summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax Kanat-Alexander <mkanat@bugzilla.org>2010-04-19 20:33:17 +0200
committerMax Kanat-Alexander <mkanat@bugzilla.org>2010-04-19 20:33:17 +0200
commit52c0a0a8426fd3fa17e876343588e8a22ef65344 (patch)
treecc4024a3a8e8134d5b921e6a6a9eb78738f9cdc9
parenta424a29d49f2289351f857f16f8965869cbd0ef8 (diff)
downloadbugzilla-52c0a0a8426fd3fa17e876343588e8a22ef65344.tar.gz
bugzilla-52c0a0a8426fd3fa17e876343588e8a22ef65344.tar.xz
Bug 560252: By default, users in editbugs should be in bz_canusewhines.
(Make editbugs inherit bz_canusewhines when we create bz_canusewhines.) r=mkanat, a=mkanat (module owner)
-rw-r--r--Bugzilla/Install.pm64
1 files changed, 33 insertions, 31 deletions
diff --git a/Bugzilla/Install.pm b/Bugzilla/Install.pm
index 10804ab70..9c798ceb9 100644
--- a/Bugzilla/Install.pm
+++ b/Bugzilla/Install.pm
@@ -109,14 +109,25 @@ use constant SYSTEM_GROUPS => (
description => 'Can confirm a bug or mark it a duplicate'
},
{
- name => 'bz_canusewhines',
- description => 'User can configure whine reports for self'
+ name => 'bz_canusewhineatothers',
+ description => 'Can configure whine reports for other users',
+ },
+ {
+ name => 'bz_canusewhines',
+ description => 'User can configure whine reports for self',
+ # inherited_by means that users in the groups listed below are
+ # automatically members of bz_canusewhines.
+ inherited_by => ['editbugs', 'bz_canusewhineatothers'],
},
{
name => 'bz_sudoers',
- description => 'Can perform actions as other users'
+ description => 'Can perform actions as other users',
+ },
+ {
+ name => 'bz_sudo_protect',
+ description => 'Can not be impersonated by other users',
+ inherited_by => ['bz_sudoers'],
},
- # There are also other groups created in update_system_groups.
);
use constant DEFAULT_CLASSIFICATION => {
@@ -154,38 +165,29 @@ sub update_settings {
sub update_system_groups {
my $dbh = Bugzilla->dbh;
+ $dbh->bz_start_transaction();
+
# Create most of the system groups
foreach my $definition (SYSTEM_GROUPS) {
my $exists = new Bugzilla::Group({ name => $definition->{name} });
- $definition->{isbuggroup} = 0;
- Bugzilla::Group->create($definition) unless $exists;
- }
-
- # Certain groups need something done after they are created. We do
- # that here.
-
- # Make sure people who can whine at others can also whine.
- if (!new Bugzilla::Group({name => 'bz_canusewhineatothers'})) {
- my $whineatothers = Bugzilla::Group->create({
- name => 'bz_canusewhineatothers',
- description => 'Can configure whine reports for other users',
- isbuggroup => 0 });
- my $whine = new Bugzilla::Group({ name => 'bz_canusewhines' });
-
- $dbh->do('INSERT INTO group_group_map (grantor_id, member_id)
- VALUES (?,?)', undef, $whine->id, $whineatothers->id);
+ if (!$exists) {
+ $definition->{isbuggroup} = 0;
+ my $inherited_by = delete $definition->{inherited_by};
+ my $created = Bugzilla::Group->create($definition);
+ # Each group in inherited_by is automatically a member of this
+ # group.
+ if ($inherited_by) {
+ foreach my $name (@$inherited_by) {
+ my $member = Bugzilla::Group->check($name);
+ $dbh->do('INSERT INTO group_group_map (grantor_id,
+ member_id) VALUES (?,?)',
+ undef, $created->id, $member->id);
+ }
+ }
+ }
}
- # Make sure sudoers are automatically protected from being sudoed.
- if (!new Bugzilla::Group({name => 'bz_sudo_protect'})) {
- my $sudo_protect = Bugzilla::Group->create({
- name => 'bz_sudo_protect',
- description => 'Can not be impersonated by other users',
- isbuggroup => 0 });
- my $sudo = new Bugzilla::Group({ name => 'bz_sudoers' });
- $dbh->do('INSERT INTO group_group_map (grantor_id, member_id)
- VALUES (?,?)', undef, $sudo_protect->id, $sudo->id);
- }
+ $dbh->bz_commit_transaction();
}
sub create_default_classification {