[Fedora QA] #347: Implement Bugzilla Account Association

Fedora QA trac at fedorahosted.org
Tue Feb 19 16:30:18 UTC 2013 

#347: Implement Bugzilla Account Association
--------------------------------------+------------------------
 Reporter:  tflink                    |       Owner:  tflink
     Type:  enhancement               |      Status:  new
 Priority:  major                     |   Milestone:  Fedora 19
Component:  Blocker bug tracker page  |     Version:
 Keywords:                            |  Blocked By:
 Blocking:                            |
--------------------------------------+------------------------
 = problem =

 Fedora and bugzilla use different account systems - sometimes the emails
 are the same, other times they are not.

 When proposing a blocker/fe bug, we want to add the user to the bug's cc
 list but that can only happen if a valid bugzilla account is used.

 = analysis =

 The problem can be worked around in multiple ways:
  1. Assume that the user enters a correct bz email (no typos, bz_email
 concept understood) and
   * allow proposals w/o adding the user to the bug's cc list
   * fail the proposal if the bz email does not work
  2. Auth against bugzilla instead of FAS
  3. Auth against bugzilla for the first proposal and associate a valid
 bugzilla account with each FAS account used for proposing blockers.
   * The bugzilla password would '''NOT''' be stored in the blocker
 tracking app, merely used to verify that the user does have control over
 the bugzilla account in question and discarded as soon as the initial auth
 against bugzilla is complete
   * On blocker/FE proposal, the associated email address would be added to
 the cc list of the bug being proposed (using the blockergbugs account)

 = enhancement recommendation =

 (2) is not really a good solution to this and will be ignored.

 (1) seems to be a little user-unfriendly and a sub-optimal solution in
 terms of number of bugzilla requests (either authing against bugzilla for
 every proposal or handling errors with invalid emails)

 (3) seems like the best solution for now and would require:
   * new database table to store bugzilla email address associations
   * checking for bugzilla account association before moving on to the
 blocker proposal page
   * code to auth a user against bugzilla without storing any cookies or
 traces of the password locally
   * filling in the proposal form with the bugzilla email as a non-editable
 field

-- 
Ticket URL: <https://fedorahosted.org/fedora-qa/ticket/347>
Fedora QA <http://fedorahosted.org/fedora-qa>
Fedora Quality Assurance

More information about the test mailing list