[RFC] making TreeTransform more resistant to unexpected failures / writing problems

[Kuno Meyer]

Hi all

Bazaar behaves sometimes fragile at certain unexpected failures. For 
example, a TreeTransform operation failing in-between leaves the working 
copy in an unnecessarily messy state and may lead (for an inexperienced 
user) to data-loss:

   https://bugs.launchpad.net/bzr/+bug/67699

One option to solve this behaviour is to check the assumed preconditions 
before actually performing the queued operations. I suggest therefore 
some sort of osutils.ensure_writeable(path) that gets invoked at 
scheduling time of the different actions.


The implementation may get a bit hairy:

1) The easiest way to determine the writability would be to effectively 
trying to write into the file (or when necessary, temporarily creating it).

- This would be quite easy to implement and
- would cover all necessary issues like writing permissions on 
directories on unix and exclusive file access.
- The cost of this operation is not that high, since we have only to 
test existing files to be changed and new entries in existing directories.
- The implementation can be (mostly) platform-independent

2) Another possibility would be to use the platform-dependent locking 
techniques (fcntl.flock / win32file.LockFileEx) to check writability, 
but then we have the problem with the directory permission flags under Unix.

What is your opinion?

Kuno