summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Constants.pm2
-rw-r--r--Bugzilla/Hook.pm6
-rw-r--r--Bugzilla/Template.pm32
-rw-r--r--Bugzilla/User.pm2
4 files changed, 26 insertions, 16 deletions
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index d0770cf73..efa1cde4e 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -202,7 +202,7 @@ use Memoize;
# CONSTANTS
#
# Bugzilla version
-use constant BUGZILLA_VERSION => "4.2.1+";
+use constant BUGZILLA_VERSION => "4.2.2+";
# Location of the remote and local XML files to track new releases.
use constant REMOTE_FILE => 'http://updates.bugzilla.org/bugzilla-update.xml';
diff --git a/Bugzilla/Hook.pm b/Bugzilla/Hook.pm
index da17946c0..c658989a0 100644
--- a/Bugzilla/Hook.pm
+++ b/Bugzilla/Hook.pm
@@ -426,6 +426,12 @@ Sometimes this is C<undef>, meaning that we are parsing text that is
not a bug comment (but could still be some other part of a bug, like
the summary line).
+=item C<user>
+
+The L<Bugzilla::User> object representing the user who will see the text.
+This is useful to determine how much confidential information can be displayed
+to the user.
+
=back
=head2 buglist_columns
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 870053b46..245d881d3 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -153,8 +153,9 @@ sub get_format {
# If you want to modify this routine, read the comments carefully
sub quoteUrls {
- my ($text, $bug, $comment) = (@_);
+ my ($text, $bug, $comment, $user) = @_;
return $text unless $text;
+ $user ||= Bugzilla->user;
# We use /g for speed, but uris can have other things inside them
# (http://foo/bug#3 for example). Filtering that out filters valid
@@ -184,7 +185,7 @@ sub quoteUrls {
my @hook_regexes;
Bugzilla::Hook::process('bug_format_comment',
{ text => \$text, bug => $bug, regexes => \@hook_regexes,
- comment => $comment });
+ comment => $comment, user => $user });
foreach my $re (@hook_regexes) {
my ($match, $replace) = @$re{qw(match replace)};
@@ -206,7 +207,7 @@ sub quoteUrls {
map { qr/$_/ } grep($_, Bugzilla->params->{'urlbase'},
Bugzilla->params->{'sslbase'})) . ')';
$text =~ s~\b(${urlbase_re}\Qshow_bug.cgi?id=\E([0-9]+)(\#c([0-9]+))?)\b
- ~($things[$count++] = get_bug_link($3, $1, { comment_num => $5 })) &&
+ ~($things[$count++] = get_bug_link($3, $1, { comment_num => $5, user => $user })) &&
("\0\0" . ($count-1) . "\0\0")
~egox;
@@ -236,7 +237,7 @@ sub quoteUrls {
# attachment links
# BMO: Bug 652332 dkl@mozilla.com 2011-07-20
$text =~ s~\b(attachment\s*\#?\s*(\d+)(?:\s+\[diff\])?(?:\s+\[details\])?)
- ~($things[$count++] = get_attachment_link($2, $1)) &&
+ ~($things[$count++] = get_attachment_link($2, $1, $user)) &&
("\0\0" . ($count-1) . "\0\0")
~egmxi;
@@ -253,7 +254,7 @@ sub quoteUrls {
$text =~ s~\b($bug_re(?:\s*,?\s*$comment_re)?|$comment_re)
~ # We have several choices. $1 here is the link, and $2-4 are set
# depending on which part matched
- (defined($2) ? get_bug_link($2, $1, { comment_num => $3 }) :
+ (defined($2) ? get_bug_link($2, $1, { comment_num => $3, user => $user }) :
"<a href=\"$current_bugurl#c$4\">$1</a>")
~egox;
@@ -262,7 +263,7 @@ sub quoteUrls {
$text =~ s~(?<=^\*\*\*\ This\ bug\ has\ been\ marked\ as\ a\ duplicate\ of\ )
(\d+)
(?=\ \*\*\*\Z)
- ~get_bug_link($1, $1)
+ ~get_bug_link($1, $1, { user => $user })
~egmx;
# Now remove the encoding hacks in reverse order
@@ -276,15 +277,18 @@ sub quoteUrls {
# Creates a link to an attachment, including its title.
sub get_attachment_link {
- my ($attachid, $link_text) = @_;
+ my ($attachid, $link_text, $user) = @_;
my $dbh = Bugzilla->dbh;
+ $user ||= Bugzilla->user;
my $attachment = new Bugzilla::Attachment($attachid);
if ($attachment) {
my $title = "";
my $className = "";
- if (Bugzilla->user->can_see_bug($attachment->bug_id)) {
+ if ($user->can_see_bug($attachment->bug_id)
+ && (!$attachment->isprivate || $user->is_insider))
+ {
$title = $attachment->description;
}
if ($attachment->isobsolete) {
@@ -326,6 +330,7 @@ sub get_attachment_link {
sub get_bug_link {
my ($bug, $link_text, $options) = @_;
$options ||= {};
+ $options->{user} ||= Bugzilla->user;
my $dbh = Bugzilla->dbh;
if (defined $bug) {
@@ -714,10 +719,10 @@ sub create {
clean_text => \&Bugzilla::Util::clean_text ,
quoteUrls => [ sub {
- my ($context, $bug, $comment) = @_;
+ my ($context, $bug, $comment, $user) = @_;
return sub {
my $text = shift;
- return quoteUrls($text, $bug, $comment);
+ return quoteUrls($text, $bug, $comment, $user);
};
},
1
@@ -733,10 +738,9 @@ sub create {
1
],
- bug_list_link => sub
- {
- my $buglist = shift;
- return join(", ", map(get_bug_link($_, $_), split(/ *, */, $buglist)));
+ bug_list_link => sub {
+ my ($buglist, $options) = @_;
+ return join(", ", map(get_bug_link($_, $_, $options), split(/ *, */, $buglist)));
},
# In CSV, quotes are doubled, and any value containing a quote or a
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 60dbb5f83..9d736d585 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1079,7 +1079,7 @@ sub get_accessible_products {
@{$self->get_selectable_products},
@{$self->get_enterable_products};
- return [ values %products ];
+ return [ sort { $a->name cmp $b->name } values %products ];
}
sub check_can_admin_product {