This may be a "wontfix", but posting a ticket just in case. I understand the security concerns of having a user use group pronouns that he is not connected with (bug 417048). Yet I think an admin should not have such restrictions. In my specific case, I maintain a "disabled" group that is only attached to disabled accounts. Hence an admin won't be part of such a group. Yet the query below won't work for an admin. "Assignee" "is equal to" "%group.foobar%" But it's not just my specific case, I can imagine several groups where the admin doesn't want to belong to (.ie groups used for whining), yet the admin may still want to do group pronoun queries.
Created attachment 634511 [details] [diff] [review] v1 Suggested patch
Technically, the code should make an exception for users with editusers privileges, not admins, as they are the ones who can access editusers.cgi with full power.
Comment on attachment 634511 [details] [diff] [review] v1 This code seems to be against an older version of Bugzilla. ValidateGroupName() is no longer used in Search.pm.