Closed Bug 253544 Opened 20 years ago Closed 20 years ago

Make private attachment activity log entries private as well

Categories

(Bugzilla :: Bugzilla-General, defect)

Product:
Bugzilla
Component:
Bugzilla-General
Version:
2.18
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.18

People

(Reporter: bugreport, Assigned: bugreport)

Details

(Whiteboard: [does not affect 2.16.x] [fixed in 2.18rc3] [fixed in 2.19.1])

Attachments

(1 file, 1 obsolete file)

v2
1.46 KB, patch
zach
: review+
justdave
: review+
Details | Diff | Splinter Review 
 
The log can show the when and who, but added/removed should be blanked at
display-time
Status: NEW → ASSIGNED
Flags: blocking2.18?
Target Milestone: --- → Bugzilla 2.18
Do this in CGI.pm  in GetBugActivity


    
  

        Attachment #154659 -
        Flags: review?

    
  
Group: webtools-security

    
  

        Attachment #154659 -
        Flags: review?(justdave)
Flags: blocking2.18? → blocking2.18+

    
    

    
  
You want people to mark r+ on patches with variables called $extra1 and $extra2?
Argh!

    
    

    
  
Comment on attachment 154659 [details] [diff] [review]
remove private attachment rows at display time

>@@ -157,7 +157,7 @@
>     my $alias = $id;
>     if (!detaint_natural($id)) {
>         $id = BugAliasToID($alias);
>-        $id || ThrowUserError("invalid_bug_id_or_alias", {'bug_id' => $id});
>+        $id || ThrowUserError("invalid_bug_id_or_alias", {'bug_id' => $alias});
>     }
>     
>     # Modify the calling code's original variable to contain the trimmed,

Remove this since it doesn't belong in this bug (and has already been checked
in)

>+    my $extra1 = "";
>+    my $extra2 = "";
As kiko said, could these be somewhat more descriptive?

        Attachment #154659 -
        Flags: review?(justdave) → review-

    
  

        Attachment #154659 -
        Attachment is obsolete: true

        Attachment #154659 -
        Flags: review?

    
    

    
  

      
      
      
      

        Attached patch
          
          
        v2Splinter Review
      

    


  

    
  

        Attachment #155244 -
        Flags: review?(zach)

    
    

    
  
Comment on attachment 155244 [details] [diff] [review]
v2

r=zach

        Attachment #155244 -
        Flags: review?(zach) → review+
Whiteboard: patch awaiting checkin

    
    

    
  
holding approval for release day
Flags: approval?
Flags: approval2.18?
Whiteboard: patch awaiting checkin → [does not affect 2.16.x] [ready for 2.18rc3] [ready for 2.19.1]

    
    

    
  
Checked in on trunk:

Checking in CGI.pl;
/cvsroot/mozilla/webtools/bugzilla/CGI.pl,v  <--  CGI.pl
new revision: 1.216; previous revision: 1.215
done

and 2.18 branch:

Checking in CGI.pl;
/cvsroot/mozilla/webtools/bugzilla/CGI.pl,v  <--  CGI.pl
new revision: 1.211.2.2; previous revision: 1.211.2.1
done

Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Flags: approval?
Flags: approval2.18?
Flags: approval2.18+
Flags: approval+
Resolution: --- → FIXED
Whiteboard: [does not affect 2.16.x] [ready for 2.18rc3] [ready for 2.19.1] → [does not affect 2.16.x] [fixed in 2.18rc3] [fixed in 2.19.1]

    
    

    
  
advisory has posted, clearing security flag.
Group: webtools-security
QA Contact: matty_is_a_geek → default-qa

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: