Private teams don't satisfy ValidPersonOrTeam, so can't set them as bug supervisor (or set private bugs for a project they registered)

This also prevents bugs from being set as private manually once the Bug Supervisor has been set (at the DB level) to the private team. Marking this as high as its affecting an internal Canonical team.

So, I've done some digging around and discovered there are a couple of problems:

1. in ValidPersonOrTeamVocabulary._doSearch() we don't return non-Public Persons. This makes sense if we're going to hide private teams but since we don't it seems a little odd.
2. in validators.validate_public_person() we deliberately prevent the linkage of non-Public Persons (well, the code that does the prevention is in is_valid_public_person().

The attached branch addresses these problems (though no tests were changed; I was just hacking about). If anyone wants to take this and run with it before the end of the weekend, feel free, otherwise I'll finish it on Monday.

Still in progress; me silly.

AIUI, it is intentional that these teams can't be linked to most things. That is to prevent leaking of private memberships.

Have you seen the "Team Visibility" section in doc/person.txt?

It's intentional that you can't make a private team/person a bug supervisor or a project maintainer? This is what's preventing us from marking a project as having Private Bugs...

AFAIR, teams with private members can't be linked to anything. The test
I mentioned says there are exceptions, but it's not clear what are
these.

Doesn't that make private teams pretty much unusable?

2008/11/28 Guilherme Salgado <email address hidden>:
> AIUI, it is intentional that these teams can't be linked to most things.
> That is to prevent leaking of private memberships.
>
> Have you seen the "Team Visibility" section in doc/person.txt?

I've read that, but it didn't make the rationale behind the
implementation clear.

Private membership teams are just that: private membership; i.e. we
don't expose the membership list for the team. However, that the team
itself exists isn't a secret and any of them are easily navigable to
in the interface, hence my comment about hiding teams from the search
results, above.

AIUI we need to be able to set private teams as bug supervisors
(amongst other things). I assume that a workaround for that would be
to make the private team part of a public team and then set the public
team as bug supervisor.

Another problem is that private teams can't have bug subscriptions (LP
OOPSed when we tried setting things manually in the database). I don't
know whether the workaround I described above would work around this
problem, too.

I remember discussing these constraints of private-membership teams
before their implementation, but I don't remember all the details.

Basically, whenever we link/subscribe one of these teams to something,
it becomes possible to infer the team's members, and that's what the
constraints are there to prevent. I thought this was a well-known
limitation of such teams, but it seems I was wrong.

Edwin, do you know what are the objects that we can link to a
private-membership team?

A team's membership could be inferred from the http://launchpad.net/~edwin-grubbs/+subscribedbugs page by noticing that the person is not directly subscribed to the bug, but a private team is subscribed to the bug.

The easiest solution is to hide the real name of team's. A bug could show up in +subscribedbugs, but when you check the subscribers of the bug, you would only be able to tell that some private team is subscribed, but you wouldn't know which specific private team that person is a member of.

Okay, I'm unassigning this from myself since I don't really have the domain nouse to fix the problem (and there's something a bit more in depth needed here in terms of deciding how to handle these links properly).

I'll leave it targeted to LP-Registry 2.1.12 for now to be retargeted later as needed.

We have a story of for obfuscating private name that may solve this bug. I believe we can implement this new feature for the first release of 2009.

First pass landed in RF7945

Fixed in devel r7945.

Landed in db-devel 7971: Privacy framework and private teams allows to be bug subscribers and bug task assignees.