diff options
| author | lpsolit%gmail.com <> | 2007-01-05 08:34:42 +0100 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2007-01-05 08:34:42 +0100 |
| commit | 4b060796419ff0beb29ea512c76ceb0612680c48 (patch) | |
| tree | 9cc8c0eb4ec6ef469b66610803bae4f0041d503d /process_bug.cgi | |
| parent | a88fc0757d5bd8e70cad0572ab4d29a8817beb84 (diff) | |
| download | bugzilla-4b060796419ff0beb29ea512c76ceb0612680c48.tar.gz bugzilla-4b060796419ff0beb29ea512c76ceb0612680c48.tar.xz | |
Bug 362066: strict_isolation: cannot remove users from the bug if their privs changed so that they can no longer edit bugs in the product - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
Diffstat (limited to 'process_bug.cgi')
| -rwxr-xr-x | process_bug.cgi | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/process_bug.cgi b/process_bug.cgi index c7ba981ff..1bb9bbcb8 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -830,7 +830,7 @@ foreach my $field (Bugzilla->get_fields({custom => 1, obsolete => 0})) { } my $product; -my $prod_changed; +my $prod_changed = 0; my @newprod_ids; if ($cgi->param('product') ne $cgi->param('dontchange')) { $product = Bugzilla::Product::check_product(scalar $cgi->param('product')); @@ -839,7 +839,14 @@ if ($cgi->param('product') ne $cgi->param('dontchange')) { $::query .= "product_id = ?"; push(@values, $product->id); @newprod_ids = ($product->id); - $prod_changed = 1; + # If the bug remains in the same product, leave $prod_changed set to 0. + # Even with 'strict_isolation' turned on, we ignore users who already + # play a role for the bug; else you would never be able to edit it. + # If you want to move the bug to another product, then you first have to + # remove these users from the bug. + unless (defined $cgi->param('id') && $bug->product_id == $product->id) { + $prod_changed = 1; + } } else { @newprod_ids = @{$dbh->selectcol_arrayref("SELECT DISTINCT product_id FROM bugs @@ -1006,7 +1013,10 @@ if (defined $cgi->param('qa_contact') # The QA contact cannot be deleted from show_bug.cgi for a single bug! if ($name ne $cgi->param('dontchange')) { $qacontact = login_to_id($name, THROW_ERROR) if ($name ne ""); - if ($qacontact && Bugzilla->params->{"strict_isolation"}) { + if ($qacontact && Bugzilla->params->{"strict_isolation"} + && !(defined $cgi->param('id') && $bug->qa_contact + && $qacontact == $bug->qa_contact->id)) + { $usercache{$qacontact} ||= Bugzilla::User->new($qacontact); my $qa_user = $usercache{$qacontact}; foreach my $product_id (@newprod_ids) { |