Bug 779088 - Allow extensions to whitelist PATH_INFO

author: Dave Lawrence <dlawrence@mozilla.com> 2012-08-15 23:46:13 +0200
committer: Dave Lawrence <dlawrence@mozilla.com> 2012-08-15 23:46:13 +0200
commit: ba0b995c4453d3642e19343fa98f1b4034114f39 (patch)
tree: 4591772b7175810ed33fb1267ff393b771b59dd7 /extensions/Example
parent: 5bcba2b42c531a50c0017a262e879b0b42940b53 (diff)
download: bugzilla-ba0b995c4453d3642e19343fa98f1b4034114f39.tar.gz
bugzilla-ba0b995c4453d3642e19343fa98f1b4034114f39.tar.xz
1 files changed, 58 insertions, 52 deletions
diff --git a/extensions/Example/Extension.pm b/extensions/Example/Extension.pm
index 885a8e8ff..8eef19a6e 100644
--- a/extensions/Example/Extension.pm
+++ b/extensions/Example/Extension.pm
@@ -44,6 +44,20 @@ use constant REL_EXAMPLE => -127;
 
 our $VERSION = '1.0';
 
+sub admin_editusers_action {
+    my ($self, $args) = @_;
+    my ($vars, $action, $user) = @$args{qw(vars action user)};
+    my $template = Bugzilla->template;
+
+    if ($action eq 'my_action') {
+        # Allow to restrict the search to any group the user is allowed to bless.
+        $vars->{'restrictablegroups'} = $user->bless_groups();
+        $template->process('admin/users/search.html.tmpl', $vars)
+            || ThrowTemplateError($template->error());
+        exit;
+    }
+}
+
 sub attachment_process_data {
     my ($self, $args) = @_;
     my $type     = $args->{attributes}->{mimetype};
@@ -80,6 +94,44 @@ sub auth_verify_methods {
     }
 }
 
+sub bug_check_can_change_field {
+    my ($self, $args) = @_;
+
+    my ($bug, $field, $new_value, $old_value, $priv_results)
+        = @$args{qw(bug field new_value old_value priv_results)};
+
+    my $user = Bugzilla->user;
+
+    # Disallow a bug from being reopened if currently closed unless user 
+    # is in 'admin' group
+    if ($field eq 'bug_status' && $bug->product_obj->name eq 'Example') {
+        if (!is_open_state($old_value) && is_open_state($new_value) 
+            && !$user->in_group('admin')) 
+        {
+            push(@$priv_results, PRIVILEGES_REQUIRED_EMPOWERED);
+            return;
+        }
+    }
+
+    # Disallow a bug's keywords from being edited unless user is the
+    # reporter of the bug 
+    if ($field eq 'keywords' && $bug->product_obj->name eq 'Example' 
+        && $user->login ne $bug->reporter->login) 
+    {
+        push(@$priv_results, PRIVILEGES_REQUIRED_REPORTER);
+        return;
+    }
+
+    # Allow updating of priority even if user cannot normally edit the bug 
+    # and they are in group 'engineering'
+    if ($field eq 'priority' && $bug->product_obj->name eq 'Example'
+        && $user->in_group('engineering')) 
+    {
+        push(@$priv_results, PRIVILEGES_REQUIRED_NONE);
+        return;
+    }
+}
+
 sub bug_columns {
     my ($self, $args) = @_;
     my $columns = $args->{'columns'};
@@ -691,6 +743,12 @@ sub page_before_template {
     }
 }
 
+sub path_info_whitelist {
+    my ($self, $args) = @_;
+    my $whitelist = $args->{whitelist};
+    push(@$whitelist, "page.cgi");
+}
+
 sub post_bug_after_creation {
     my ($self, $args) = @_;
     
@@ -819,58 +877,6 @@ sub template_before_process {
     }
 }
 
-sub bug_check_can_change_field {
-    my ($self, $args) = @_;
-
-    my ($bug, $field, $new_value, $old_value, $priv_results)
-        = @$args{qw(bug field new_value old_value priv_results)};
-
-    my $user = Bugzilla->user;
-
-    # Disallow a bug from being reopened if currently closed unless user 
-    # is in 'admin' group
-    if ($field eq 'bug_status' && $bug->product_obj->name eq 'Example') {
-        if (!is_open_state($old_value) && is_open_state($new_value) 
-            && !$user->in_group('admin')) 
-        {
-            push(@$priv_results, PRIVILEGES_REQUIRED_EMPOWERED);
-            return;
-        }
-    }
-
-    # Disallow a bug's keywords from being edited unless user is the
-    # reporter of the bug 
-    if ($field eq 'keywords' && $bug->product_obj->name eq 'Example' 
-        && $user->login ne $bug->reporter->login) 
-    {
-        push(@$priv_results, PRIVILEGES_REQUIRED_REPORTER);
-        return;
-    }
-
-    # Allow updating of priority even if user cannot normally edit the bug 
-    # and they are in group 'engineering'
-    if ($field eq 'priority' && $bug->product_obj->name eq 'Example'
-        && $user->in_group('engineering')) 
-    {
-        push(@$priv_results, PRIVILEGES_REQUIRED_NONE);
-        return;
-    }
-}
-
-sub admin_editusers_action {
-    my ($self, $args) = @_;
-    my ($vars, $action, $user) = @$args{qw(vars action user)};
-    my $template = Bugzilla->template;
-
-    if ($action eq 'my_action') {
-        # Allow to restrict the search to any group the user is allowed to bless.
-        $vars->{'restrictablegroups'} = $user->bless_groups();
-        $template->process('admin/users/search.html.tmpl', $vars)
-            || ThrowTemplateError($template->error());
-        exit;
-    }
-}
-
 sub user_preferences {
     my ($self, $args) = @_;
     my $tab = $args->{current_tab};
author	Dave Lawrence <dlawrence@mozilla.com>	2012-08-15 23:46:13 +0200
committer	Dave Lawrence <dlawrence@mozilla.com>	2012-08-15 23:46:13 +0200
commit	ba0b995c4453d3642e19343fa98f1b4034114f39 (patch)
tree	4591772b7175810ed33fb1267ff393b771b59dd7 /extensions/Example
parent	5bcba2b42c531a50c0017a262e879b0b42940b53 (diff)
download	bugzilla-ba0b995c4453d3642e19343fa98f1b4034114f39.tar.gz bugzilla-ba0b995c4453d3642e19343fa98f1b4034114f39.tar.xz