diff options
| author | byron jones <byron@glob.com.au> | 2018-03-12 21:01:31 +0100 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2018-03-12 21:01:31 +0100 |
| commit | 7ff0b7a72050104bba80a30c00c31c3f44fffa9e (patch) | |
| tree | 7f9305e67dbb49bd24c09a01f983f72ed3b31ef0 | |
| parent | 5ee20b480b45ff9c66b7de3e957f7d0b6ed19ddb (diff) | |
| download | bugzilla-7ff0b7a72050104bba80a30c00c31c3f44fffa9e.tar.gz bugzilla-7ff0b7a72050104bba80a30c00c31c3f44fffa9e.tar.xz | |
Bug 1439993 - Remove COMPILE_DIR => setting from Bugzilla::Template
| -rw-r--r-- | Bugzilla/Template.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/Util.pm | 43 |
2 files changed, 40 insertions, 7 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index d27896532..3c2663e74 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -572,7 +572,9 @@ sub create { ABSOLUTE => 1, RELATIVE => $ENV{MOD_PERL} ? 0 : 1, - COMPILE_DIR => bz_locations()->{'template_cache'}, + # Only use an on-disk template cache if we're running as the web + # server. This ensures the permissions of the cache remain correct. + COMPILE_DIR => is_webserver_group() ? bz_locations()->{'template_cache'} : undef, # Don't check for a template update until 1 hour has passed since the # last check. diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 7d85a4dfd..a1316c7ef 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -17,7 +17,8 @@ use base qw(Exporter); with_writable_database with_readonly_database html_quote url_quote xml_quote css_class_quote html_light_quote - i_am_cgi i_am_webservice correct_urlbase remote_ip + i_am_cgi i_am_webservice is_webserver_group + correct_urlbase remote_ip validate_ip do_ssl_redirect_if_required use_attachbase diff_arrays on_main_db css_url_rewrite trim wrap_hard wrap_comment find_wrap_point @@ -32,19 +33,20 @@ use base qw(Exporter); use Bugzilla::Constants; use Bugzilla::RNG qw(irand); -use Date::Parse; use Date::Format; -use DateTime; +use Date::Parse; use DateTime::TimeZone; +use DateTime; use Digest; use Email::Address; -use List::MoreUtils qw(none); -use Scalar::Util qw(tainted blessed); -use Text::Wrap; use Encode qw(encode decode resolve_alias); use Encode::Guess; +use English qw(-no_match_vars $EGID); +use List::MoreUtils qw(any none); use POSIX qw(floor ceil); +use Scalar::Util qw(tainted blessed); use Taint::Util qw(untaint); +use Text::Wrap; use Try::Tiny; sub with_writable_database(&) { @@ -280,6 +282,30 @@ sub i_am_webservice { || $usage_mode == USAGE_MODE_REST; } +sub is_webserver_group { + my @effective_gids = split(/ /, $EGID); + + state $web_server_gid; + if (!defined $web_server_gid) { + my $web_server_group = Bugzilla->localconfig->{webservergroup}; + + if ($web_server_group eq '' || ON_WINDOWS) { + $web_server_gid = $effective_gids[0]; + } + + elsif ($web_server_group =~ /^\d+$/) { + $web_server_gid = $web_server_group; + } + + else { + $web_server_gid = eval { getgrnam($web_server_group) }; + $web_server_gid //= 0; + } + } + + return any { $web_server_gid == $_ } @effective_gids; +} + # This exists as a separate function from Bugzilla::CGI::redirect_to_https # because we don't want to create a CGI object during XML-RPC calls # (doing so can mess up XML-RPC). @@ -1071,6 +1097,11 @@ in a command-line script. Tells you whether or not the current usage mode is WebServices related such as JSONRPC or XMLRPC. +=item C<is_webserver_group()> + +Tells you whether or not the current process's group matches that +configured as webservergroup. + =item C<remote_ip()> Returns the IP address of the remote client. If Bugzilla is behind |