From fb8598cd25fb5dfeecde63662079d92116a2d647 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Sat, 21 Jan 2006 21:48:56 +0000
Subject: Bug 323955: Deleting a group incorrectly checks for user group
 membership (miss group inheritance) - Patch by Frédéric Buclin
 <LpSolit@gmail.com> r=joel a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 editgroups.cgi | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

(limited to 'editgroups.cgi')

diff --git a/editgroups.cgi b/editgroups.cgi
index 92cd475c3..617260230 100755
--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -32,6 +32,7 @@ use lib ".";
 use Bugzilla;
 use Bugzilla::Constants;
 use Bugzilla::Group;
+use Bugzilla::User;
 require "globals.pl";
 
 my $cgi = Bugzilla->cgi;
@@ -338,10 +339,12 @@ if ($action eq 'del') {
         ThrowUserError("system_group_not_deletable", { name => $name });
     }
 
-    my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map 
-                                          WHERE group_id = ? AND isbless = 0 ' .
-                                          $dbh->sql_limit(1),
-                                          undef, $gid) || 0;
+    # Group inheritance no longer appears in user_group_map.
+    my $grouplist = join(',', @{Bugzilla::User->flatten_group_membership($gid)});
+    my $hasusers =
+        $dbh->selectrow_array("SELECT 1 FROM user_group_map
+                               WHERE group_id IN ($grouplist) AND isbless = 0 " .
+                               $dbh->sql_limit(1)) || 0;
 
     my $bug_ids = $dbh->selectcol_arrayref('SELECT bug_id FROM bug_group_map
                                             WHERE group_id = ?', undef, $gid);
@@ -391,10 +394,13 @@ if ($action eq 'delete') {
 
     my $cantdelete = 0;
 
-    my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map 
-                                          WHERE group_id = ? AND isbless = 0 ' .
-                                          $dbh->sql_limit(1),
-                                          undef, $gid) || 0;
+    # Group inheritance no longer appears in user_group_map.
+    my $grouplist = join(',', @{Bugzilla::User->flatten_group_membership($gid)});
+    my $hasusers =
+        $dbh->selectrow_array("SELECT 1 FROM user_group_map
+                               WHERE group_id IN ($grouplist) AND isbless = 0 " .
+                               $dbh->sql_limit(1)) || 0;
+
     if ($hasusers && !defined $cgi->param('removeusers')) {
         $cantdelete = 1;
     }
-- 
cgit v1.2.3-24-g4f1b