Review Request #12309 — Created May 30, 2022 and submitted
Currently there is no efficient way to query for comments that are
accessible by a given user when using<AnyCommentClass>.objects. This change
creates aCommentManagerand adds a method such that
<AnyCommentClass>.objects.accessible(user)returns a queryset of comments that
are accessible by the given user.
CommentManager and they pass.| Summary | ID | Author |
|---|---|---|
| 7360451725a0c15e73d6b3af2c019d1cd9b22484 | Michelle |
| Description | From | Last Updated |
|---|---|---|
|
Most of my comments on the other manager change apply here as well. |
 chipx86
|
|
|
This looks great! The only thing I want to see before this ships is some more extensive pieces of test … |
chipx86
|
|
|
F401 'reviewboard.reviews.models.GeneralComment' imported but unused |
 reviewbot
|
|
|
F401 'reviewboard.reviews.models.ScreenshotComment' imported but unused |
reviewbot
|
|
|
F401 'reviewboard.reviews.models.FileAttachmentComment' imported but unused |
reviewbot
|
|
|
W292 no newline at end of file |
reviewbot
|
|
|
This should probably be isinstance(user_or_username, str). It wouldn't make sense to query for username=False. We could add assert isinstance(user_or_username, (User, … |
 david
|
|
|
Same issue here. |
david
|
|
|
Rather than abbreviating, let's keep the naming consistent with what we use in the other managers. I know in this … |
chipx86
|
|
|
We can probably get away with just testing one type, since the manager won't be affected by the model type. … |
chipx86
|
|
|
Missing a trailing period. |
chipx86
|
|
|
Okay I made some comments about these lines as general guidance, but I think what's ideal here is to not … |
chipx86
|
|
|
This can be if user.is_anonymous. |
chipx86
|
|
|
Rather than .exclude, we should be able to use .filter and check against True. It's easier to rationalize the logic … |
chipx86
|
|
|
Same comment here. Nicer to work as a filter. |
chipx86
|
|
|
This comment is no longer applicable. |
chipx86
|
|
|
Do we need transform? We should be able to compare the objects directly. |
chipx86
|
| reviewboard/reviews/tests/test_comment_manager.py (Diff revision 1) |
|---|
| reviewboard/reviews/tests/test_comment_manager.py (Diff revision 1) |
|---|
F401 'reviewboard.reviews.models.ScreenshotComment' imported but unused
| reviewboard/reviews/tests/test_comment_manager.py (Diff revision 1) |
|---|
F401 'reviewboard.reviews.models.FileAttachmentComment' imported but unused
Ready for review.
Summary: |
|
||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Description: |
|
||||||||||||||||||
Testing Done: |
|
||||||||||||||||||
Commits: |
|
||||||||||||||||||
Diff: |
Revision 2 (+1120 -6) |
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 3 (+1084 -10) |
rebased onto release-5.0.x
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 4 (+1084 -6) |
| reviewboard/reviews/managers.py (Diff revision 4) |
|---|
This should probably be
isinstance(user_or_username, str). It wouldn't make sense to query forusername=False.We could add
assert isinstance(user_or_username, (User, AnonymousUser, str))to handle incorrect callers.
cleaned up query code, added asserts for
user_or_username's type
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 5 (+1088 -6) |
| reviewboard/reviews/managers.py (Diff revision 5) |
|---|
Rather than abbreviating, let's keep the naming consistent with what we use in the other managers. I know in this case it's likely to be for line length limits, but you can have the value in
Q(field=) wrap to the next line as needed.
| reviewboard/reviews/tests/test_comment_manager.py (Diff revision 5) |
|---|
We can probably get away with just testing one type, since the manager won't be affected by the model type.
If we wanted to ensure we're testing with each comment type, what we'd want to do is create a mixin class that takes the comment model we'd test with, have all unit tests operate on that model, and then have subclasses for each comment type. But it's probably not worth it, given the logic isn't sensitive to the type of model.
The docstrings can also just be
CommentManagerinstead of worrying about the.objectsconvention.
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 6 (+854 -6) |
| reviewboard/reviews/managers.py (Diff revision 6) |
|---|
Okay I made some comments about these lines as general guidance, but I think what's ideal here is to not have two places that are building queryset logic.
_query()is already considering quite a lot of options for building up the queryset. It's easy to rationalize what's happening when reading that logic, but harder when we then have to mentally combine those built queries with this block. We should aim to have one and only one block of logic building any query involving access controls.I'd suggest we figure out what
publicshould be up-front and pass that in above.
_query()should also be responsible already for the user access (anonymous vs. authed vs. superuser). It looks like it's trying to at least, and that'd be the end goal so that any other wrappers around_query()get the right behavior without duplicating this block.
| reviewboard/reviews/managers.py (Diff revision 6) |
|---|
Rather than
.exclude, we should be able to use.filterand check againstTrue. It's easier to rationalize the logic if we're not having to inverse.
| reviewboard/reviews/tests/test_comment_manager.py (Diff revision 6) |
|---|
Do we need
transform? We should be able to compare the objects directly.
_query methodCommits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 7 (+810 -8) |
assertNumQueries to testsCommits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 8 (+900 -8) |
Takes advantage of the cache to reduce the number of queries in one test
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 9 (+902 -8) |
forgot to reduce the number of queries in the assert from the last change's optimizations
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 10 (+902 -8) |
This looks great! The only thing I want to see before this ships is some more extensive pieces of test data. When dealing with queries or access checks specifically, we should register objects that should not be queried, in order to ensure we don't see them in results.
For access-related tests, that means any combination of access controls that should fail should be included. For example, if testing Local Site functionality, we should have objects on the global site and a different Local Site registered, and they shouldn't be in the results.
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 11 (+1070 -8) |
Added some missing docstrings
Commits: |
|
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 12 (+1094 -8) |