From 59578066a51ec9ef902e9a164d892d5d7e2a34ce Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Mon, 8 May 2006 07:18:55 +0000 Subject: Bug 337026: Users with no privs cannot edit bugs anymore (if being logged out first) - Patch by Frédéric Buclin r/a=justdave MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- process_bug.cgi | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'process_bug.cgi') diff --git a/process_bug.cgi b/process_bug.cgi index 9ef459bec..8e93e3f09 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -838,6 +838,26 @@ sub ChangeResolution { if (!$cgi->param('dontchange') || $str ne $cgi->param('dontchange')) { + # Make sure the user is allowed to change the resolution. + # If the user is changing several bugs at once using the UI, + # then he has enough privs to do so. In the case he is hacking + # the URL, we don't care if he reads --UNKNOWN-- as a resolution + # in the error message. + my $old_resolution = '-- UNKNOWN --'; + my $bug_id = $cgi->param('id'); + if ($bug_id) { + $old_resolution = + $dbh->selectrow_array('SELECT resolution FROM bugs WHERE bug_id = ?', + undef, $bug_id); + } + unless (CheckCanChangeField('resolution', $bug_id, $old_resolution, $str)) { + $vars->{'oldvalue'} = $old_resolution; + $vars->{'newvalue'} = $str; + $vars->{'field'} = 'resolution'; + $vars->{'privs'} = $PrivilegesRequired; + ThrowUserError("illegal_change", $vars); + } + DoComma(); $::query .= "resolution = ?"; trick_taint($str); @@ -1539,6 +1559,9 @@ foreach my $id (@idlist) { } } foreach my $col (@::log_columns) { + # The 'resolution' field is checked by ChangeResolution(), + # i.e. only if we effectively use it. + next if ($col eq 'resolution'); if (exists $formhash{$col} && !CheckCanChangeField($col, $id, $oldhash{$col}, $formhash{$col})) { -- cgit v1.2.3-24-g4f1b