mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-02 01:48:05 +00:00
Bug 349855: editgroups.cgi doesn't protect the querysharegroup from deletion
Bug 357429: Renaming a group which plays a special role generates a SQL error Patch by Fr�d�ric Buclin <LpSolit@gmail.com> r=mkanat a=myk
This commit is contained in:
parent
d9ba2d0358
commit
08ef597faf
@ -37,6 +37,9 @@ use Bugzilla::Product;
|
||||
use Bugzilla::User;
|
||||
use Bugzilla::Token;
|
||||
|
||||
use constant SPECIAL_GROUPS => ('chartgroup', 'insidergroup',
|
||||
'timetrackinggroup', 'querysharegroup');
|
||||
|
||||
my $cgi = Bugzilla->cgi;
|
||||
my $dbh = Bugzilla->dbh;
|
||||
my $template = Bugzilla->template;
|
||||
@ -316,7 +319,7 @@ if ($action eq 'del') {
|
||||
}
|
||||
# Groups having a special role cannot be deleted.
|
||||
my @special_groups;
|
||||
foreach my $special_group ('chartgroup', 'insidergroup', 'timetrackinggroup') {
|
||||
foreach my $special_group (SPECIAL_GROUPS) {
|
||||
if ($name eq Bugzilla->params->{$special_group}) {
|
||||
push(@special_groups, $special_group);
|
||||
}
|
||||
@ -389,7 +392,7 @@ if ($action eq 'delete') {
|
||||
}
|
||||
# Groups having a special role cannot be deleted.
|
||||
my @special_groups;
|
||||
foreach my $special_group ('chartgroup', 'insidergroup', 'timetrackinggroup') {
|
||||
foreach my $special_group (SPECIAL_GROUPS) {
|
||||
if ($name eq Bugzilla->params->{$special_group}) {
|
||||
push(@special_groups, $special_group);
|
||||
}
|
||||
@ -577,7 +580,11 @@ sub doGroupChanges {
|
||||
|
||||
$dbh->bz_lock_tables('groups WRITE', 'group_group_map WRITE',
|
||||
'bug_group_map WRITE', 'user_group_map WRITE',
|
||||
'group_control_map READ', 'bugs READ', 'profiles READ');
|
||||
'group_control_map READ', 'bugs READ', 'profiles READ',
|
||||
# Due to the way Bugzilla::Config::BugFields::get_param_list()
|
||||
# works, we need to lock these tables too.
|
||||
'priority READ', 'bug_severity READ', 'rep_platform READ',
|
||||
'op_sys READ');
|
||||
|
||||
# Check that the given group ID and regular expression are valid.
|
||||
# If tests are successful, trimmed values are returned by CheckGroup*.
|
||||
@ -611,7 +618,7 @@ sub doGroupChanges {
|
||||
# If the group is used by some parameters, we have to update
|
||||
# these parameters too.
|
||||
my $update_params = 0;
|
||||
foreach my $group ('chartgroup', 'insidergroup', 'timetrackinggroup') {
|
||||
foreach my $group (SPECIAL_GROUPS) {
|
||||
if ($cgi->param('oldname') eq Bugzilla->params->{$group}) {
|
||||
SetParam($group, $name);
|
||||
$update_params = 1;
|
||||
|
@ -102,6 +102,12 @@
|
||||
override_content => 1
|
||||
content => "(used as the 'timetrackinggroup')"
|
||||
},
|
||||
{
|
||||
match_value => Param("querysharegroup")
|
||||
match_field => 'name'
|
||||
override_content => 1
|
||||
content => "(used as the 'querysharegroup')"
|
||||
},
|
||||
{
|
||||
match_value => "1"
|
||||
match_field => 'isbuggroup'
|
||||
|
Loading…
Reference in New Issue
Block a user