summaryrefslogtreecommitdiffstats
path: root/extensions/Ember/lib
diff options
context:
space:
mode:
authorDave Lawrence <dlawrence@mozilla.com>2013-09-17 19:56:40 +0200
committerDave Lawrence <dlawrence@mozilla.com>2013-09-17 19:56:40 +0200
commitdfc10cdfddc44043543b9cfdcbe915d158056678 (patch)
tree354197b02c37b40aebfcb9fa6af6f2c586b07a0a /extensions/Ember/lib
parentfc32690344a4762e9b08d7618a167c43a9dc7504 (diff)
downloadbugzilla-dfc10cdfddc44043543b9cfdcbe915d158056678.tar.gz
bugzilla-dfc10cdfddc44043543b9cfdcbe915d158056678.tar.xz
Bug 916955 - Ember.show API doesn't error if an invalid token is provided
Diffstat (limited to 'extensions/Ember/lib')
-rw-r--r--extensions/Ember/lib/WebService.pm6
1 files changed, 6 insertions, 0 deletions
diff --git a/extensions/Ember/lib/WebService.pm b/extensions/Ember/lib/WebService.pm
index bb4e5f8ad..4f7a0c713 100644
--- a/extensions/Ember/lib/WebService.pm
+++ b/extensions/Ember/lib/WebService.pm
@@ -114,6 +114,12 @@ sub show {
Bugzilla->switch_to_shadow_db();
+ # Throw error if token was provided and user is not logged
+ # in meaning token was invalid/expired.
+ if (exists $params->{token} && !Bugzilla->user->id) {
+ ThrowUserError('invalid_token');
+ }
+
my $bug_id = delete $params->{id};
$bug_id || ThrowCodeError('params_required',
{ function => 'Ember.show', params => ['id'] });