From d758e50afca7d94da0510c76eccbb81567315a82 Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Wed, 17 Feb 2010 16:00:52 -0600
Subject: Bug 537887 - "The flag setter should be able to unset a flag even if
 not in the request group" [r=LpSolit a=LpSolit]

---
 Bugzilla/Flag.pm | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'Bugzilla/Flag.pm')

diff --git a/Bugzilla/Flag.pm b/Bugzilla/Flag.pm
index 4f042cb74..90944a2a8 100644
--- a/Bugzilla/Flag.pm
+++ b/Bugzilla/Flag.pm
@@ -731,10 +731,12 @@ sub _check_setter {
 
     # Make sure the user is authorized to modify flags, see bug 180879:
     # - The flag exists and is unchanged.
+    # - The flag setter can unset flag.
     # - Users in the request_group can clear pending requests and set flags
     #   and can rerequest set flags.
     # - Users in the grant_group can set/clear flags, including "+" and "-".
     unless (($status eq $self->{_old_status})
+            || ($status eq 'X' && $setter->id == Bugzilla->user->id)
             || (($status eq 'X' || $status eq '?')
                 && $setter->can_request_flag($self->type))
             || $setter->can_set_flag($self->type))
-- 
cgit v1.2.3-24-g4f1b