diff options
| author | mkanat%bugzilla.org <> | 2009-07-23 04:16:15 +0200 |
|---|---|---|
| committer | mkanat%bugzilla.org <> | 2009-07-23 04:16:15 +0200 |
| commit | e1f05a42100cc00535af1890664c87be1a7ca6bd (patch) | |
| tree | 03f937248f018faa8124e87f0e570d9685553738 | |
| parent | d5ea314f08df266f182b757b747861232ab25a6b (diff) | |
| download | bugzilla-e1f05a42100cc00535af1890664c87be1a7ca6bd.tar.gz bugzilla-e1f05a42100cc00535af1890664c87be1a7ca6bd.tar.xz | |
Bug 505592: Make add_see_also and remove_see_also call check_can_change_field
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
| -rw-r--r-- | Bugzilla/Bug.pm | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm index 9b0bac1e1..64a53b8a1 100644 --- a/Bugzilla/Bug.pm +++ b/Bugzilla/Bug.pm @@ -2426,6 +2426,14 @@ sub add_see_also { # case-sensitive, but most of our DBs are case-insensitive, so we do # this check case-insensitively. if (!grep { lc($_) eq lc($result) } @{ $self->see_also }) { + my $privs; + my $can = $self->check_can_change_field('see_also', '', $result, \$privs); + if (!$can) { + ThrowUserError('illegal_change', { field => 'see_also', + newvalue => $result, + privs => $privs }); + } + push(@{ $self->see_also }, $result); } } @@ -2433,7 +2441,15 @@ sub add_see_also { sub remove_see_also { my ($self, $url) = @_; my $see_also = $self->see_also; - @$see_also = grep { lc($_) ne lc($url) } @$see_also; + my @new_see_also = grep { lc($_) ne lc($url) } @$see_also; + my $privs; + my $can = $self->check_can_change_field('see_also', $see_also, \@new_see_also, \$privs); + if (!$can) { + ThrowUserError('illegal_change', { field => 'see_also', + oldvalue => $url, + privs => $privs }); + } + $self->{see_also} = \@new_see_also; } ##################################################################### |