summaryrefslogtreecommitdiffstats
path: root/Bugzilla/WebService
AgeCommit message (Collapse)AuthorFilesLines
2012-11-14merged with bugzilla/4.2Dave Lawrence4-8/+25
2012-11-13Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups ↵Frédéric Buclin2-6/+21
when using User.get() r=dkl a=LpSolit
2012-10-16Bug 577329 - WebServices should filter email addresses same as the web UI as ↵Dave Lawrence5-19/+29
users are not always required to login
2012-10-13Fix typoFrédéric Buclin1-1/+1
2012-10-12Bug 793826: Prevent private web service methods from being calledKoosha Khajeh Moogahi1-1/+3
r=dkl a=LpSolit
2012-08-31Merge from bugzilla/4.2Reed Loden1-2/+3
2012-08-03Bug 682317 - Bug.create is incorrectly documented as ignoring invalid ↵Koosha Khajeh Moogahi1-2/+3
fields; it should say it produces an error r=dkl, a=LpSolit
2012-07-31Bug 775056 - Add prefix to filter() and filter_wants()Frank Becker1-7/+17
2012-07-24Bug 697224 - Add methods to get a user's saved searches to the WebService ↵Koosha Khajeh Moogahi1-0/+43
(new "User.saved_searches" or add to User.get) r=dkl, a=LpSolit
2012-07-24Bug 520434 - Inconsistent naming of time fields (creation_time vs time)Koosha Khajeh Moogahi1-0/+10
r=dkl, a=LpSolit
2012-06-05merged with bugzilla/4.2Dave Lawrence1-0/+1
2012-05-24Bug 744691: Throw an error early when calling a method from a non-existent classByron Jones1-0/+1
r=dkl, a=LpSolit
2012-05-22Bug 756005: fix arecibo breaking xmlrpc errorsByron Jones1-1/+0
2012-04-13Bug 737850 - Bug.history and Bug.get use different field namesDave Lawrence1-3/+10
2012-03-30Bug 643681: add 'actual_time' to bug fields if user is timetracker; now with ↵frase1-0/+11
history
2012-03-30Bug 690879 - Webservice Bug.fields should include include keyword name and ↵Frank Becker1-3/+18
description as legal values
2012-03-28Bug 726193: add TryAutoLand extensionDave Lawrence1-0/+1
2012-03-28merged with bugzilla/4.0Dave Lawrence1-7/+3
2012-03-22Bug 733458: The "creator" argument is listed twice for the Bug.search ↵Matt Selsky1-7/+3
WebService method r/a=LpSolit
2012-02-29merged with bugzilla/4.2Dave Lawrence1-1/+4
2012-02-29Bug 731219: Fix XMLRPC breakage when content-type contains a charsetByron Jones1-1/+4
r=dkl, a=LpSolit
2012-02-24Bug 692507 - WebService API calls where appropriate should be using the ↵Dave Lawrence3-3/+24
shadow_db for read only operations r=glob, a=LpSolit
2012-02-24Bug 709944 - Expose groups of which a user is partDave Lawrence1-3/+51
r=glob, a=LpSolit
2012-02-24merged with bugzilla/4.2Dave Lawrence2-0/+16
2012-02-22Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵Dave Lawrence2-0/+16
API when using mod_perl r/a=LpSolit
2012-02-17merged with bugzilla/4.2Dave Lawrence2-16/+24
2012-02-15Bug 724464 - JSON-RPC support shouldn't require SOAP::LiteDave Lawrence1-0/+14
r/a=LpSolit
2012-02-14Bug 714343 - Add ability to get flag information for bugs and attachments ↵Dave Lawrence1-4/+116
via the web service r=glob, r=LpSolit
2012-02-14Bug 727240: The POD for Bug.attachments is wrong about the format of the ↵Frédéric Buclin1-16/+10
returned data r=dkl a=LpSolit
2012-01-31merged with bugzilla/4.2Dave Lawrence2-18/+42
2012-01-31(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵Frédéric Buclin1-1/+13
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319
2012-01-31Bug 714446: Product.create default behavior is broken and inconsistent with PODFrédéric Buclin1-17/+29
r=dkl a=LpSolit
2012-01-09merge with bugzilla/4.2Dave Lawrence1-1/+12
2012-01-09merge with bugzilla/4.2Dave Lawrence2-19/+8
2012-01-05Bug 706753: Bugzilla will not work with newest version of JSON::RPC 1.01 due ↵Frédéric Buclin1-1/+12
to non-backward compatibility r=dkl r=mkanat a=LpSolit
2011-12-28Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email ↵Frédéric Buclin2-19/+8
WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account r=dkl a=LpSolit
2011-12-08merged with bugzilla/4.2Dave Lawrence1-2/+5
2011-12-06Bug 657290: Bug.add_attachment() stores truncated timestamps in the DB ↵Frédéric Buclin1-1/+4
(seconds are missing) r=dkl a=mkanat
2011-12-05Bug 692354: Incorrect parameter type in WebServices documentation for ↵Matt Selsky1-1/+1
Bug.add_comment r/a=mkanat
2011-10-18merged with bugzilla/4.2David Lawrence2-18/+3
2011-10-15Bug 689862: Fix Product.get to only return the Classification name,Tiago Mello1-17/+2
instead of all the classification info. r/a=LpSolit
2011-10-15Bug 691243: Fix typoMatt Selsky1-1/+1
r/a=LpSolit
2011-10-05more porting workDavid Lawrence2-2/+49
2011-09-27Bug 655652: Remove "internals" field from Product.getFrédéric Buclin1-9/+35
r=glob a=LpSolit
2011-09-18Fix typo in commentsFrédéric Buclin1-2/+2
2011-09-16Fix typo in PODFrédéric Buclin1-2/+2
2011-08-04Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵Frédéric Buclin1-2/+1
creating or editing a bug r=mkanat a=LpSolit
2011-07-20Bug 600810: Use XMLRPC::Transport::HTTP:Apache as base class under mod_perlTeemu Mannermaa1-1/+5
r/a=mkanat
2011-07-05Bug 658929 - User autocomplete is very slow when there are lots of users in ↵David Lawrence1-2/+2
the profiles table r/a=mkanat
2011-05-17Bug 655229: Adds components, versions and milestones to Product.get Byron Jones2-36/+233
r=mkanat, a=mkanat