From dfc10cdfddc44043543b9cfdcbe915d158056678 Mon Sep 17 00:00:00 2001
From: Dave Lawrence <dlawrence@mozilla.com>
Date: Tue, 17 Sep 2013 13:56:40 -0400
Subject: Bug 916955 - Ember.show API doesn't error if an invalid token is
 provided

---
 extensions/Ember/lib/WebService.pm | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'extensions/Ember/lib')

diff --git a/extensions/Ember/lib/WebService.pm b/extensions/Ember/lib/WebService.pm
index bb4e5f8ad..4f7a0c713 100644
--- a/extensions/Ember/lib/WebService.pm
+++ b/extensions/Ember/lib/WebService.pm
@@ -114,6 +114,12 @@ sub show {
 
     Bugzilla->switch_to_shadow_db();
 
+    # Throw error if token was provided and user is not logged
+    # in meaning token was invalid/expired.
+    if (exists $params->{token} && !Bugzilla->user->id) {
+        ThrowUserError('invalid_token');
+    }
+
     my $bug_id = delete $params->{id};
     $bug_id || ThrowCodeError('params_required',
                               { function => 'Ember.show', params => ['id'] });
-- 
cgit v1.2.3-24-g4f1b