From 672d71471ee2ddae6005a9259789899c41264823 Mon Sep 17 00:00:00 2001 From: "travis%sedsystems.ca" <> Date: Thu, 10 Mar 2005 00:18:03 +0000 Subject: Bug 282574 : use the new "auth_failure" error message for all authentication failures Patch by Frederic Buclin r=travis, wurblzap a=myk --- attachment.cgi | 7 +++-- buglist.cgi | 5 +++- doeditparams.cgi | 10 +++---- quips.cgi | 7 +++-- sanitycheck.cgi | 4 ++- template/en/default/global/user-error.html.tmpl | 37 +++++++++++-------------- 6 files changed, 35 insertions(+), 35 deletions(-) diff --git a/attachment.cgi b/attachment.cgi index 64e30f64a..5e4c520f5 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -204,9 +204,10 @@ sub validateID # Make sure the user is authorized to access this attachment's bug. ($bugid, my $isprivate) = FetchSQLData(); ValidateBugID($bugid); - if (($isprivate > 0 ) && Param("insidergroup") && - !(UserInGroup(Param("insidergroup")))) { - ThrowUserError("attachment_access_denied"); + if ($isprivate && Param("insidergroup")) { + UserInGroup(Param("insidergroup")) + || ThrowUserError("auth_failure", {action => "access", + object => "attachment"}); } # XXX shim code, kill $::FORM diff --git a/buglist.cgi b/buglist.cgi index 5eadd906e..18ccde0d7 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -73,7 +73,10 @@ my $dotweak = $::FORM{'tweak'} ? 1 : 0; # Log the user in if ($dotweak) { Bugzilla->login(LOGIN_REQUIRED); - UserInGroup("editbugs") || ThrowUserError("insufficient_privs_for_multi"); + UserInGroup("editbugs") + || ThrowUserError("auth_failure", {group => "editbugs", + action => "modify", + object => "multiple_bugs"}); GetVersionTable(); } else { diff --git a/doeditparams.cgi b/doeditparams.cgi index 679bd74e3..099b98404 100755 --- a/doeditparams.cgi +++ b/doeditparams.cgi @@ -37,12 +37,10 @@ my $cgi = Bugzilla->cgi; print $cgi->header(); -if (!UserInGroup("tweakparams")) { - print "

Sorry, you aren't a member of the 'tweakparams' group.

\n"; - print "And so, you aren't allowed to edit the parameters.\n"; - PutFooter(); - exit; -} +UserInGroup("tweakparams") + || ThrowUserError("auth_failure", {group => "tweakparams", + action => "modify", + object => "parameters"}); PutHeader("Saving new parameters"); diff --git a/quips.cgi b/quips.cgi index 0e0c13d08..dc0106450 100755 --- a/quips.cgi +++ b/quips.cgi @@ -119,9 +119,10 @@ if ($action eq 'approve') { } if ($action eq "delete") { - if (!UserInGroup('admin')) { - ThrowUserError("quips_edit_denied"); - } + UserInGroup("admin") + || ThrowUserError("auth_failure", {group => "admin", + action => "delete", + object => "quips"}); my $quipid = $cgi->param("quipid"); ThrowCodeError("need_quipid") unless $quipid =~ /(\d+)/; $quipid = $1; diff --git a/sanitycheck.cgi b/sanitycheck.cgi index 63ddf181f..30a07be5b 100755 --- a/sanitycheck.cgi +++ b/sanitycheck.cgi @@ -82,7 +82,9 @@ my $dbh = Bugzilla->dbh; # prevents users with a legitimate interest in Bugzilla integrity # from accessing the script). UserInGroup("editbugs") - || ThrowUserError("sanity_check_access_denied"); + || ThrowUserError("auth_failure", {group => "editbugs", + action => "run", + object => "sanity_check"}); print "Content-type: text/html\n"; print "\n"; diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index fffcdf4c4..2d992dfce 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -17,7 +17,7 @@ # Rights Reserved. # # Contributor(s): Gervase Markham - # Frédéric Buclin + # Frédéric Buclin #%] [%# INTERFACE: @@ -113,8 +113,10 @@ [% END %] [% END %] - and so you aren't allowed to - [% IF action == "add" %] + [% IF group || reason %] and so [% END %] you are not authorized to + [% IF action == "access" %] + access + [% ELSIF action == "add" %] add new [% ELSIF action == "modify" %] modify @@ -122,13 +124,17 @@ delete [% ELSIF action == "edit" %] add, modify or delete + [% ELSIF action == "run" %] + run [% ELSIF action == "schedule" %] schedule [% ELSIF action == "use" %] use [% END %] - [% IF object == "charts" %] + [% IF object == "attachment" %] + this attachment + [% ELSIF object == "charts" %] the "New Charts" feature [% ELSIF object == "classifications" %] classifications @@ -142,12 +148,18 @@ keywords [% ELSIF object == "milestones" %] milestones + [% ELSIF object == "multiple_bugs" %] + multiple [% terms.bugs %] at once [% ELSIF object == "parameters" %] parameters [% ELSIF object == "products" %] products + [% ELSIF object == "quips" %] + quips [% ELSIF object == "reports" %] whine reports + [% ELSIF object == "sanity_check" %] + a sanity check [% ELSIF object == "user" %] the user you specified [% ELSIF object == "users" %] @@ -156,10 +168,6 @@ versions [% END %]. - [% ELSIF error == "attachment_access_denied" %] - [% title = "Access Denied" %] - You are not authorized to access this attachment. - [% ELSIF error == "attachment_removed" %] [% title = "Attachment Removed" %] The attachment you are attempting to access has been removed. @@ -548,11 +556,6 @@ [% ELSIF error == "insufficient_data_points" %] We don't have enough data points to make a graph (yet). - [% ELSIF error == "insufficient_privs_for_multi" %] - [% title = "Insufficient Privileges" %] - Sorry, you do not have sufficient privileges to edit multiple - [% terms.bugs %]. - [% ELSIF error == "invalid_attach_id" %] [% title = "Invalid Attachment ID" %] The attachment id [% attach_id FILTER html %] is invalid. @@ -918,10 +921,6 @@ [% title = "Quips Disabled" %] Quips are disabled. - [% ELSIF error == "quips_edit_denied" %] - [% title = "Permission Denied" %] - You do not have permission to edit quips. - [% ELSIF error == "reassign_to_empty" %] [% title = "Illegal Reassignment" %] To reassign [% terms.abug %], you must provide an address for @@ -945,10 +944,6 @@ [% title = "Summary Needed" %] You must enter a summary for this [% terms.bug %]. - [% ELSIF error == "sanity_check_access_denied" %] - [% title = "Access Denied" %] - You do not have the permissions necessary to run a sanity check. - [% ELSIF error == "search_content_without_matches" %] [% title = "Illegal Search" %] The "content" field can only be used with "matches" search -- cgit v1.2.3-24-g4f1b