Closed
Bug 304696
Opened 19 years ago
Closed 19 years ago
replace UserInGroup by $user->in_group() when checking user privs in edit*.cgi files
Categories
(Bugzilla :: Bugzilla-General, enhancement)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.22
People
(Reporter: LpSolit, Assigned: LpSolit)
References
Details
Attachments
(1 file)
|
10.11 KB,
patch
|
mkanat
:
review+
|
Details | Diff | Splinter Review |
All edit*.cgi files use the following syntax to check user privs:
Bugzilla->login(LOGIN_REQUIRED);
UserInGroup("editcomponents")
|| ThrowUserError("auth_failure", {group => "editcomponents",
action => "edit",
object => "flagtypes"});
Several of these files use Bugzilla::User for this check only. We could remove
this requirement by doing the following change:
my $user = Bugzilla->login(LOGIN_REQUIRED);
$user->in_group("editcomponents")
|| ThrowUserError("auth_failure", {group => "editcomponents",
action => "edit",
object => "flagtypes"});
This is also a step towards removing 'use Bugzilla::User' from globals.pl.
|
Assignee | |
Updated•19 years ago
|
Status: NEW → ASSIGNED
Target Milestone: --- → Bugzilla 2.22
|
||
Comment 2•19 years ago
|
||
Comment on attachment 194136 [details] [diff] [review] patch, v1 r=mkanat by inspection
Attachment #194136 -
Flags: review?(mkanat) → review+
|
|
||
Updated•19 years ago
|
Flags: approval?
|
||
Updated•19 years ago
|
Flags: approval? → approval+
|
|
Assignee | |
Comment 3•19 years ago
|
||
The patch bitrotted a bit. I fixed it on checkin. Checking in doeditparams.cgi; /cvsroot/mozilla/webtools/bugzilla/doeditparams.cgi,v <-- doeditparams.cgi new revision: 1.36; previous revision: 1.35 done Checking in editcomponents.cgi; /cvsroot/mozilla/webtools/bugzilla/editcomponents.cgi,v <-- editcomponents.cgi new revision: 1.61; previous revision: 1.60 done Checking in editflagtypes.cgi; /cvsroot/mozilla/webtools/bugzilla/editflagtypes.cgi,v <-- editflagtypes.cgi new revision: 1.27; previous revision: 1.26 done Checking in editgroups.cgi; /cvsroot/mozilla/webtools/bugzilla/editgroups.cgi,v <-- editgroups.cgi new revision: 1.61; previous revision: 1.60 done Checking in editkeywords.cgi; /cvsroot/mozilla/webtools/bugzilla/editkeywords.cgi,v <-- editkeywords.cgi new revision: 1.32; previous revision: 1.31 done Checking in editmilestones.cgi; /cvsroot/mozilla/webtools/bugzilla/editmilestones.cgi,v <-- editmilestones.cgi new revision: 1.43; previous revision: 1.42 done Checking in editparams.cgi; /cvsroot/mozilla/webtools/bugzilla/editparams.cgi,v <-- editparams.cgi new revision: 1.27; previous revision: 1.26 done Checking in editproducts.cgi; /cvsroot/mozilla/webtools/bugzilla/editproducts.cgi,v <-- editproducts.cgi new revision: 1.99; previous revision: 1.98 done Checking in editsettings.cgi; /cvsroot/mozilla/webtools/bugzilla/editsettings.cgi,v <-- editsettings.cgi new revision: 1.5; previous revision: 1.4 done Checking in editusers.cgi; /cvsroot/mozilla/webtools/bugzilla/editusers.cgi,v <-- editusers.cgi new revision: 1.104; previous revision: 1.103 done Checking in editversions.cgi; /cvsroot/mozilla/webtools/bugzilla/editversions.cgi,v <-- editversions.cgi new revision: 1.37; previous revision: 1.36 done Checking in editwhines.cgi; /cvsroot/mozilla/webtools/bugzilla/editwhines.cgi,v <-- editwhines.cgi new revision: 1.11; previous revision: 1.10 done
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•