Opened 6 years ago Closed 6 years ago

rbbz: users created from bugzilla do not have is_private set True until the second time they are accessed

Categories

(MozReview Graveyard :: General, defect, P2)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: dminor, Assigned: dminor)

References

Details

Attachments

(2 files, 1 obsolete file)

It appears the intention is to always set is_private to True for users created from bugzilla [1].

Because this is done in the else part of a try/except/else clause, and the user is created in the except clause, is_private is not actually set until the second time the user is accessed.

[1] https://dxr.mozilla.org/hgcustom:version-control-tools/source/pylib/rbbz/rbbz/models.py#88
Assignee: nobody → dminor
Status: NEW → ASSIGNED
Attached file MozReview Request: bz://1132636/dminor (obsolete) —
/r/3841 - vcttesting: add mach command to dump reviewboard account profile; r=gps
/r/3843 - rbbz: set is_private to true when creating the user (bug 1132636); r=mconley

Pull down these commits:

hg pull review -r ab5a15efc10174670d7d052c6c9239edc035c344
Attachment #8564121 - Flags: review?(mconley)
Attachment #8564121 - Flags: review?(gps)
Comment on attachment 8564121 [details]
MozReview Request: bz://1132636/dminor

https://reviewboard.mozilla.org/r/3839/#review3059

Ship It!
Attachment #8564121 - Flags: review?(mconley) → review+
https://reviewboard.mozilla.org/r/3843/#review3129

::: hgext/reviewboard/tests/test-auth.t
(Diff revision 1)
> +  $ rbmanage make-admin $BUGZILLA_USERNAME

Is this still necessary? The newly-added make-admin command accesses the DB directly and doesn't need admin privileges.

What breaks if this is removed?
Comment on attachment 8564121 [details]
MozReview Request: bz://1132636/dminor

https://reviewboard.mozilla.org/r/3839/#review3131

Ship It!
Attachment #8564121 - Flags: review?(gps) → review+
https://reviewboard.mozilla.org/r/3843/#review3141

> Is this still necessary? The newly-added make-admin command accesses the DB directly and doesn't need admin privileges.
> 
> What breaks if this is removed?

This makes the user a reviewboard admin. We need it because dump-user uses the Reviewboard API (not the database) and with accounts now set to private on creation we would no longer see the user name and email in this test unless our API user is an admin.

An alternative would be to change dump-user to read the reviewboard auth database table rather than query through the API.
https://reviewboard.mozilla.org/r/3843/#review3143

> This makes the user a reviewboard admin. We need it because dump-user uses the Reviewboard API (not the database) and with accounts now set to private on creation we would no longer see the user name and email in this test unless our API user is an admin.
> 
> An alternative would be to change dump-user to read the reviewboard auth database table rather than query through the API.

I see. This is OK, then.

Ship it.
Attachment #8564121 - Attachment is obsolete: true
Attachment #8619466 - Flags: review+
Attachment #8619467 - Flags: review+
Product: Developer Services → MozReview
You need to log in before you can comment on or make changes to this bug.