Is it possible to use `removeSecurityProxy` only in `ImportVulnerabilityJob`
and not in `SOSSImporter`? Because theoretically SOSSImporter can be called
with a logged in user at some point, while the Job is always a celery job.
Diff comments:
> diff --git a/lib/lp/bugs/tests/test_importvulnerabilityjob.py
> b/lib/lp/bugs/tests/test_importvulnerabilityjob.py
> index 297f8d7..45b3340 100644
> --- a/lib/lp/bugs/tests/test_importvulnerabilityjob.py
> +++ b/lib/lp/bugs/tests/test_importvulnerabilityjob.py
> @@ -335,7 +335,107 @@ class ImportVulnerabilityJobTests(TestCaseWithFactory):
>
> job = self.job_source.create(
> handler=VulnerabilityHandlerEnum.SOSS,
> - git_repository=self.repository.git_https_url,
> + git_repository=self.repository.id,
> + git_ref="ref/tags/v1.0",
> + git_paths=["cves"],
> + information_type=InformationType.PRIVATESECURITY.value,
> + import_since_commit_sha1=None,
> + )
> + job.run()
> +
> + # Check that it created the bug and vulnerability
> + self.assertEqual(len(cve.bugs), 1)
> +
> + admin = getUtility(ILaunchpadCelebrities).admin
> + with person_logged_in(admin):
> + self.assertEqual(len(list(cve.vulnerabilities)), 1)
> +
> + self.assertEqual(
> + job.metadata.get("result"),
> + {
> + "succeeded": ["CVE-2025-1979"],
> + "failed": [],
> + "error_description": [],
> + },
> + )
> +
> + def test_run_import_with_private_repo(self):
> + """Run ImportVulnerabilityJob."""
> + private_repo = removeSecurityProxy(
> + self.factory.makeGitRepository(
> + information_type=InformationType.PRIVATESECURITY
> + )
> + )
> + refs = self.factory.makeGitRefs(
> + repository=private_repo,
> + paths=("ref/heads/main", "ref/tags/v1.0"),
> + )
> + with open(self.cve_path, encoding="utf-8") as file:
> + self.useFixture(
> + GitHostingFixture(
> + blob=file.read(),
> + refs=refs,
> + diff_stats={"added": ["cves/CVE-2025-1979"]},
> + )
> + )
> +
> + cve = self.factory.makeCVE("2025-1979")
> + self.factory.makeDistribution(name="soss")
> +
> + job = self.job_source.create(
> + handler=VulnerabilityHandlerEnum.SOSS,
> + git_repository=private_repo.id,
> + git_ref="ref/tags/v1.0",
> + git_paths=["cves"],
> + information_type=InformationType.PRIVATESECURITY.value,
Here this is still PRIVATESECURITY?
> + import_since_commit_sha1=None,
> + )
> + job.run()
> +
> + # Check that it created the bug and vulnerability
> + self.assertEqual(len(cve.bugs), 1)
> +
> + admin = getUtility(ILaunchpadCelebrities).admin
> + with person_logged_in(admin):
> + self.assertEqual(len(list(cve.vulnerabilities)), 1)
> +
> + self.assertEqual(
> + job.metadata.get("result"),
> + {
> + "succeeded": ["CVE-2025-1979"],
> + "failed": [],
> + "error_description": [],
> + },
> + )
> +
> + def test_run_import_with_proprietary_repo(self):
> + """Run ImportVulnerabilityJob."""
> + project = self.factory.makeProduct()
> + self.factory.makeAccessPolicy(pillar=project)
> + proprietary_repo = removeSecurityProxy(
> + self.factory.makeGitRepository(
> + target=project, information_type=InformationType.PROPRIETARY
> + )
> + )
> + refs = self.factory.makeGitRefs(
> + repository=proprietary_repo,
> + paths=("ref/heads/main", "ref/tags/v1.0"),
> + )
> + with open(self.cve_path, encoding="utf-8") as file:
> + self.useFixture(
> + GitHostingFixture(
> + blob=file.read(),
> + refs=refs,
> + diff_stats={"added": ["cves/CVE-2025-1979"]},
> + )
> + )
> +
> + cve = self.factory.makeCVE("2025-1979")
> + self.factory.makeDistribution(name="soss")
> +
> + job = self.job_source.create(
> + handler=VulnerabilityHandlerEnum.SOSS,
> + git_repository=proprietary_repo.id,
> git_ref="ref/tags/v1.0",
> git_paths=["cves"],
> information_type=InformationType.PRIVATESECURITY.value,
--
https://code.launchpad.net/~enriqueesanchz/launchpad/+git/launchpad/+merge/491804
Your team Launchpad code reviewers is requested to review the proposed merge of
~enriqueesanchz/launchpad:add-import-export-endpoints into launchpad:master.
_______________________________________________
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help : https://help.launchpad.net/ListHelp
