#8005 Subprojects not checked for 'deleted' flag
closed
General
2016-03-28
2015-10-19
No
Subprojects don't get their 'deleted' flag checked, so they are still accessible to non-admins. We should fix this.
Also, if there is a deleted subproject and a regular tool of the same name, the regular tool should always take precedence.
How to reproduce this situation locally?
On a subproject, go to its Admin / Metadata page and then change its status to Deleted (by clicking on the icon next to "Project Status"). Make sure there is a regular tool (blog, wiki, etc) installed on the subproject. Then go to the subproject URL as a logged out user. You will still see the blog or wiki or whatever is in the tool, but you should not because only admins should have access to deleted projects/subprojects.
Moreover, if you go to the parent project and install a regular tool with the same mount point as the subproject, then going to that URL shows you the deleted subproject instead of the new tool.
@Dave
I have resolved the first problem. But about the second, should we allow the user to use a deleted mount point or not?
@Dave, I have changed the code. The tests are passing, i.e, all the tests that aer failing, are failing on the master branch too, which doesn't seems to be a problem of this code. Please check the branch below
https://forge-allura.apache.org/u/pranav/allura/ci/pr/8005/~/tree/
Last edit: Pranav Sharma 2016-03-18
And a last thing I would like to ask you, where should I write tests related to this ticket? I'm thinking to add a test for 404 error if anon tries to acces deleted subproject/tool, and reassigning mount point to a tool, after the subproject.
Also it's not too clear for me about the second part. How can I verify that it is the new tool which is accessed and not the subproject?
My fork branch -
https://forge-allura.apache.org/u/pranav/allura/ci/pr/8005/~/tree/
Looks good, merged!