summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbbaetz%student.usyd.edu.au <>2002-05-22 08:36:25 +0200
committerbbaetz%student.usyd.edu.au <>2002-05-22 08:36:25 +0200
commit7c4b8b322af3d6f23c0107732de46faf84bb39c3 (patch)
treedbdb8431bca3cc891d33e3c4468e842d7dc865ae
parentf3b6e880a28c2f7fbe62702f5557f8b32fc10ca0 (diff)
downloadbugzilla-7c4b8b322af3d6f23c0107732de46faf84bb39c3.tar.gz
bugzilla-7c4b8b322af3d6f23c0107732de46faf84bb39c3.tar.xz
Bug 144565 - describecomponents.cgi shows wrong components when user has
access to only one product Bug 145113 - describecomponents doesn't call quietly_check_login() r=justdave, gerv
-rwxr-xr-xdescribecomponents.cgi10
1 files changed, 6 insertions, 4 deletions
diff --git a/describecomponents.cgi b/describecomponents.cgi
index 8d2c219f4..8ae98260b 100755
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -36,13 +36,15 @@ require "CGI.pl";
ConnectToDatabase();
GetVersionTable();
+quietly_check_login();
+
if (!defined $::FORM{'product'}) {
# Reference to a subset of %::proddesc, which the user is allowed to see
my %products;
if (Param("usebuggroups")) {
# OK, now only add products the user can see
- confirm_login();
+ confirm_login() unless $::userid;
foreach my $p (@::legal_product) {
if (!GroupExists($p) || UserInGroup($p)) {
$products{$p} = $::proddesc{$p};
@@ -72,7 +74,7 @@ if (!defined $::FORM{'product'}) {
exit;
}
- $::FORM{'product'} = (keys %::proddesc)[0];
+ $::FORM{'product'} = (keys %products)[0];
}
my $product = $::FORM{'product'};
@@ -88,8 +90,8 @@ grep($product eq $_ , @::legal_product)
&& exit;
# Make sure the user is authorized to access this product.
-if (Param("usebuggroups") && GroupExists($product) && !$::userid) {
- confirm_login();
+if (Param("usebuggroups") && GroupExists($product)) {
+ confirm_login() unless $::userid;
UserInGroup($product)
|| DisplayError("You are not authorized to access that product.")
&& exit;