From 8c3fdaa797bc941aeb07ec8dc36361d6f34ccc98 Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Sun, 14 Oct 2018 15:06:18 -0400 Subject: add a default security group --- Bugzilla/Config/GroupSecurity.pm | 2 +- Bugzilla/Install.pm | 15 +++++++++++++-- extensions/BMO/Extension.pm | 37 ++++++++++++++++++++----------------- 3 files changed, 34 insertions(+), 20 deletions(-) diff --git a/Bugzilla/Config/GroupSecurity.pm b/Bugzilla/Config/GroupSecurity.pm index f6f824098..1739642db 100644 --- a/Bugzilla/Config/GroupSecurity.pm +++ b/Bugzilla/Config/GroupSecurity.pm @@ -34,7 +34,7 @@ sub get_param_list { name => 'insidergroup', type => 's', choices => \&get_all_group_names, - default => '', + default => 'bz_insiders', checker => \&check_group }, diff --git a/Bugzilla/Install.pm b/Bugzilla/Install.pm index 705a8396c..64fc1580c 100644 --- a/Bugzilla/Install.pm +++ b/Bugzilla/Install.pm @@ -257,6 +257,17 @@ use constant SYSTEM_GROUPS => ( name => 'bz_can_disable_mfa', description => 'Can disable MFA when editing users', }, + { + use_for_bugs => 1, + name => 'bz_private', + description => 'Private Bug', + inherited_by => ['bz_insiders'], + }, + { + name => 'bz_insiders', + description => + 'Can see private attachments, comments, and bugs (for bugs in bz_private)', + }, ); use constant DEFAULT_CLASSIFICATION => @@ -311,8 +322,8 @@ sub update_system_groups { foreach my $definition (SYSTEM_GROUPS) { my $exists = new Bugzilla::Group({name => $definition->{name}}); if (!$exists) { - $definition->{isbuggroup} = 0; - $definition->{silently} = !$editbugs_exists; + $definition->{isbuggroup} = delete $definition->{use_for_bugs} // 0, + $definition->{silently} = !$editbugs_exists; my $inherited_by = delete $definition->{inherited_by}; my $created = Bugzilla::Group->create($definition); diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index f4fb6fa32..81b5bd8c4 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -29,6 +29,7 @@ use warnings; use base qw(Bugzilla::Extension); +use Bugzilla::Logging; use Bugzilla::Bug; use Bugzilla::BugMail; use Bugzilla::Config::Common qw(check_group get_all_group_names); @@ -178,7 +179,7 @@ sub template_before_process { } if ($file =~ /^admin\/products\/(create|edit)\./) { - my $product = $vars->{product}; + my $product = $vars->{product}; my $security_groups = Bugzilla::Group->match({isbuggroup => 1, isactive => 1}); if ($product) { @@ -367,7 +368,7 @@ sub format_bounty_attachment_description { sub parse_bounty_attachment_description { my ($desc) = @_; - my %map = (true => 1, false => 0); + my %map = (true => 1, false => 0); my $date = qr/\d{4}-\d{2}-\d{2}/; $desc =~ m! ^ @@ -383,12 +384,12 @@ sub parse_bounty_attachment_description { return { reporter_email => $+{reporter_email} // '', - amount_paid => $+{amount_paid} // '', - reported_date => $+{reported_date} // '', - fixed_date => $+{fixed_date} // '', - awarded_date => $+{awarded_date} // '', - publish => $map{$+{publish} // 'false'}, - credit => [grep {$_} split(/\s*,\s*/, $+{credits})] + amount_paid => $+{amount_paid} // '', + reported_date => $+{reported_date} // '', + fixed_date => $+{fixed_date} // '', + awarded_date => $+{awarded_date} // '', + publish => $map{$+{publish} // 'false'}, + credit => [grep {$_} split(/\s*,\s*/, $+{credits})] }; } @@ -962,7 +963,7 @@ sub _bug_reporters_hw_os { my ($self) = @_; return $self->{ua_hw_os} if exists $self->{ua_hw_os}; my $memcached = Bugzilla->memcached; - my $hw_os = $memcached->get({key => 'bug.ua.' . $self->id}); + my $hw_os = $memcached->get({key => 'bug.ua.' . $self->id}); if (!$hw_os) { (my $ua) = Bugzilla->dbh->selectrow_array( @@ -1026,7 +1027,7 @@ sub _bug_missing_sec_approval { return 0 unless @$flags; my $nightly = last_value { $_->name !~ /_esr\d+$/ } @$flags; - my $set = 0; + my $set = 0; foreach my $flag (@$flags) { my $value = $flag->bug_flag($self->id)->value; next if $value eq '---'; @@ -1943,7 +1944,7 @@ sub _fix_encoding { return if $part->parts > 1; # nothing to do if the part already has a charset - my $ct = parse_content_type($part->content_type); + my $ct = parse_content_type($part->content_type); my $charset = $ct->{attributes}{charset} ? $ct->{attributes}{charset} : ''; return unless !$charset || $charset eq 'us-ascii'; @@ -2204,7 +2205,7 @@ sub _post_dev_engagement { # be pasted directly into google docs. my $values = html_quote(join("\t", @attach_values)); - my $data = < @@ -2638,10 +2639,12 @@ sub _default_security_group { } sub _default_security_group_obj { - my $group_id = $_[0]->{security_group_id}; + my ($self) = @_; + my $group_id = $self->{security_group_id}; if (!$group_id) { - return Bugzilla::Group->new( - {name => Bugzilla->params->{insidergroup}, cache => 1}); + WARN(sprintf "%s (%d) lacks a default security_group_id", + $self->name, $self->id); + return Bugzilla::Group->check({name => 'bz_private', cache => 1}); } return Bugzilla::Group->new({id => $group_id, cache => 1}); } @@ -2758,7 +2761,7 @@ sub bug_comments { my $can_delete = Bugzilla->user->in_group(Bugzilla->params->{delete_comments_group}); my $comments = $args->{comments}; - my @deleted = grep { $_->has_tag('deleted') } @$comments; + my @deleted = grep { $_->has_tag('deleted') } @$comments; while (my $comment = pop @deleted) { for (my $i = scalar(@$comments) - 1; $i >= 0; $i--) { if ($comment == $comments->[$i]) { @@ -2780,7 +2783,7 @@ sub bug_comments { sub _split_crash_signature { my ($self, $vars) = @_; - my $bug = $vars->{bug} // return; + my $bug = $vars->{bug} // return; my $crash_signature = $bug->cf_crash_signature // return; return [grep {/\S/} extract_multiple($crash_signature, [sub { extract_bracketed($_[0], '[]') }])]; -- cgit v1.2.3-24-g4f1b