summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormkanat%bugzilla.org <>2009-07-23 04:16:15 +0200
committermkanat%bugzilla.org <>2009-07-23 04:16:15 +0200
commite1f05a42100cc00535af1890664c87be1a7ca6bd (patch)
tree03f937248f018faa8124e87f0e570d9685553738
parentd5ea314f08df266f182b757b747861232ab25a6b (diff)
downloadbugzilla-e1f05a42100cc00535af1890664c87be1a7ca6bd.tar.gz
bugzilla-e1f05a42100cc00535af1890664c87be1a7ca6bd.tar.xz
Bug 505592: Make add_see_also and remove_see_also call check_can_change_field
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
-rw-r--r--Bugzilla/Bug.pm18
1 files changed, 17 insertions, 1 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 9b0bac1e1..64a53b8a1 100644
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -2426,6 +2426,14 @@ sub add_see_also {
# case-sensitive, but most of our DBs are case-insensitive, so we do
# this check case-insensitively.
if (!grep { lc($_) eq lc($result) } @{ $self->see_also }) {
+ my $privs;
+ my $can = $self->check_can_change_field('see_also', '', $result, \$privs);
+ if (!$can) {
+ ThrowUserError('illegal_change', { field => 'see_also',
+ newvalue => $result,
+ privs => $privs });
+ }
+
push(@{ $self->see_also }, $result);
}
}
@@ -2433,7 +2441,15 @@ sub add_see_also {
sub remove_see_also {
my ($self, $url) = @_;
my $see_also = $self->see_also;
- @$see_also = grep { lc($_) ne lc($url) } @$see_also;
+ my @new_see_also = grep { lc($_) ne lc($url) } @$see_also;
+ my $privs;
+ my $can = $self->check_can_change_field('see_also', $see_also, \@new_see_also, \$privs);
+ if (!$can) {
+ ThrowUserError('illegal_change', { field => 'see_also',
+ oldvalue => $url,
+ privs => $privs });
+ }
+ $self->{see_also} = \@new_see_also;
}
#####################################################################