Launchpad itself

Users should be able to make private branches of public projects

Bug #527900 reported by Ted Gould
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Launchpad itself
Fix Released
High
Ian Booth

Bug Description

For various tasks we'd like to have a private branch of an otherwise public project. It would seem that this should be a user or by group setting. I think that it should work similar to +junk. So if I needed a private branch I could do:

  bzr branch lp:linux
  <fix security embargoed feature>
  bzr push lp:~linux-security-team/+private/linux/cve1234

This would keep the workflow clean, but allow for making private branches that could be seen by a team.

Thanks!

Related branches

lp:~wallyworld/launchpad/make-private-branches-527900
Curtis Hovey (community): Approve (code)
Diff: 589 lines (+308/-40)
10 files modified
lib/lp/bugs/interfaces/bugtask.py (+9/-1)
lib/lp/bugs/model/bugtasksearch.py (+4/-0)
lib/lp/bugs/tests/test_bugtask_search.py (+15/-0)
lib/lp/code/browser/branch.py (+52/-29)
lib/lp/code/browser/tests/test_branch.py (+44/-3)
lib/lp/code/interfaces/branch.py (+19/-0)
lib/lp/code/model/branch.py (+27/-0)
lib/lp/code/model/tests/test_branch.py (+100/-1)
lib/lp/registry/tests/test_information_type_vocabulary.py (+22/-4)
lib/lp/registry/vocabularies.py (+16/-2)
Revision history for this message
Curtis Hovey (sinzui) wrote :

User can have private branches for public projects, they need to ask so that the reason are understood.

affects: launchpad → launchpad-code
Changed in launchpad-code:
status: New → Incomplete
Revision history for this message
Ted Gould (ted) wrote : Re: [Bug 527900] Re: Users should be able to make private branches of public projects

On Thu, 2010-02-25 at 18:01 +0000, Curtis Hovey wrote:
> User can have private branches for public projects, they need to ask so
> that the reason are understood.

So, should it be "users should be able to create arbitrary private
branches"? If that's available, how do I sign up? :)

  --Ted

Revision history for this message
Paul Hummer (rockstar) wrote :

Well, we can make private branches for people. All you need is ask and have a legitimate reason to need a private branch. If users could casually create private branches, it would get abused.

Revision history for this message
Tim Penhey (thumper) wrote :

Actually we are considering allowing anyone to create a private branch. It is just a case of prioritizing the work.

I've talked with poolie about this about adding something like bzr push --private lp...

Although not sure how that'd work in practice.

tags: added: privacy
Revision history for this message
Martin Pool (mbp) wrote :

Knowing that you need to specially ask someone and wait for them to respond is not really a good solution.

Tim if you add an api for this we can call it.

Changed in launchpad-code:
status: Incomplete → Confirmed
Revision history for this message
Tim Penhey (thumper) wrote :

On Fri, 26 Feb 2010 13:12:20 Martin Pool wrote:
> Knowing that you need to specially ask someone and wait for them to
> respond is not really a good solution.
>
> Tim if you add an api for this we can call it.

There is an api, but the point is that not everyone is currently allowed to
make any branch private. It is restricted by which team you're in, not by ui
not implemented.

We are considering a broad stroke across the privacy to just allow people to
make their own public branches private.

Revision history for this message
Ted Gould (ted) wrote :

On Fri, 2010-02-26 at 00:51 +0000, Tim Penhey wrote:
> On Fri, 26 Feb 2010 13:12:20 Martin Pool wrote:
> > Knowing that you need to specially ask someone and wait for them to
> > respond is not really a good solution.
> >
> > Tim if you add an api for this we can call it.
>
> There is an api, but the point is that not everyone is currently allowed to
> make any branch private. It is restricted by which team you're in, not by ui
> not implemented.
>
> We are considering a broad stroke across the privacy to just allow people to
> make their own public branches private.

Just to clarify, I think it's important that it's not making "public
branches private." It's about making sure that there is never a public
branch at all. It should exist as public and then get converted.

Also, I'm still a fan of the URL based distinction more than a command
line one as it'll show me everytime I push or pull that the branch is
private. Plus, being a command line option implies that it should be
part of Bazaar. The reality is that Bazaar doesn't know anything about
public/private, it isn't important to Bazaar. It is strictly a
Launchpad feature.

Revision history for this message
Karl Fogel (kfogel) wrote :

Ted, just a sanity check: did you mean "It should NOT exist as public and then get converted." ?

Revision history for this message
Ted Gould (ted) wrote :

On Tue, 2010-05-04 at 21:07 +0000, Karl Fogel wrote:
> Ted, just a sanity check: did you mean "It should NOT exist as public
> and then get converted." ?

Yes, sorry, typo. Thanks for catching it :)

Curtis Hovey (sinzui)
Changed in launchpad:
status: Confirmed → Triaged
importance: Undecided → Low
tags: added: feature
Revision history for this message
Curtis Hovey (sinzui) wrote :

I think this relates to the entitlement issues that commercial projects face. I would like to add/revise the security checker for making a branch private. I think there is a common set of conditions we could agree are sane. This is my list of conditions that I think should permit a user changing a branch to private:

* The branch is owned by a private team (The branch is already implicitly private)
* The project has privacy enabled and the user is in a project role
* The branch is linked to a security bug the user can access
* the branch is linked to a private bug the user can access

tags: added: branches disclosure
Curtis Hovey (sinzui)
tags: added: information-type
Ian Booth (wallyworld)
Changed in launchpad:
importance: Low → High
status: Triaged → In Progress
assignee: nobody → Ian Booth (wallyworld)
Revision history for this message
Ian Booth (wallyworld) wrote :

Further discussion with Curtis and the team working on implementing disclosure has resulted in Curtis' list of conditions to be revised to remove the project roles clause. So a user will be allowed to change a branch to private if:

* The branch visibility policy allows it (for legacy support until BVP is removed)
* The user is special (admin or bzr expert)
* The branch is owned by a private team (The branch is already implicitly private)
* The branch is linked to a private bug (embargoed security, user data, proprietary) the user can access

"Change to private" means setting the information type to a private value (embargoed security, user data, proprietary). Otherwise, just the public values are allowed (public, unembargoed security).

William Grant (wgrant)
Changed in launchpad:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.