diff options
author | lpsolit%gmail.com <> | 2005-08-14 05:22:11 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2005-08-14 05:22:11 +0200 |
commit | 3f7f64ada2722579bea1b437576f7dd6f1b6788e (patch) | |
tree | dbf2f215a95b41e42e09fc6b181e65163937e722 /editusers.cgi | |
parent | 8afa5934a67c36d0439cc3b2c939bd4c7d9ae9e8 (diff) | |
download | bugzilla-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar.gz bugzilla-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar.xz |
Bug 284263: Inherited bless permissions without inherited membership do not work - Patch by Marc Schumann <wurblzap@gmail.com> r=joel,LpSolit a=justdave
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-x | editusers.cgi | 48 |
1 files changed, 4 insertions, 44 deletions
diff --git a/editusers.cgi b/editusers.cgi index f628752cd..bada71af7 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -66,7 +66,7 @@ mirrorListSelectionValues(); ########################################################################### if ($action eq 'search') { # Allow to restrict the search to any group the user is allowed to bless. - $vars->{'restrictablegroups'} = groupsUserMayBless($user, 'id', 'name'); + $vars->{'restrictablegroups'} = $user->bless_groups(); $template->process('admin/users/search.html.tmpl', $vars) || ThrowTemplateError($template->error()); @@ -315,7 +315,7 @@ if ($action eq 'search') { # silently. # XXX: checking for existence of each user_group_map entry # would allow to display a friendlier error message on page reloads. - foreach (@{groupsUserMayBless($user, 'id', 'name')}) { + foreach (@{$user->bless_groups()}) { my $id = $$_{'id'}; my $name = $$_{'name'}; @@ -603,7 +603,7 @@ if ($action eq 'search') { $vars->{'message'} = 'account_deleted'; $vars->{'otheruser'}{'login'} = $otherUserLogin; - $vars->{'restrictablegroups'} = groupsUserMayBless($user, 'id', 'name'); + $vars->{'restrictablegroups'} = $user->bless_groups(); $template->process('admin/users/search.html.tmpl', $vars) || ThrowTemplateError($template->error()); @@ -628,46 +628,6 @@ sub mirrorListSelectionValues { } } -# Give a list of IDs of groups the user may bless. -sub groupsUserMayBless { - my $user = shift; - my $fieldList = join(', ', @_); - my $query; - my $connector; - my @bindValues; - - $user->derive_groups(1); - - if ($editusers) { - $query = "SELECT DISTINCT $fieldList FROM groups"; - $connector = 'WHERE'; - } else { - $query = qq{SELECT DISTINCT $fieldList - FROM groups - LEFT JOIN user_group_map AS ugm - ON groups.id = ugm.group_id - LEFT JOIN group_group_map AS ggm - ON ggm.member_id = ugm.group_id - AND ggm.grant_type = ? - WHERE user_id = ? - AND (ugm.isbless = 1 OR groups.id = ggm.grantor_id) - }; - @bindValues = (GROUP_BLESS, $userid); - $connector = 'AND'; - } - - # If visibilitygroups are used, restrict the set of groups. - if (Param('usevisibilitygroups')) { - # Users need to see a group in order to bless it. - my $visibleGroups = $user->visible_groups_as_string() || return {}; - $query .= " $connector id in ($visibleGroups)"; - } - - $query .= ' ORDER BY name'; - - return $dbh->selectall_arrayref($query, {'Slice' => {}}, @bindValues); -} - # Retrieve user data for the user editing form. User creation and user # editing code rely on this to call derive_groups(). sub userDataToVars { @@ -679,7 +639,7 @@ sub userDataToVars { $otheruser->derive_groups(); $vars->{'otheruser'} = $otheruser; - $vars->{'groups'} = groupsUserMayBless($user, 'id', 'name', 'description'); + $vars->{'groups'} = $user->bless_groups(); $vars->{'permissions'} = $dbh->selectall_hashref( qq{SELECT id, |