diff options
| author | Simon Green <sgreen@redhat.com> | 2014-07-27 10:47:21 +0200 |
|---|---|---|
| committer | Simon Green <sgreen@redhat.com> | 2014-07-27 10:47:21 +0200 |
| commit | fd29ee56c4678749c00e7698ef245f7e2967ee10 (patch) | |
| tree | 9d0696c9a89b8df8a6d46e2be6602a449b7354c3 /js | |
| parent | 9f0f44b7fb73e9af0cdaefe8f5ff617f14fec2ed (diff) | |
| download | bugzilla-fd29ee56c4678749c00e7698ef245f7e2967ee10.tar.gz bugzilla-fd29ee56c4678749c00e7698ef245f7e2967ee10.tar.xz | |
Bug 726696 - All authenticated WebServices methods should require username/pass, token or a valid API key for authentication
r=dkl, a=sgreen
Diffstat (limited to 'js')
| -rw-r--r-- | js/bug.js | 10 | ||||
| -rw-r--r-- | js/comment-tagging.js | 8 | ||||
| -rw-r--r-- | js/field.js | 2 |
3 files changed, 17 insertions, 3 deletions
@@ -22,6 +22,7 @@ YAHOO.bugzilla.dupTable = { method : "Bug.possible_duplicates", id : YAHOO.bugzilla.dupTable.counter, params : { + Bugzilla_api_token: BUGZILLA.api_token, product : product_name, summary : summary_field.value, limit : 7, @@ -199,7 +200,10 @@ function set_assign_to(use_qa_contact) { var args = JSON.stringify({ version: "1.1", method: 'BugUserLastVisit.update', - params: { ids: bug_id }, + params: { + Bugzilla_api_token: BUGZILLA.api_token, + ids: bug_id + }, }); var callbacks = { failure: function(res) { @@ -218,7 +222,9 @@ function set_assign_to(use_qa_contact) { var args = JSON.stringify({ version: "1.1", method: 'BugUserLastVisit.get', - params: { }, + params: { + Bugzilla_api_token: BUGZILLA.api_token + }, }); var callbacks = { success: function(res) { done(JSON.parse(res.responseText)) }, diff --git a/js/comment-tagging.js b/js/comment-tagging.js index 035d05b0b..987dfd8da 100644 --- a/js/comment-tagging.js +++ b/js/comment-tagging.js @@ -50,7 +50,11 @@ YAHOO.bugzilla.commentTagging = { return YAHOO.lang.JSON.stringify({ method : "Bug.search_comment_tags", id : YAHOO.bugzilla.commentTagging.counter, - params : [ { query : query, limit : 10 } ] + params : { + Bugzilla_api_token: BUGZILLA.api_token, + query : query, + limit : 10 + } }); }; ac.minQueryLength = this.min_len; @@ -327,6 +331,7 @@ YAHOO.bugzilla.commentTagging = { version: "1.1", method: 'Bug.comments', params: { + Bugzilla_api_token: BUGZILLA.api_token, comment_ids: [ comment_id ], include_fields: [ 'tags' ] } @@ -359,6 +364,7 @@ YAHOO.bugzilla.commentTagging = { version: "1.1", method: 'Bug.update_comment_tags', params: { + Bugzilla_api_token: BUGZILLA.api_token, comment_id: comment_id, add: add, remove: remove diff --git a/js/field.js b/js/field.js index 892c8669f..f865a141f 100644 --- a/js/field.js +++ b/js/field.js @@ -825,6 +825,7 @@ YAHOO.bugzilla.userAutocomplete = { method : "User.get", id : YAHOO.bugzilla.userAutocomplete.counter, params : [ { + Bugzilla_api_token: BUGZILLA.api_token, match : [ decodeURIComponent(enteredText) ], include_fields : [ "name", "real_name" ] } ] @@ -1047,6 +1048,7 @@ function show_comment_preview(bug_id) { version: "1.1", method: 'Bug.render_comment', params: { + Bugzilla_api_token: BUGZILLA.api_token, id: bug_id, text: comment.value } |