diff options
| author | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-04-19 20:33:17 +0200 |
|---|---|---|
| committer | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-04-19 20:33:17 +0200 |
| commit | 52c0a0a8426fd3fa17e876343588e8a22ef65344 (patch) | |
| tree | cc4024a3a8e8134d5b921e6a6a9eb78738f9cdc9 /Bugzilla/Install.pm | |
| parent | a424a29d49f2289351f857f16f8965869cbd0ef8 (diff) | |
| download | bugzilla-52c0a0a8426fd3fa17e876343588e8a22ef65344.tar.gz bugzilla-52c0a0a8426fd3fa17e876343588e8a22ef65344.tar.xz | |
Bug 560252: By default, users in editbugs should be in bz_canusewhines.
(Make editbugs inherit bz_canusewhines when we create bz_canusewhines.)
r=mkanat, a=mkanat (module owner)
Diffstat (limited to 'Bugzilla/Install.pm')
| -rw-r--r-- | Bugzilla/Install.pm | 64 |
1 files changed, 33 insertions, 31 deletions
diff --git a/Bugzilla/Install.pm b/Bugzilla/Install.pm index 10804ab70..9c798ceb9 100644 --- a/Bugzilla/Install.pm +++ b/Bugzilla/Install.pm @@ -109,14 +109,25 @@ use constant SYSTEM_GROUPS => ( description => 'Can confirm a bug or mark it a duplicate' }, { - name => 'bz_canusewhines', - description => 'User can configure whine reports for self' + name => 'bz_canusewhineatothers', + description => 'Can configure whine reports for other users', + }, + { + name => 'bz_canusewhines', + description => 'User can configure whine reports for self', + # inherited_by means that users in the groups listed below are + # automatically members of bz_canusewhines. + inherited_by => ['editbugs', 'bz_canusewhineatothers'], }, { name => 'bz_sudoers', - description => 'Can perform actions as other users' + description => 'Can perform actions as other users', + }, + { + name => 'bz_sudo_protect', + description => 'Can not be impersonated by other users', + inherited_by => ['bz_sudoers'], }, - # There are also other groups created in update_system_groups. ); use constant DEFAULT_CLASSIFICATION => { @@ -154,38 +165,29 @@ sub update_settings { sub update_system_groups { my $dbh = Bugzilla->dbh; + $dbh->bz_start_transaction(); + # Create most of the system groups foreach my $definition (SYSTEM_GROUPS) { my $exists = new Bugzilla::Group({ name => $definition->{name} }); - $definition->{isbuggroup} = 0; - Bugzilla::Group->create($definition) unless $exists; - } - - # Certain groups need something done after they are created. We do - # that here. - - # Make sure people who can whine at others can also whine. - if (!new Bugzilla::Group({name => 'bz_canusewhineatothers'})) { - my $whineatothers = Bugzilla::Group->create({ - name => 'bz_canusewhineatothers', - description => 'Can configure whine reports for other users', - isbuggroup => 0 }); - my $whine = new Bugzilla::Group({ name => 'bz_canusewhines' }); - - $dbh->do('INSERT INTO group_group_map (grantor_id, member_id) - VALUES (?,?)', undef, $whine->id, $whineatothers->id); + if (!$exists) { + $definition->{isbuggroup} = 0; + my $inherited_by = delete $definition->{inherited_by}; + my $created = Bugzilla::Group->create($definition); + # Each group in inherited_by is automatically a member of this + # group. + if ($inherited_by) { + foreach my $name (@$inherited_by) { + my $member = Bugzilla::Group->check($name); + $dbh->do('INSERT INTO group_group_map (grantor_id, + member_id) VALUES (?,?)', + undef, $created->id, $member->id); + } + } + } } - # Make sure sudoers are automatically protected from being sudoed. - if (!new Bugzilla::Group({name => 'bz_sudo_protect'})) { - my $sudo_protect = Bugzilla::Group->create({ - name => 'bz_sudo_protect', - description => 'Can not be impersonated by other users', - isbuggroup => 0 }); - my $sudo = new Bugzilla::Group({ name => 'bz_sudoers' }); - $dbh->do('INSERT INTO group_group_map (grantor_id, member_id) - VALUES (?,?)', undef, $sudo_protect->id, $sudo->id); - } + $dbh->bz_commit_transaction(); } sub create_default_classification { |