https://wiki.launchpad.canonical.com/SupermirrorFilesystemHierarchy specifies that the virtual filesystem presented over SFTP for push branches should have various restrictions. For example, ~user/product/branch directories can only be created if the logged in user is a member of user, product is the name of a product registered in Launchpad, and branch is valid (but unregistered for this user/product pair) branch name.
We want to return sensible errors to the user when they hit one of these restrictions. Ideally, the user experience would look something like:
% bzr push sftp://bazaar.launchpad.net/cool-features
bzr: error creating directory cool-features. Server said:
branches must be inside a person or team directory
% bzr push sftp://bazaar.launchpad.net/~mbp/cool-features
bzr: error creating directory ~mbp/cool-features. Server said:
branches must be inside a valid product name, or "+junk"
% bzr push sftp://bazaar.launchpad.net/~linux-kernel/v2.6/cool-features
bzr: error creating directory ~linux-kernel/v2.6/cool-features. Server said:
you are not a member of the "linux-kernel" team
Currently, the SFTP server just sends generic permission denied errors. We need to determine if we can send more useful error messages via SFTP, and then make sure bzr reports them.
From skimming the relevant code in the server, and in bzr and paramiko, this looks like it's close to working (if it doesn't already). I think it just needs a newer Twisted in the SFTP server.
We should write some tests that this works with the bzr client talking to our SFTP server.