Closed Bug 1328900 Opened 7 years ago Closed 6 years ago

Create new group called 'disableusers' that can only edit the bugmail and disabledtext fields of a user

Categories

(bugzilla.mozilla.org :: Administration, task)

Product:
bugzilla.mozilla.org
Component:
Administration
Version:
Production
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dkl, Assigned: dkl)

Details

Attachments

(1 file, 2 obsolete files)

1328900_3.patch
17.22 KB, patch
Details | Diff | Splinter Review 
This was we can use the new group instead of giving out 'editusers' which gives a lot of unnecessary powers for just disabling a user.

Once complete, switch over the following people to the new group and remove from editusers:

ludovic@mozilla.com
pradcliffe+bugzilla@mozilla.com
dwilliams@mozilla.com
rchilds@mozilla.com
achavez@mozilla.com
jlaz@mozilla.com
vhua@mozilla.com
kferrando@mozilla.com
sespinoza@mozilla.com

dkl
note: allow editing the real name field too.
(In reply to Dylan Hardison [:dylan] from comment #1)
> note: allow editing the real name field too.

Hmm, are we now getting out of the realm of just disabling a user and should name the group something else? A group for editing a user's metadata. We already have a different group for disabling 2fa, etc.

dkl
Flags: needinfo?(dylan)
Flags: needinfo?(dylan)
Attached patch 1328900_1.patch (obsolete) — Splinter Review 
Creates new disableusers group and allows users in the group to edit the disabledtext, bugmail, and real name attributes of users.

dkl
Attachment #8824221 - Flags: review?(dylan)
Comment on attachment 8824221 [details] [diff] [review]
1328900_1.patch

Review of attachment 8824221 [details] [diff] [review]:
-----------------------------------------------------------------

r-

::: extensions/BugModal/template/en/default/bug_modal/user.html.tmpl
@@ +45,4 @@
>            [% IF user.id %]
>              href="mailto:[% u.email FILTER html %]"
>              onclick="return show_usermenu([% u.id FILTER none %], '[% u.email FILTER js %]',
> +              [% user.in_group('editusers') || user.in_group('disableusers') || user.bless_groups.size > 0 ? "true" : "false" %])"

this would bitrot CSP
(or more properly, CSP has bitrotted this)

you should rebase this patch on top of the CSP patch.

::: template/en/default/global/common-links.html.tmpl
@@ -63,5 @@
>    [% IF user.settings.skin.value != 'Mozilla' && user.settings.skin.value != 'Mozilla-OpenSans' %]
>    [% IF user.login %]
>      <li><span class="separator">| </span><a href="userprefs.cgi">Preferences</a></li>
> -    [% IF user.in_group('tweakparams') || user.in_group('editusers') || user.can_bless
> -          || (Param('useclassification') && user.in_group('editclassifications'))

nothing wrong here, but I will need to remember to optimize user.in_group() more, I just realized how many thousands of times it must be called on the webheads every minute...
Attachment #8824221 - Flags: review?(dylan) → review-
Attached patch 1328900_2.patch (obsolete) — Splinter Review 
(In reply to Dylan Hardison [:dylan] from comment #4)
> Comment on attachment 8824221 [details] [diff] [review]
> 1328900_1.patch
> 
> Review of attachment 8824221 [details] [diff] [review]:
> -----------------------------------------------------------------
> 
> r-
> 
> ::: extensions/BugModal/template/en/default/bug_modal/user.html.tmpl
> @@ +45,4 @@
> >            [% IF user.id %]
> >              href="mailto:[% u.email FILTER html %]"
> >              onclick="return show_usermenu([% u.id FILTER none %], '[% u.email FILTER js %]',
> > +              [% user.in_group('editusers') || user.in_group('disableusers') || user.bless_groups.size > 0 ? "true" : "false" %])"
> 
> this would bitrot CSP
> (or more properly, CSP has bitrotted this)

Updated to the new style of JS separation provided by the CSP patch.

> you should rebase this patch on top of the CSP patch.
> 
> ::: template/en/default/global/common-links.html.tmpl
> @@ -63,5 @@
> >    [% IF user.settings.skin.value != 'Mozilla' && user.settings.skin.value != 'Mozilla-OpenSans' %]
> >    [% IF user.login %]
> >      <li><span class="separator">| </span><a href="userprefs.cgi">Preferences</a></li>
> > -    [% IF user.in_group('tweakparams') || user.in_group('editusers') || user.can_bless
> > -          || (Param('useclassification') && user.in_group('editclassifications'))
> 
> nothing wrong here, but I will need to remember to optimize user.in_group()
> more, I just realized how many thousands of times it must be called on the
> webheads every minute...

in_group() should only hit the DB a few times as it calls groups() which reads of all of the user's groups from the DB once. We could definitely ensure it is using memcache as well if not already.

dkl
Attachment #8824221 - Attachment is obsolete: true
Attachment #8828884 - Flags: review?(dylan)
Attached patch 1328900_3.patchSplinter Review 
Fixed some minor bit-rot after CSP landed.

dkl
Attachment #8828884 - Attachment is obsolete: true
Attachment #8828884 - Flags: review?(dylan)
Attachment #8831339 - Flags: review?(dylan)
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Comment on attachment 8831339 [details] [diff] [review]
1328900_3.patch

clearing r? on fixed bug
Attachment #8831339 - Flags: review?(dylan)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: