From 01503e37e5415702b30e0fe8ff58c31d69e404a0 Mon Sep 17 00:00:00 2001 From: "justdave%syndicomm.com" <> Date: Mon, 13 Aug 2001 07:46:18 +0000 Subject: Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people. Patch by Myk Melez r= justdave@syndicomm.com --- process_bug.cgi | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'process_bug.cgi') diff --git a/process_bug.cgi b/process_bug.cgi index 511150911..020e92739 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -529,6 +529,35 @@ if (defined $::FORM{'qa_contact'}) { + +# If the user is submitting changes from show_bug.cgi for a single bug +# and they have access to an active bug group, process the flags that +# indicate whether or not the reporter, assignee, QA contact, and users +# on the CC list can see the bug regardless of its group restrictions. +if ( $::FORM{'id'} ) { + SendSQL("SELECT bit FROM groups WHERE bit & $::usergroupset != 0 + AND isbuggroup != 0 AND isactive = 1"); + my ($groupbits) = FetchSQLData(); + if ( $groupbits ) { + DoComma(); + $::FORM{'reporter_accessible'} = $::FORM{'reporter_accessible'} ? '1' : '0'; + $::query .= "reporter_accessible = $::FORM{'reporter_accessible'}"; + + DoComma(); + $::FORM{'assignee_accessible'} = $::FORM{'assignee_accessible'} ? '1' : '0'; + $::query .= "assignee_accessible = $::FORM{'assignee_accessible'}"; + + DoComma(); + $::FORM{'qacontact_accessible'} = $::FORM{'qacontact_accessible'} ? '1' : '0'; + $::query .= "qacontact_accessible = $::FORM{'qacontact_accessible'}"; + + DoComma(); + $::FORM{'cclist_accessible'} = $::FORM{'cclist_accessible'} ? '1' : '0'; + $::query .= "cclist_accessible = $::FORM{'cclist_accessible'}"; + } +} + + my $removedCcString = ""; my $duplicate = 0; -- cgit v1.2.3-24-g4f1b