diff options
| author | bugreport%peshkin.net <> | 2005-10-18 06:19:00 +0200 |
|---|---|---|
| committer | bugreport%peshkin.net <> | 2005-10-18 06:19:00 +0200 |
| commit | 1f9c83ae81c5c81d005fa0d9a428e23ea5126576 (patch) | |
| tree | 191cd91527ab952c5d2abe6d3a797bd415937494 /attachment.cgi | |
| parent | 1a84cc52fea5f653e51a6ec43c778d4452351964 (diff) | |
| download | bugzilla-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.gz bugzilla-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.xz | |
Bug 309681 Prevent users from adding another user who shouldn't have access to a bug as assignee or CC member
Patch by Gabriel Sales de Oliveira <gabriel@async.com.br>
r=joel, a=justdave
Diffstat (limited to 'attachment.cgi')
| -rwxr-xr-x | attachment.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/attachment.cgi b/attachment.cgi index 67272ae50..eafb31ea5 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -218,7 +218,7 @@ sub validateCanChangeAttachment ON bugs.bug_id = attachments.bug_id WHERE attach_id = $attachid"); my $productid = FetchOneColumn(); - CanEditProductId($productid) + Bugzilla->user->can_edit_product_id($productid) || ThrowUserError("illegal_attachment_edit", { attach_id => $attachid }); } |