From 52c0a0a8426fd3fa17e876343588e8a22ef65344 Mon Sep 17 00:00:00 2001 From: Max Kanat-Alexander Date: Mon, 19 Apr 2010 11:33:17 -0700 Subject: Bug 560252: By default, users in editbugs should be in bz_canusewhines. (Make editbugs inherit bz_canusewhines when we create bz_canusewhines.) r=mkanat, a=mkanat (module owner) --- Bugzilla/Install.pm | 64 +++++++++++++++++++++++++++-------------------------- 1 file changed, 33 insertions(+), 31 deletions(-) (limited to 'Bugzilla/Install.pm') diff --git a/Bugzilla/Install.pm b/Bugzilla/Install.pm index 10804ab70..9c798ceb9 100644 --- a/Bugzilla/Install.pm +++ b/Bugzilla/Install.pm @@ -109,14 +109,25 @@ use constant SYSTEM_GROUPS => ( description => 'Can confirm a bug or mark it a duplicate' }, { - name => 'bz_canusewhines', - description => 'User can configure whine reports for self' + name => 'bz_canusewhineatothers', + description => 'Can configure whine reports for other users', + }, + { + name => 'bz_canusewhines', + description => 'User can configure whine reports for self', + # inherited_by means that users in the groups listed below are + # automatically members of bz_canusewhines. + inherited_by => ['editbugs', 'bz_canusewhineatothers'], }, { name => 'bz_sudoers', - description => 'Can perform actions as other users' + description => 'Can perform actions as other users', + }, + { + name => 'bz_sudo_protect', + description => 'Can not be impersonated by other users', + inherited_by => ['bz_sudoers'], }, - # There are also other groups created in update_system_groups. ); use constant DEFAULT_CLASSIFICATION => { @@ -154,38 +165,29 @@ sub update_settings { sub update_system_groups { my $dbh = Bugzilla->dbh; + $dbh->bz_start_transaction(); + # Create most of the system groups foreach my $definition (SYSTEM_GROUPS) { my $exists = new Bugzilla::Group({ name => $definition->{name} }); - $definition->{isbuggroup} = 0; - Bugzilla::Group->create($definition) unless $exists; - } - - # Certain groups need something done after they are created. We do - # that here. - - # Make sure people who can whine at others can also whine. - if (!new Bugzilla::Group({name => 'bz_canusewhineatothers'})) { - my $whineatothers = Bugzilla::Group->create({ - name => 'bz_canusewhineatothers', - description => 'Can configure whine reports for other users', - isbuggroup => 0 }); - my $whine = new Bugzilla::Group({ name => 'bz_canusewhines' }); - - $dbh->do('INSERT INTO group_group_map (grantor_id, member_id) - VALUES (?,?)', undef, $whine->id, $whineatothers->id); + if (!$exists) { + $definition->{isbuggroup} = 0; + my $inherited_by = delete $definition->{inherited_by}; + my $created = Bugzilla::Group->create($definition); + # Each group in inherited_by is automatically a member of this + # group. + if ($inherited_by) { + foreach my $name (@$inherited_by) { + my $member = Bugzilla::Group->check($name); + $dbh->do('INSERT INTO group_group_map (grantor_id, + member_id) VALUES (?,?)', + undef, $created->id, $member->id); + } + } + } } - # Make sure sudoers are automatically protected from being sudoed. - if (!new Bugzilla::Group({name => 'bz_sudo_protect'})) { - my $sudo_protect = Bugzilla::Group->create({ - name => 'bz_sudo_protect', - description => 'Can not be impersonated by other users', - isbuggroup => 0 }); - my $sudo = new Bugzilla::Group({ name => 'bz_sudoers' }); - $dbh->do('INSERT INTO group_group_map (grantor_id, member_id) - VALUES (?,?)', undef, $sudo_protect->id, $sudo->id); - } + $dbh->bz_commit_transaction(); } sub create_default_classification { -- cgit v1.2.3-24-g4f1b