If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

When 'strict_isolation' is on, we cannot move a bug to a new product and reassign to the default owner and QA contact if the old ones cannot edit the product

NEW
Unassigned

Status

()

Bugzilla
Creating/Changing Bugs
--
minor
12 years ago
8 years ago

People

(Reporter: Frédéric Buclin, Unassigned)

Tracking

Details

(Reporter)

Description

12 years ago
process_bug.cgi makes sure the owner and QA contact can edit the product the bug is moved into when 'strict_isolation' is turned on, see lines 1464-1481. The problem is that it also checks that the old owner and QA contact can also edit this product, despite they will be thrown out of their respective role. This is too restrictive!

joel, I don't remember if we discussed this problem or not when implementing this feature, but we should relax this restriction.

Comment 1

12 years ago
That mkes sense, but we will have to be careful about bugmail so that, if the old owner and QA are not able to see the new product AT ALL, they don't get too much information by bugmail.  Naturally, this is less of a problem if they are permitted to see, but not edit the new product.
(Reporter)

Comment 2

12 years ago
I think BugMail.pm makes sure the user is allowed to see the bug, see around line 431: if ($user->can_see_bug($id)) {...}. AFAIK, BugMail.pm is also the one which checks that unauthorized people watching other users are excluded when the bug is restricted to some group.
(Reporter)

Updated

11 years ago
Severity: normal → minor
Target Milestone: Bugzilla 2.22 → Bugzilla 3.0
(Reporter)

Comment 3

9 years ago
The Bugzilla 3.0 branch is now locked to security bugs and dataloss fixes only. This bug doesn't fit into one of these two categories and is retargetted to 3.2 as part of a mass-change. To catch bugmails related to this mass-change, use lts081207 in your email client filter.
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2
(Reporter)

Updated

8 years ago
Target Milestone: Bugzilla 3.2 → ---
You need to log in before you can comment on or make changes to this bug.