Rick, thanks for the review. Regarding #155:
153 + def userCanView(self, user): 154 + """See `IMilestone`.""" 155 + # A database constraint ensures that either self.product 156 + # or self.distribution is not None. 157 + if self.product is None: 158 + # Distributions are always public, and so are their 159 + # milestones. 160 + return True I think it does not matter effectively if we check against self.product is None or self.distribution is None because the DB constraint ensures that exactly one of self.distribution and self.product is None. #328 is about arrtibutes that require other permissions that CHeckPublic or lp.View, which means the permissions lp.AnyPerson and lp.Edit. (Note the "continue" in line 327) -- https://code.launchpad.net/~adeuring/launchpad/milestone-sec-adapter/+merge/129917 Your team Launchpad code reviewers is subscribed to branch lp:launchpad. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
