The default bug view has changed. See this FAQ.

Guided bug entry creates public bugs. Expected it to have same group membership defaults as using non-guided method.

RESOLVED FIXED in Bugzilla 4.0

Status

()

Bugzilla
Creating/Changing Bugs
--
minor
RESOLVED FIXED
9 years ago
6 years ago

People

(Reporter: Eiren Smith, Assigned: Max Kanat-Alexander)

Tracking

unspecified
Bugzilla 4.0
Bug Flags:
approval +
approval4.2 +
approval4.0 +

Details

Attachments

(2 attachments, 2 obsolete attachments)

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_5; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.2 Safari/525.20.1
Build Identifier: 

Guided bug entry creates public bugs. Expected it to have same group membership defaults as using non-guided method.

It looks like bugs created using the guided bug entry form are always created with no group memberships, making them public. I'd like such bugs to have the same defaults as if I hadn't used the guided method to create them. For the we way we have our Bugzilla products/groups set up, this implies membership in the product's group.

Reproducible: Always

Steps to Reproduce:
0. Set Product X's Group Access Controls to "Default/NA,ENTRY".
1. Create a bug in Product X via the guided bug entry method: <bz_base_url/>enter_bug.cgi?format=guided
2. Create a bug in Product X with the non-guided method.
3. Compare the group memberships of those two bugs.
Actual Results:  
Observe that the "guided" bug has no group memberships.

Expected Results:  
My expectation and hope was that the "guided" bug would be placed in the group for that product, just like the non-guided bug was.

Comment 1

9 years ago
I can confirm in Bugzilla 3.3, but older versions are probably affected too. There is no "Security" checkbox at all (or even worded differently).
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Mac OS X → All
Hardware: PC → All
Version: unspecified → 3.3
(Reporter)

Comment 2

9 years ago
I can confirm this as far back as 3.0.3, the version we started using the guided method in.
Version: 3.3 → 3.0.3
(Assignee)

Comment 3

9 years ago
We should remove the guided template from the main Bugzilla code and keep it around somewhere as a sample customization, really.
Created attachment 357003 [details] [diff] [review]
Patch to display group checkboxes in the guided bug entry form (v1)

Here is the current patch that we use (Red Hat) to add group entry checkboxes to the guided bug entry page. We had complaints of not being to create private bugs from that page so it was an easy add-on.

Dave
(Assignee)

Comment 5

8 years ago
Okay, could we just remove the guided page from the core Bugzilla code? We can put it into the example extension. It has all sorts of bugs and I don't want to maintain it.
(Assignee)

Comment 6

8 years ago
The guided bug entry form is going to be removed from the core Bugzilla code (see bug 474086), so we won't be fixing these bugs in upstream Bugzilla. It was always just an example page, to begin with. I'm moving the bugs to the bmo component, to at least preserve a record of the fact that these things may need to be fixed for bmo.
Assignee: create-and-change → nobody
Component: Creating/Changing Bugs → Bugzilla: Other b.m.o Issues
Product: Bugzilla → mozilla.org
QA Contact: default-qa → other-bmo-issues
Version: 3.0.3 → other
The aim of the page is simple bug entry - people shouldn't have to deal with groups, the correct defaults should just apply. If they aren't, it would be a useful enhancement to fix that to reduce the amount of customization that people need to do to adapt the form for themselves.

I'm not sure that adding group checkboxes is the way to go, though, because that doesn't meet the "simple" criteria.

Gerv
Severity: minor → enhancement
Component: Bugzilla: Other b.m.o Issues → General
Product: mozilla.org → bugzilla.mozilla.org
--> wontfix; as per gerv's comment the guided bug entry is simple by design.  if you require more control it's now possible to switch to the advanced form.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
(Reporter)

Comment 9

6 years ago
Byron, I don't see how gerv's comment makes this wontfix. In fact, he mentions that it'd be useful to fix it. I never suggested a more complex GUI, just better privs by default for bugs created in this form.
(Assignee)

