diff options
-rw-r--r-- | Attachment.pm | 9 | ||||
-rw-r--r-- | Bugzilla/Attachment.pm | 9 | ||||
-rwxr-xr-x | attachment.cgi | 26 |
3 files changed, 40 insertions, 4 deletions
diff --git a/Attachment.pm b/Attachment.pm index 27d7fa2ca..322a3b2ba 100644 --- a/Attachment.pm +++ b/Attachment.pm @@ -65,6 +65,11 @@ sub query my ($bugid) = @_; my $in_editbugs = &::UserInGroup("editbugs"); + &::SendSQL("SELECT product_id + FROM bugs + WHERE bug_id = $bugid"); + my $productid = &::FetchOneColumn(); + my $caneditproduct = &::CanEditProductId($productid); # Retrieve a list of attachments for this bug and write them into an array # of hashes in which each hash represents a single attachment. @@ -88,8 +93,8 @@ sub query # ie the are the submitter, or they have canedit. # Also show the link if the user is not logged in - in that cae, # They'll be prompted later - $a{'canedit'} = ($::userid == 0 || $submitter_id == $::userid || - $in_editbugs); + $a{'canedit'} = ($::userid == 0 || (($submitter_id == $::userid || + $in_editbugs) && $caneditproduct)); push @attachments, \%a; } diff --git a/Bugzilla/Attachment.pm b/Bugzilla/Attachment.pm index 27d7fa2ca..322a3b2ba 100644 --- a/Bugzilla/Attachment.pm +++ b/Bugzilla/Attachment.pm @@ -65,6 +65,11 @@ sub query my ($bugid) = @_; my $in_editbugs = &::UserInGroup("editbugs"); + &::SendSQL("SELECT product_id + FROM bugs + WHERE bug_id = $bugid"); + my $productid = &::FetchOneColumn(); + my $caneditproduct = &::CanEditProductId($productid); # Retrieve a list of attachments for this bug and write them into an array # of hashes in which each hash represents a single attachment. @@ -88,8 +93,8 @@ sub query # ie the are the submitter, or they have canedit. # Also show the link if the user is not logged in - in that cae, # They'll be prompted later - $a{'canedit'} = ($::userid == 0 || $submitter_id == $::userid || - $in_editbugs); + $a{'canedit'} = ($::userid == 0 || (($submitter_id == $::userid || + $in_editbugs) && $caneditproduct)); push @attachments, \%a; } diff --git a/attachment.cgi b/attachment.cgi index 27c2c107c..5c3ce09ac 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -77,12 +77,14 @@ elsif ($action eq "enter") { confirm_login(); ValidateBugID($::FORM{'bugid'}); + validateCanChangeBug($::FORM{'bugid'}); enter(); } elsif ($action eq "insert") { confirm_login(); ValidateBugID($::FORM{'bugid'}); + validateCanChangeBug($::FORM{'bugid'}); ValidateComment($::FORM{'comment'}); validateFilename(); validateIsPatch(); @@ -105,6 +107,7 @@ elsif ($action eq "update") ValidateComment($::FORM{'comment'}); validateID(); validateCanEdit($::FORM{'id'}); + validateCanChangeAttachment($::FORM{'id'}); validateDescription(); validateIsPatch(); validateContentType() unless $::FORM{'ispatch'}; @@ -171,6 +174,29 @@ sub validateCanEdit || ThrowUserError("illegal_attachment_edit"); } +sub validateCanChangeAttachment +{ + my ($attachid) = @_; + SendSQL("SELECT product_id + FROM attachments, bugs + WHERE attach_id = $attachid + AND bugs.bug_id = attachments.bug_id"); + my $productid = FetchOneColumn(); + CanEditProductId($productid) + || ThrowUserError("illegal_attachment_edit"); +} + +sub validateCanChangeBug +{ + my ($bugid) = @_; + SendSQL("SELECT product_id + FROM bugs + WHERE bug_id = $bugid"); + my $productid = FetchOneColumn(); + CanEditProductId($productid) + || ThrowUserError("illegal_attachment_edit"); +} + sub validateDescription { $::FORM{'description'} |