Mailinglist Archive: opensuse-buildservice (206 mails)

< Previous Next >
Re: [opensuse-buildservice] problems with OBS 1.5rc2 after upgrading host to openSUSE 11.1
  • From: Andreas Bauer <abauer@xxxxxxx>
  • Date: Fri, 13 Mar 2009 20:17:26 +0100
  • Message-id: <49BAB146.4010908@xxxxxxx>
Jon Nelson schrieb:
I had a number of problems after upgrading an OBS instance from
openSUSE 11.0 to 11.1
The client remains running openSUSE 11.1, as it has for months. The
osc version on the client has not changed and is the latest available.


The first is that adding a *comment* via osc did not work.
I could add and remove files (PUT/DELETE respectively), but the
subsequent POST would not, returning a 403.

I tracked it down to this code, in
/srv/www/obs/frontend/app/controllers/source_controller.rb, near line
139:

if not ['diff', 'branch'].include?(cmd) and not
@http_user.can_modify_package?(pkg)

I believe two things are wrong with this line. First, it does not
include 'commit'. Second, the logic is wrong (it used AND instead of
OR), and the corrected version is below.

if not ['diff', 'branch', 'commit'].include?(cmd) or not
@http_user.can_modify_package?(pkg)

The original line is correct.

The purpose of this conditional is to exclude 'diff' and 'branch'
from the permission check. Every other command (including 'commit')
requires the 'modify_package' permission.

Evaluation of the original conditional shortcuts after (not ['diff',
'branch'].include?(cmd)) evaluates to false, which is the case if
cmd is either 'branch' or 'diff'. If cmd is anything else, the
second part of the 'and' is evaluated (permission check). If that
fails (evaluating to true due to the leading 'not') a 403 is sent
back. Otherwise the command is dispatched.

Your version of the conditional would shortcut and evaluate to true
every time a command not included in the list is sent, resulting in
a 403 for those commands.

Why did this work fine with openSUSE 11.0 and not 11.1? The OBS
versions are the same (1.5rc2)!

No idea, this needs to be investigated further.

Second problem: only for the 'Admin' user, editing the user info
(/user/edit) fails every time with:

undefined method `source_backend' for #<Person:0x7fac0a31a048>

What might be going on here?

Are you trying to edit using the admin interface of the frontend or
the user edit page of the webclient?

--
Andreas Bauer
SUSE LINUX Products GmbH, GF Markus Rex, HRB 16746 AG N├╝rnberg
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References