diff options
| -rw-r--r-- | Bugzilla/Auth/Persist/Cookie.pm | 10 | ||||
| -rw-r--r-- | extensions/SecureMail/Extension.pm | 7 |
2 files changed, 16 insertions, 1 deletions
diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm index fd910b118..06661101b 100644 --- a/Bugzilla/Auth/Persist/Cookie.pm +++ b/Bugzilla/Auth/Persist/Cookie.pm @@ -37,6 +37,7 @@ use Bugzilla::Util; use Bugzilla::Token; use List::Util qw(first); +use List::MoreUtils qw(any); sub new { my ($class) = @_; @@ -99,6 +100,15 @@ sub persist_login { -value => $login_cookie, %cookieargs); + my $securemail_groups = Bugzilla->can('securemail_groups') ? Bugzilla->securemail_groups : [ 'admin' ]; + + if (any { $user->in_group($_) } 'mozilla-employee-confidential', @$securemail_groups) { + my $auth_method = eval { ref($user->authorizer->successful_info_getter) } // 'unknown'; + + Bugzilla->audit(sprintf "successful login of %s from %s using \"%s\", authenticated by %s", + $user->login, $ip_addr, $cgi->user_agent // '', $auth_method); + } + return $login_cookie; } diff --git a/extensions/SecureMail/Extension.pm b/extensions/SecureMail/Extension.pm index d3840357f..3b03f33a6 100644 --- a/extensions/SecureMail/Extension.pm +++ b/extensions/SecureMail/Extension.pm @@ -49,7 +49,7 @@ use constant SECURE_ALL => 2; ############################################################################## # Creating new columns # -# secure_mail boolean in the 'groups' table - whether to send secure mail +# secure_mail boolean in the 'gselect id from groups where secure_mailroups' table - whether to send secure mail # public_key text in the 'profiles' table - stores public key ############################################################################## sub install_update_db { @@ -68,10 +68,15 @@ sub install_update_db { BEGIN { *Bugzilla::Group::secure_mail = \&_group_secure_mail; *Bugzilla::User::public_key = \&_user_public_key; + *Bugzilla::securemail_groups = \&_securemail_groups; } sub _group_secure_mail { return $_[0]->{'secure_mail'}; } +sub _securemail_groups { + return Bugzilla->dbh->selectcol_arrayref("SELECT name FROM groups WHERE secure_mail = 1") // []; +} + # We want to lazy-load the public_key. sub _user_public_key { my $self = shift; |