summaryrefslogtreecommitdiffstats
path: root/editusers.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-xeditusers.cgi8
1 files changed, 6 insertions, 2 deletions
diff --git a/editusers.cgi b/editusers.cgi
index 86e2cf424..facb46600 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -37,10 +37,10 @@ my $user = Bugzilla->login(LOGIN_REQUIRED);
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template;
-my $vars = {};
my $dbh = Bugzilla->dbh;
my $userid = $user->id;
my $editusers = $user->in_group('editusers');
+local our $vars = {};
# Reject access if there is no sense in continuing.
$editusers
@@ -778,6 +778,7 @@ sub check_user {
# Copy incoming list selection values from CGI params to template variables.
sub mirrorListSelectionValues {
+ my $cgi = Bugzilla->cgi;
if (defined($cgi->param('matchtype'))) {
foreach ('matchvalue', 'matchstr', 'matchtype', 'grouprestrict', 'groupid') {
$vars->{'listselectionvalues'}{$_} = $cgi->param($_);
@@ -791,6 +792,7 @@ sub userDataToVars {
my $otheruserid = shift;
my $otheruser = new Bugzilla::User($otheruserid);
my $query;
+ my $user = Bugzilla->user;
my $dbh = Bugzilla->dbh;
my $grouplist = $otheruser->groups_as_string;
@@ -846,8 +848,10 @@ sub userDataToVars {
sub edit_processing {
my $otherUser = shift;
+ my $user = Bugzilla->user;
+ my $template = Bugzilla->template;
- $editusers || $user->can_see_user($otherUser)
+ $user->in_group('editusers') || $user->can_see_user($otherUser)
|| ThrowUserError('auth_failure', {reason => "not_visible",
action => "modify",
object => "user"});