From c33b4eb31dbf095c98bf5bf8950e114b80273f08 Mon Sep 17 00:00:00 2001
From: "olav%bkor.dhs.org" <>
Date: Mon, 23 Oct 2006 05:41:40 +0000
Subject: Bug 121576: fields should not be editable when viewing a bug if the
 user is not logged in Patch by Olav Vitters <olav@bkor.dhs.org> r=LpSolit
 a=justdave

---
 Bugzilla/Bug.pm | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

(limited to 'Bugzilla/Bug.pm')

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 597d52f53..afb8c567a 100755
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -1192,14 +1192,7 @@ sub user {
     my $user = Bugzilla->user;
     my $canmove = Bugzilla->params->{'move-enabled'} && $user->is_mover;
 
-    # In the below, if the person hasn't logged in, then we treat them
-    # as if they can do anything.  That's because we don't know why they
-    # haven't logged in; it may just be because they don't use cookies.
-    # Display everything as if they have all the permissions in the
-    # world; their permissions will get checked when they log in and
-    # actually try to make the change.
-    my $unknown_privileges = !$user->id
-                             || $user->in_group("editbugs");
+    my $unknown_privileges = $user->in_group("editbugs");
     my $canedit = $unknown_privileges
                   || $user->id == $self->{assigned_to_id}
                   || (Bugzilla->params->{'useqacontact'}
-- 
cgit v1.2.3-24-g4f1b