summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Bug.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/Bug.pm')
-rwxr-xr-xBugzilla/Bug.pm35
1 files changed, 20 insertions, 15 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 18f8316a9..e9c8bf2e9 100755
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -121,7 +121,6 @@ sub VALIDATORS {
commentprivacy => \&_check_commentprivacy,
deadline => \&_check_deadline,
estimated_time => \&_check_estimated_time,
- keywords => \&_check_keywords,
op_sys => \&_check_op_sys,
priority => \&_check_priority,
product => \&_check_product,
@@ -354,6 +353,8 @@ sub run_create_validators {
$params->{version} = $class->_check_version($product, $params->{version});
+ $params->{keywords} = $class->_check_keywords($product, $params->{keywords});
+
$params->{groups} = $class->_check_groups($product,
$params->{groups});
@@ -381,7 +382,7 @@ sub run_create_validators {
$params->{assigned_to}, $params->{qa_contact});
($params->{dependson}, $params->{blocked}) =
- $class->_check_dependencies($params->{dependson}, $params->{blocked});
+ $class->_check_dependencies($product, $params->{dependson}, $params->{blocked});
# You can't set these fields on bug creation (or sometimes ever).
delete $params->{resolution};
@@ -480,7 +481,7 @@ sub _check_assigned_to {
$name = trim($name);
# Default assignee is the component owner.
my $id;
- if (!$user->in_group("editbugs") || !$name) {
+ if (!$user->in_group('editbugs', $component->product_id) || !$name) {
$id = $component->default_assignee->id;
} else {
$id = login_to_id($name, THROW_ERROR);
@@ -508,7 +509,8 @@ sub _check_bug_status {
my @valid_statuses = VALID_ENTRY_STATUS;
- if ($user->in_group('editbugs') || $user->in_group('canconfirm')) {
+ if ($user->in_group('editbugs', $product->id)
+ || $user->in_group('canconfirm', $product->id)) {
# Default to NEW if the user with privs hasn't selected another status.
$status ||= 'NEW';
}
@@ -599,10 +601,10 @@ sub _check_deadline {
# Takes two comma/space-separated strings and returns arrayrefs
# of valid bug IDs.
sub _check_dependencies {
- my ($invocant, $depends_on, $blocks) = @_;
+ my ($invocant, $product, $depends_on, $blocks) = @_;
# Only editbugs users can set dependencies on bug entry.
- return ([], []) unless Bugzilla->user->in_group('editbugs');
+ return ([], []) unless Bugzilla->user->in_group('editbugs', $product->id);
$depends_on ||= '';
$blocks ||= '';
@@ -676,9 +678,10 @@ sub _check_groups {
}
sub _check_keywords {
- my ($invocant, $keyword_string) = @_;
+ my ($invocant, $product, $keyword_string) = @_;
$keyword_string = trim($keyword_string);
- return [] if (!$keyword_string || !Bugzilla->user->in_group('editbugs'));
+ return [] if (!$keyword_string
+ || !Bugzilla->user->in_group('editbugs', $product->id));
my %keywords;
foreach my $keyword (split(/[\s,]+/, $keyword_string)) {
@@ -801,7 +804,7 @@ sub _check_qa_contact {
$name = trim($name);
my $id;
- if (!$user->in_group("editbugs") || !$name) {
+ if (!$user->in_group('editbugs', $component->product_id) || !$name) {
# We want to insert NULL into the database if we get a 0.
$id = $component->default_qa_contact->id || undef;
} else {
@@ -1207,14 +1210,16 @@ sub user {
my $user = Bugzilla->user;
my $canmove = Bugzilla->params->{'move-enabled'} && $user->is_mover;
- my $unknown_privileges = $user->in_group("editbugs");
+ my $prod_id = $self->{'product_id'};
+
+ my $unknown_privileges = $user->in_group('editbugs', $prod_id);
my $canedit = $unknown_privileges
|| $user->id == $self->{assigned_to_id}
|| (Bugzilla->params->{'useqacontact'}
&& $self->{'qa_contact_id'}
&& $user->id == $self->{qa_contact_id});
my $canconfirm = $unknown_privileges
- || $user->in_group("canconfirm");
+ || $user->in_group('canconfirm', $prod_id);
my $isreporter = $user->id
&& $user->id == $self->{reporter_id};
@@ -1824,19 +1829,19 @@ sub check_can_change_field {
# $PrivilegesRequired = 2 : the assignee or an empowered user;
# $PrivilegesRequired = 3 : an empowered user.
- # Allow anyone with "editbugs" privs to change anything.
- if ($user->in_group('editbugs')) {
+ # Allow anyone with (product-specific) "editbugs" privs to change anything.
+ if ($user->in_group('editbugs', $self->{'product_id'})) {
return 1;
}
- # *Only* users with "canconfirm" privs can confirm bugs.
+ # *Only* users with (product-specific) "canconfirm" privs can confirm bugs.
if ($field eq 'canconfirm'
|| ($field eq 'bug_status'
&& $oldvalue eq 'UNCONFIRMED'
&& is_open_state($newvalue)))
{
$$PrivilegesRequired = 3;
- return $user->in_group('canconfirm');
+ return $user->in_group('canconfirm', $self->{'product_id'});
}
# Make sure that a valid bug ID has been given.