Patch by Joe Robins <jmrobins@tgix.com> -- allow automatic definition

of a group per project, and automatically put new bugs against that
project into that group, thus allowing entire projects to be protected
against viewing by unauthorized users.  This is all optional,
controlled by new parameters.

1 files changed, 19 insertions, 2 deletions

diff --git a/post_bug.cgi b/post_bug.cgi
index 46843fac5..975d407d8 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -20,6 +20,7 @@
 #
 # Contributor(s): Terry Weissman <terry@mozilla.org>
 #                 Dan Mosedale <dmose@mozilla.org>
+#                 Joe Robins <jmrobins@tgix.com>
 
 use diagnostics;
 use strict;
@@ -67,6 +68,19 @@ PutHeader("Posting Bug -- Please wait", "Posting Bug", "One moment please...");
 umask 0;
 ConnectToDatabase();
 
+my $product = $::FORM{'product'};
+
+if(Param("usebuggroupsentry") && GroupExists($product)) {
+  if(!UserInGroup($product)) {
+    print "<H1>Permission denied.</H1>\n";
+    print "Sorry; you do not have the permissions necessary to enter\n";
+    print "a bug against this product.\n";
+    print "<P>\n";
+    PutFooter();
+    exit;
+  }
+}
+
 if (!defined $::FORM{'component'} || $::FORM{'component'} eq "") {
     PuntTryAgain("You must choose a component that corresponds to this bug. " .
                  "If necessary, just guess.");
@@ -104,7 +118,11 @@ if (Param("useqacontact")) {
     }
 }
 
-
+# If we're using bug groups, we need to include the groupset in the list of
+# fields.  -JMR, 2/18/00
+if(Param("usebuggroups")) {
+  push(@bug_fields, "groupset");
+}
 
 if (exists $::FORM{'bug_status'}) {
     if (!UserInGroup("canedit") && !UserInGroup("canconfirm")) {
@@ -121,7 +139,6 @@ if (!exists $::FORM{'bug_status'}) {
     }
 }
 
-
 if ( Param("strictvaluechecks") ) {
     GetVersionTable();  
     CheckFormField(\%::FORM, 'reporter');