summaryrefslogtreecommitdiffstats
path: root/attachment.cgi
diff options
context:
space:
mode:
authorbugreport%peshkin.net <>2005-10-18 06:19:00 +0200
committerbugreport%peshkin.net <>2005-10-18 06:19:00 +0200
commit1f9c83ae81c5c81d005fa0d9a428e23ea5126576 (patch)
tree191cd91527ab952c5d2abe6d3a797bd415937494 /attachment.cgi
parent1a84cc52fea5f653e51a6ec43c778d4452351964 (diff)
downloadbugzilla-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.gz
bugzilla-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.xz
Bug 309681 Prevent users from adding another user who shouldn't have access to a bug as assignee or CC member
Patch by Gabriel Sales de Oliveira <gabriel@async.com.br> r=joel, a=justdave
Diffstat (limited to 'attachment.cgi')
-rwxr-xr-xattachment.cgi2
1 files changed, 1 insertions, 1 deletions
diff --git a/attachment.cgi b/attachment.cgi
index 67272ae50..eafb31ea5 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -218,7 +218,7 @@ sub validateCanChangeAttachment
ON bugs.bug_id = attachments.bug_id
WHERE attach_id = $attachid");
my $productid = FetchOneColumn();
- CanEditProductId($productid)
+ Bugzilla->user->can_edit_product_id($productid)
|| ThrowUserError("illegal_attachment_edit",
{ attach_id => $attachid });
}