summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--extensions/Review/lib/WebService.pm14
1 files changed, 13 insertions, 1 deletions
diff --git a/extensions/Review/lib/WebService.pm b/extensions/Review/lib/WebService.pm
index f5530dd49..8d10b5423 100644
--- a/extensions/Review/lib/WebService.pm
+++ b/extensions/Review/lib/WebService.pm
@@ -118,10 +118,22 @@ sub flag_activity {
}
my $matches = Bugzilla::Extension::Review::FlagStateActivity->match(\%match_criteria);
- my @results = map { $self->_flag_state_activity_to_hash($_, $params) } @$matches;
+ my $user = Bugzilla->user;
+ $user->visible_bugs([ map { $_->bug_id } @$matches ]);
+ my @results = map { $self->_flag_state_activity_to_hash($_, $params) }
+ grep { $user->can_see_bug($_->bug_id) && _can_see_attachment($user, $_) }
+ @$matches;
return \@results;
}
+sub _can_see_attachment {
+ my ($user, $flag_state_activity) = @_;
+
+ return 1 if !$flag_state_activity->attachment_id;
+ return 0 if $flag_state_activity->attachment->isprivate && !$user->is_insider;
+ return 1;
+}
+
sub rest_resources {
return [
# bug-id