From f9a3ffafb2ede01b80eb18d30521e03741f4f005 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Fri, 18 Dec 2015 12:52:18 +0100
Subject: Bug 1232190: FlagType.create should require the user to be logged in
 r=dkl

---
 Bugzilla/API/1_0/Resource/FlagType.pm | 10 +++-------
 Bugzilla/WebService/FlagType.pm       | 10 +++-------
 2 files changed, 6 insertions(+), 14 deletions(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/API/1_0/Resource/FlagType.pm b/Bugzilla/API/1_0/Resource/FlagType.pm
index 702b4d4ec..969a59532 100644
--- a/Bugzilla/API/1_0/Resource/FlagType.pm
+++ b/Bugzilla/API/1_0/Resource/FlagType.pm
@@ -114,11 +114,9 @@ sub get {
 
 sub create {
     my ($self, $params) = @_;
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
 
-    my $dbh = Bugzilla->dbh;
-    my $user = Bugzilla->user;
-
-    Bugzilla->user->in_group('editcomponents')
+    $user->in_group('editcomponents')
         || scalar(@{$user->get_products_by_permission('editcomponents')})
         || ThrowUserError("auth_failure", { group => "editcomponents",
                                          action => "add",
@@ -174,11 +172,9 @@ sub create {
 
 sub update {
     my ($self, $params) = @_;
-
     my $dbh = Bugzilla->dbh;
-    my $user = Bugzilla->user;
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
 
-    Bugzilla->login(LOGIN_REQUIRED);
     $user->in_group('editcomponents')
         || scalar(@{$user->get_products_by_permission('editcomponents')})
         || ThrowUserError("auth_failure", { group  => "editcomponents",
diff --git a/Bugzilla/WebService/FlagType.pm b/Bugzilla/WebService/FlagType.pm
index 9723d4735..9d7cce037 100644
--- a/Bugzilla/WebService/FlagType.pm
+++ b/Bugzilla/WebService/FlagType.pm
@@ -61,11 +61,9 @@ sub get {
 
 sub create {
     my ($self, $params) = @_;
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
 
-    my $dbh = Bugzilla->dbh;
-    my $user = Bugzilla->user;
-
-    Bugzilla->user->in_group('editcomponents')
+    $user->in_group('editcomponents')
         || scalar(@{$user->get_products_by_permission('editcomponents')})
         || ThrowUserError("auth_failure", { group => "editcomponents",
                                          action => "add",
@@ -121,11 +119,9 @@ sub create {
 
 sub update {
     my ($self, $params) = @_;
-
     my $dbh = Bugzilla->dbh;
-    my $user = Bugzilla->user;
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
 
-    Bugzilla->login(LOGIN_REQUIRED);
     $user->in_group('editcomponents')
         || scalar(@{$user->get_products_by_permission('editcomponents')})
         || ThrowUserError("auth_failure", { group  => "editcomponents",
-- 
cgit v1.2.3-24-g4f1b