diff options
| author | olav%bkor.dhs.org <> | 2006-10-23 07:41:40 +0200 |
|---|---|---|
| committer | olav%bkor.dhs.org <> | 2006-10-23 07:41:40 +0200 |
| commit | c33b4eb31dbf095c98bf5bf8950e114b80273f08 (patch) | |
| tree | 2a181b9f331c3624eb8c2410af321da745678102 /template/en | |
| parent | e58ccfd7946e2f0164bdabf0b9dd68f31bdae287 (diff) | |
| download | bugzilla-c33b4eb31dbf095c98bf5bf8950e114b80273f08.tar.gz bugzilla-c33b4eb31dbf095c98bf5bf8950e114b80273f08.tar.xz | |
Bug 121576: fields should not be editable when viewing a bug if the user is not logged in
Patch by Olav Vitters <olav@bkor.dhs.org> r=LpSolit a=justdave
Diffstat (limited to 'template/en')
| -rw-r--r-- | template/en/default/bug/edit.html.tmpl | 152 | ||||
| -rw-r--r-- | template/en/default/filterexceptions.pl | 3 |
2 files changed, 88 insertions, 67 deletions
diff --git a/template/en/default/bug/edit.html.tmpl b/template/en/default/bug/edit.html.tmpl index ee13bbc2f..a896bd682 100644 --- a/template/en/default/bug/edit.html.tmpl +++ b/template/en/default/bug/edit.html.tmpl @@ -20,6 +20,7 @@ # Vaskin Kissoyan <vkissoyan@yahoo.com> # Max Kanat-Alexander <mkanat@bugzilla.org> # Frédéric Buclin <LpSolit@gmail.com> + # Olav Vitters <olav@bkor.dhs.org> #%] [% PROCESS global/variables.none.tmpl %] @@ -215,7 +216,7 @@ [% FOREACH field = fields %] <tr> [% PROCESS bug/field.html.tmpl value=bug.${field.name} - editable = bug.check_can_change_field(field.name, 0, 1) || !user.id + editable = bug.check_can_change_field(field.name, 0, 1) value_span = 2 %] </tr> [% END %] @@ -262,10 +263,22 @@ <table cellspacing="1" cellpadding="1"> <tr> <td colspan="2" valign="top"> - [% IF bug.flag_types.size > 0 %] - [% PROCESS "flag/list.html.tmpl" flag_no_header = 1 - flag_types = bug.flag_types - any_flags_requesteeble = bug.any_flags_requesteeble %] + [% IF user.id %] + [% IF bug.flag_types.size > 0 %] + [% PROCESS "flag/list.html.tmpl" flag_no_header = 1 + flag_types = bug.flag_types + any_flags_requesteeble = bug.any_flags_requesteeble %] + [% END %] + [% ELSE %] + [% FOREACH type = bug.flag_types %] + [% FOREACH flag = type.flags %] + [% flag.setter.nick FILTER html %]: + [%+ type.name FILTER html FILTER no_break %][% flag.status %] + [%+ IF flag.requestee %] + ([% flag.requestee.nick FILTER html %]) + [% END %]<br> + [% END %] + [% END %] [% END %] </td> </tr> @@ -362,40 +375,42 @@ <br> <table cellpadding="1" cellspacing="1"> <tr> - <td> - <label for="comment" accesskey="c"><b>Additional <u>C</u>omments</b></label>: - [% IF Param("insidergroup") && user.in_group(Param("insidergroup")) %] - <input type="checkbox" name="commentprivacy" value="1" - id="newcommentprivacy" - onClick="updateCommentTagControl(this, form)"> - <label for="newcommentprivacy">Private</label> - [% END %] - <br> - <a name="add_comment"></a> - [% INCLUDE global/textarea.html.tmpl - name = 'comment' - id = 'comment' - minrows = 10 - maxrows = 25 - cols = constants.COMMENT_COLS - %] - - [% IF NOT bug.cc || NOT bug.cc.contains(user.login) %] - [% has_role = bug.user.isreporter - || bug.assigned_to.id == user.id - || (Param('useqacontact') - && bug.qa_contact - && bug.qa_contact.id == user.id) %] - + [% IF user.id %] + <td> + <label for="comment" accesskey="c"><b>Additional <u>C</u>omments</b></label>: + [% IF Param("insidergroup") && user.in_group(Param("insidergroup")) %] + <input type="checkbox" name="commentprivacy" value="1" + id="newcommentprivacy" + onClick="updateCommentTagControl(this, form)"> + <label for="newcommentprivacy">Private</label> + [% END %] <br> - <input type="checkbox" id="addselfcc" name="addselfcc" - [% " checked=\"checked\"" - IF user.settings.state_addselfcc.value == 'always' - || (!has_role - && user.settings.state_addselfcc.value == 'cc_unless_role') %]> - <label for="addselfcc">Add [% user.identity FILTER html %] to CC list</label> - [% END %] - </td> + <a name="add_comment"></a> + [% INCLUDE global/textarea.html.tmpl + name = 'comment' + id = 'comment' + minrows = 10 + maxrows = 25 + cols = constants.COMMENT_COLS + %] + + [% IF NOT bug.cc || NOT bug.cc.contains(user.login) %] + [% has_role = bug.user.isreporter + || bug.assigned_to.id == user.id + || (Param('useqacontact') + && bug.qa_contact + && bug.qa_contact.id == user.id) %] + + <br> + <input type="checkbox" id="addselfcc" name="addselfcc" + [% " checked=\"checked\"" + IF user.settings.state_addselfcc.value == 'always' + || (!has_role + && user.settings.state_addselfcc.value == 'cc_unless_role') %]> + <label for="addselfcc">Add [% user.identity FILTER html %] to CC list</label> + [% END %] + </td> + [% END %] <td valign="top"> <fieldset> @@ -491,7 +506,7 @@ [% END %] [% END %] -[% PROCESS bug/knob.html.tmpl %] +[% PROCESS bug/knob.html.tmpl IF user.id %] [%# *** Additional Comments *** %] @@ -500,7 +515,7 @@ <div id="comments"> [% PROCESS bug/comments.html.tmpl comments = bug.longdescs - mode = "edit" + mode = user.id ? "edit" : "show" %] </div> @@ -658,7 +673,7 @@ <label for="qa_contact" accesskey="q"><b><u>Q</u>A Contact</b></label>: </td> <td colspan="7"> - [% IF bug.check_can_change_field("qa_contact", 0, 1) || !user.id %] + [% IF bug.check_can_change_field("qa_contact", 0, 1) %] [% INCLUDE global/userselect.html.tmpl id => "qa_contact" name => "qa_contact" @@ -667,7 +682,7 @@ emptyok => 1 %] [% ELSE %] - <input type="hidden" name="qa_contact" + <input type="hidden" name="qa_contact" id="qa_contact" value="[% bug.qa_contact.login FILTER html %]"> <a href="mailto:[% bug.qa_contact.email FILTER html %]"> [% IF bug.qa_contact.login && bug.qa_contact.login.length > 30 %] @@ -683,20 +698,22 @@ </tr> [% END %] - <tr> - <td align="right" valign="top"> - <label for="newcc" accesskey="a"><b><u>A</u>dd CC</b></label>: - </td> - <td> - [% INCLUDE global/userselect.html.tmpl - id => "newcc" - name => "newcc" - value => "" - size => 30 - multiple => 5 - %] - </td> - </tr> + [% IF user.id %] + <tr> + <td align="right" valign="top"> + <label for="newcc" accesskey="a"><b><u>A</u>dd CC</b></label>: + </td> + <td> + [% INCLUDE global/userselect.html.tmpl + id => "newcc" + name => "newcc" + value => "" + size => 30 + multiple => 5 + %] + </td> + </tr> + [% END %] <tr> [% IF bug.cc %] @@ -704,15 +721,18 @@ <label for="cc"><b>CC</b></label>: </td> <td valign="top"> - <select id="cc" name="cc" multiple="multiple" size="5"> + <select id="cc" name="cc" multiple="multiple" size="5" + [%- " disabled=\"disabled\"" IF !user.id %]> [% FOREACH c = bug.cc %] <option value="[% c FILTER html %]">[% c FILTER html %]</option> [% END %] </select> - <br> - <input type="checkbox" id="removecc" name="removecc"> - [%%]<label for="removecc">Remove selected CCs</label> - <br> + [% IF user.id %] + <br> + <input type="checkbox" id="removecc" name="removecc"> + [%%]<label for="removecc">Remove selected CCs</label> + <br> + [% END %] </td> [% ELSE %] <td colspan="2"><input type="hidden" name="cc" value=""></td> @@ -736,11 +756,11 @@ [% END %] </td> <td> - [% IF bug.check_can_change_field(dep.fieldname, 0, 1) || !user.id %] + [% IF bug.check_can_change_field(dep.fieldname, 0, 1) %] <input name="[% dep.fieldname %]" id="[% dep.fieldname %]" value="[% bug.${dep.fieldname}.join(', ') %]"> [% ELSE %] - <input type="hidden" name="[% dep.fieldname %]" + <input type="hidden" id="[% dep.fieldname %]" name="[% dep.fieldname %]" value="[% bug.${dep.fieldname}.join(', ') %]"> [% END %] </td> @@ -753,7 +773,7 @@ [% BLOCK select %] <td> - [% IF bug.check_can_change_field(selname, 0, 1) || !user.id %] + [% IF bug.check_can_change_field(selname, 0, 1) %] <select id="[% selname %]" name="[% selname %]"> [% FOREACH x = bug.choices.${selname} %] <option value="[% x FILTER html %]" @@ -762,7 +782,7 @@ [% END %] </select> [% ELSE %] - <input type="hidden" name="[% selname %]" value="[% bug.${selname} FILTER html %]"> + <input type="hidden" id="[% selname %]" name="[% selname %]" value="[% bug.${selname} FILTER html %]"> [% bug.${selname} FILTER html %] [% END %] </td> @@ -775,7 +795,7 @@ [% BLOCK input %] <td[% " colspan=\"$colspan\"" IF colspan %]> [% val = value ? value : bug.$inputname %] - [% IF bug.check_can_change_field(inputname, 0, 1) || !user.id %] + [% IF bug.check_can_change_field(inputname, 0, 1) %] <input id="[% inputname %]" name="[% inputname %]" value="[% val FILTER html %]"[% " size=\"$size\"" IF size %] [% " maxlength=\"$maxlength\"" IF maxlength %]> diff --git a/template/en/default/filterexceptions.pl b/template/en/default/filterexceptions.pl index 58988b68e..2057e3974 100644 --- a/template/en/default/filterexceptions.pl +++ b/template/en/default/filterexceptions.pl @@ -319,7 +319,8 @@ 'inputname', '" colspan=\"$colspan\"" IF colspan', '" size=\"$size\"" IF size', - '" maxlength=\"$maxlength\"" IF maxlength' + '" maxlength=\"$maxlength\"" IF maxlength', + 'flag.status', ], 'bug/knob.html.tmpl' => [ |