Comment 10

6 years ago
glob: Gerv's point was that any groups that would be "Default" for the user should still be defaulted. (Although I'm surprised the backend doesn't already work this way; maybe we fixed that for 4.2 though.)
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(In reply to Max Kanat-Alexander from comment #6)
> The guided bug entry form is going to be removed from the core Bugzilla code
> (see bug 474086)

moving this bug back to the bugzilla product as bug 474086 has been WONTFIXED'd
Assignee: nobody → create-and-change
Component: General → Creating/Changing Bugs
Product: bugzilla.mozilla.org → Bugzilla
QA Contact: general → default-qa
Version: other → unspecified

Comment 12

6 years ago
(In reply to Max Kanat-Alexander from comment #10)
> glob: Gerv's point was that any groups that would be "Default" for the user
> should still be defaulted. (Although I'm surprised the backend doesn't
> already work this way; maybe we fixed that for 4.2 though.)

The backend code works this way if there is no groups argument passed to Bug->create. But post_bug.cgi has:

$bug_params{'groups'}      = [$cgi->param('groups')];

and so groups is never undefined.
(Assignee)

Comment 13

6 years ago
Ah yes, that is a totally valid bug in post_bug.cgi that should be fixed.
Severity: enhancement → minor
Target Milestone: --- → Bugzilla 4.2
(Assignee)

Comment 14

6 years ago
Created attachment 553288 [details] [diff] [review]
Make undefined cgi params not be sent, v1

I haven't tested this but it's pretty straightforward and it compiles. Basically, this makes post_bug behave much more similarly to how a WebService bug creation would function. I "fixed" the problem not just for groups (where it really matters) but also for CC and multi-selects (where it doesn't currently matter, but where it could matter in the future).

If we want to fix this on the branch, I will just fix it for groups.
Assignee: create-and-change → mkanat
Attachment #357003 - Attachment is obsolete: true
Status: REOPENED → ASSIGNED
Attachment #553288 - Flags: review?(LpSolit)

Comment 15

6 years ago
Comment on attachment 553288 [details] [diff] [review]
Make undefined cgi params not be sent, v1

>+foreach my $field (qw(cc groups)) {
>+    next if !$cgi->should_set($field);
>+    $bug_params{$field} = [$cgi->param($field)];
>+}

There is no defined_groups hidden field for groups when entering a new bug. With your patch applied, all groups marked as default are applied to the bug, even if I unselect them all.
Attachment #553288 - Flags: review?(LpSolit) → review-
(Assignee)

Comment 16

6 years ago
Created attachment 553312 [details] [diff] [review]
v2

Oh, very good point. I added a groups_defined to post_bug.
Attachment #553288 - Attachment is obsolete: true
Attachment #553312 - Flags: review?(LpSolit)

Comment 17

6 years ago
Comment on attachment 553312 [details] [diff] [review]
v2

>=== modified file 'template/en/default/bug/create/create.html.tmpl'

>+      <input type="hidden" name="groups_defined" value="1">

It must be defined_groups, not groups_defined, else $cgi->should_set() won't find it. r=LpSolit with this fix on checkin.
Attachment #553312 - Flags: review?(LpSolit) → review+

Comment 18

6 years ago
It should also be checked in into the 4.0 branch IMO as it's security related. On the other hand, this could make a lot of bugs suddenly becoming restricted to groups on this branch, which could be unexpected.
Flags: approval4.2+
Flags: approval4.0?
Flags: approval+
(Assignee)

Comment 19

6 years ago
Created attachment 553326 [details] [diff] [review]
v2 (4.0)

I agree about 4.0, but let's make it simpler for that branch. Here's a patch that fixes *only* this bug.
Attachment #553326 - Flags: review?(LpSolit)

Comment 20

6 years ago
Comment on attachment 553326 [details] [diff] [review]
v2 (4.0)

Looks good. r=LpSolit
Attachment #553326 - Flags: review?(LpSolit) → review+

Updated

6 years ago
Flags: approval4.0? → approval4.0+
Target Milestone: Bugzilla 4.2 → Bugzilla 4.0
(Assignee)

Comment 21

6 years ago
Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/trunk/                       
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl                       
Committed revision 7918.

Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/4.2/                         
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl                       
Committed revision 7900.

Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/4.0/                         
modified post_bug.cgi
modified template/en/default/bug/create/create.html.tmpl
Committed revision 7641.
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.