Closed Bug 460074 Opened 12 years ago Closed 10 years ago

Guided bug entry creates public bugs. Expected it to have same group membership defaults as using non-guided method.

Categories

(Bugzilla :: Creating/Changing Bugs, defect)

defect
Not set
minor

Tracking

()

RESOLVED FIXED
Bugzilla 4.0

People

(Reporter: eirens, Assigned: mkanat)

Details

Attachments

(2 files, 2 obsolete files)

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_5; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.2 Safari/525.20.1
Build Identifier: 

Guided bug entry creates public bugs. Expected it to have same group membership defaults as using non-guided method.

It looks like bugs created using the guided bug entry form are always created with no group memberships, making them public. I'd like such bugs to have the same defaults as if I hadn't used the guided method to create them. For the we way we have our Bugzilla products/groups set up, this implies membership in the product's group.

Reproducible: Always

Steps to Reproduce:
0. Set Product X's Group Access Controls to "Default/NA,ENTRY".
1. Create a bug in Product X via the guided bug entry method: <bz_base_url/>enter_bug.cgi?format=guided
2. Create a bug in Product X with the non-guided method.
3. Compare the group memberships of those two bugs.
Actual Results:  
Observe that the "guided" bug has no group memberships.

Expected Results:  
My expectation and hope was that the "guided" bug would be placed in the group for that product, just like the non-guided bug was.
I can confirm in Bugzilla 3.3, but older versions are probably affected too. There is no "Security" checkbox at all (or even worded differently).
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Mac OS X → All
Hardware: PC → All
Version: unspecified → 3.3
I can confirm this as far back as 3.0.3, the version we started using the guided method in.
Version: 3.3 → 3.0.3
We should remove the guided template from the main Bugzilla code and keep it around somewhere as a sample customization, really.
Here is the current patch that we use (Red Hat) to add group entry checkboxes to the guided bug entry page. We had complaints of not being to create private bugs from that page so it was an easy add-on.

Dave
Okay, could we just remove the guided page from the core Bugzilla code? We can put it into the example extension. It has all sorts of bugs and I don't want to maintain it.
The guided bug entry form is going to be removed from the core Bugzilla code (see bug 474086), so we won't be fixing these bugs in upstream Bugzilla. It was always just an example page, to begin with. I'm moving the bugs to the bmo component, to at least preserve a record of the fact that these things may need to be fixed for bmo.
Assignee: create-and-change → nobody
Component: Creating/Changing Bugs → Bugzilla: Other b.m.o Issues
Product: Bugzilla → mozilla.org
QA Contact: default-qa → other-bmo-issues
Version: 3.0.3 → other
The aim of the page is simple bug entry - people shouldn't have to deal with groups, the correct defaults should just apply. If they aren't, it would be a useful enhancement to fix that to reduce the amount of customization that people need to do to adapt the form for themselves.

I'm not sure that adding group checkboxes is the way to go, though, because that doesn't meet the "simple" criteria.

Gerv
Severity: minor → enhancement
Component: Bugzilla: Other b.m.o Issues → General
Product: mozilla.org → bugzilla.mozilla.org
--> wontfix; as per gerv's comment the guided bug entry is simple by design.  if you require more control it's now possible to switch to the advanced form.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
Byron, I don't see how gerv's comment makes this wontfix. In fact, he mentions that it'd be useful to fix it. I never suggested a more complex GUI, just better privs by default for bugs created in this form.
glob: Gerv's point was that any groups that would be "Default" for the user should still be defaulted. (Although I'm surprised the backend doesn't already work this way; maybe we fixed that for 4.2 though.)
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(In reply to Max Kanat-Alexander from comment #6)
> The guided bug entry form is going to be removed from the core Bugzilla code
> (see bug 474086)

moving this bug back to the bugzilla product as bug 474086 has been WONTFIXED'd
Assignee: nobody → create-and-change
Component: General → Creating/Changing Bugs
Product: bugzilla.mozilla.org → Bugzilla
QA Contact: general → default-qa
Version: other → unspecified
(In reply to Max Kanat-Alexander from comment #10)
> glob: Gerv's point was that any groups that would be "Default" for the user
> should still be defaulted. (Although I'm surprised the backend doesn't
> already work this way; maybe we fixed that for 4.2 though.)

The backend code works this way if there is no groups argument passed to Bug->create. But post_bug.cgi has:

$bug_params{'groups'}      = [$cgi->param('groups')];

and so groups is never undefined.
Ah yes, that is a totally valid bug in post_bug.cgi that should be fixed.
Severity: enhancement → minor
Target Milestone: --- → Bugzilla 4.2
I haven't tested this but it's pretty straightforward and it compiles. Basically, this makes post_bug behave much more similarly to how a WebService bug creation would function. I "fixed" the problem not just for groups (where it really matters) but also for CC and multi-selects (where it doesn't currently matter, but where it could matter in the future).

If we want to fix this on the branch, I will just fix it for groups.
Assignee: create-and-change → mkanat
Attachment #357003 - Attachment is obsolete: true
Status: REOPENED → ASSIGNED
Attachment #553288 - Flags: review?(LpSolit)
Comment on attachment 553288 [details] [diff] [review]
Make undefined cgi params not be sent, v1

>+foreach my $field (qw(cc groups)) {
>+    next if !$cgi->should_set($field);
>+    $bug_params{$field} = [$cgi->param($field)];
>+}

There is no defined_groups hidden field for groups when entering a new bug. With your patch applied, all groups marked as default are applied to the bug, even if I unselect them all.
Attachment #553288 - Flags: review?(LpSolit) → review-
Attached patch v2Splinter Review
Oh, very good point. I added a groups_defined to post_bug.
Attachment #553288 - Attachment is obsolete: true
Attachment #553312 - Flags: review?(LpSolit)
Comment on attachment 553312 [details] [diff] [review]
v2

>=== modified file 'template/en/default/bug/create/create.html.tmpl'

>+      <input type="hidden" name="groups_defined" value="1">

It must be defined_groups, not groups_defined, else $cgi->should_set() won't find it. r=LpSolit with this fix on checkin.
Attachment #553312 - Flags: review?(LpSolit) → review+
It should also be checked in into the 4.0 branch IMO as it's security related. On the other hand, this could make a lot of bugs suddenly becoming restricted to groups on this branch, which could be unexpected.
Flags: approval4.2+
Flags: approval4.0?
Flags: approval+
Attached patch v2 (4.0)Splinter Review
I agree about 4.0, but let's make it simpler for that branch. Here's a patch that fixes *only* this bug.
Attachment #553326 - Flags: review?(LpSolit)
Comment on attachment 553326 [details] [diff] [review]
v2 (4.0)

Looks good. r=LpSolit
Attachment #553326 - Flags: review?(LpSolit) → review+
Flags: approval4.0? → approval4.0+
Target Milestone: Bugzilla 4.2 → Bugzilla 4.0
Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/trunk/                       
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl                       
Committed revision 7918.

Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/4.2/                         
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl                       
Committed revision 7900.

Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/4.0/                         
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl
Committed revision 7641.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.