Bug 294021: Allow requestees to set attachment flags even if they don't have editbugs privs

r=gerv a=justdave
author: Frédéric Buclin <LpSolit@gmail.com> 2014-03-21 11:58:45 +0100
committer: Frédéric Buclin <LpSolit@gmail.com> 2014-03-21 11:58:45 +0100
commit: 1327ff9a6a65b31d9cad315a968b6d3bdab54b89 (patch)
tree: fb0529638e074a0049f7de9b05a0239160bdb38c /attachment.cgi
parent: e477b10a327c55ab88f8edb5991a1214670716b1 (diff)
download: bugzilla-1327ff9a6a65b31d9cad315a968b6d3bdab54b89.tar.gz
bugzilla-1327ff9a6a65b31d9cad315a968b6d3bdab54b89.tar.xz
1 files changed, 25 insertions, 3 deletions
diff --git a/attachment.cgi b/attachment.cgi
index 5a0d6f9fb..94510fb19 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -626,7 +626,7 @@ sub update {
     my $attachment = validateID();
     my $bug = $attachment->bug;
     $attachment->_check_bug;
-    my $can_edit = $attachment->validate_can_edit($bug->product_id);
+    my $can_edit = $attachment->validate_can_edit;
 
     if ($can_edit) {
         $attachment->set_description(scalar $cgi->param('description'));
@@ -680,11 +680,33 @@ sub update {
 
     $bug->add_cc($user) if $cgi->param('addselfcc');
 
+    my ($flags, $new_flags) =
+      Bugzilla::Flag->extract_flags_from_cgi($bug, $attachment, $vars);
+
     if ($can_edit) {
-        my ($flags, $new_flags) =
-          Bugzilla::Flag->extract_flags_from_cgi($bug, $attachment, $vars);
         $attachment->set_flags($flags, $new_flags);
     }
+    # Requestees can set flags targetted to them, even if they cannot
+    # edit the attachment. Flag setters can edit their own flags too.
+    elsif (scalar @$flags) {
+        my %flag_list = map { $_->{id} => $_ } @$flags;
+        my $flag_objs = Bugzilla::Flag->new_from_list([keys %flag_list]);
+
+        my @editable_flags;
+        foreach my $flag_obj (@$flag_objs) {
+            if ($flag_obj->setter_id == $user->id
+                || ($flag_obj->requestee_id && $flag_obj->requestee_id == $user->id))
+            {
+                push(@editable_flags, $flag_list{$flag_obj->id});
+            }
+        }
+
+        if (scalar @editable_flags) {
+            $attachment->set_flags(\@editable_flags, []);
+            # Flag changes must be committed.
+            $can_edit = 1;
+        }
+    }
 
     # Figure out when the changes were made.
     my $timestamp = $dbh->selectrow_array('SELECT LOCALTIMESTAMP(0)');
author	Frédéric Buclin <LpSolit@gmail.com>	2014-03-21 11:58:45 +0100
committer	Frédéric Buclin <LpSolit@gmail.com>	2014-03-21 11:58:45 +0100
commit	1327ff9a6a65b31d9cad315a968b6d3bdab54b89 (patch)
tree	fb0529638e074a0049f7de9b05a0239160bdb38c /attachment.cgi
parent	e477b10a327c55ab88f8edb5991a1214670716b1 (diff)
download	bugzilla-1327ff9a6a65b31d9cad315a968b6d3bdab54b89.tar.gz bugzilla-1327ff9a6a65b31d9cad315a968b6d3bdab54b89.tar.xz