From 7a9a4fdc72fa194e1921ee157ae7f79507540f1c Mon Sep 17 00:00:00 2001 From: Robert Webb Date: Thu, 1 Sep 2011 13:24:27 -0700 Subject: Bug 683025 - Add a check_for_edit to Bugzilla::Bug to return the bug object if the user can edit the bug r=mkanat, a=mkanat --- process_bug.cgi | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) (limited to 'process_bug.cgi') diff --git a/process_bug.cgi b/process_bug.cgi index 9ba03e277..dc5ad9138 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -96,14 +96,14 @@ sub should_set { # Create a list of objects for all bugs being modified in this request. my @bug_objects; if (defined $cgi->param('id')) { - my $bug = Bugzilla::Bug->check(scalar $cgi->param('id')); + my $bug = Bugzilla::Bug->check_for_edit(scalar $cgi->param('id')); $cgi->param('id', $bug->id); push(@bug_objects, $bug); } else { foreach my $i ($cgi->param()) { if ($i =~ /^id_([1-9][0-9]*)/) { my $id = $1; - push(@bug_objects, Bugzilla::Bug->check($id)); + push(@bug_objects, Bugzilla::Bug->check_for_edit($id)); } } } @@ -213,15 +213,6 @@ else { $action = 'nothing'; } -# For each bug, we have to check if the user can edit the bug the product -# is currently in, before we allow them to change anything. -foreach my $bug (@bug_objects) { - if (!$user->can_edit_product($bug->product_obj->id)) { - ThrowUserError("product_edit_denied", - { product => $bug->product }); - } -} - # Component, target_milestone, and version are in here just in case # the 'product' field wasn't defined in the CGI. It doesn't hurt to set # them twice. -- cgit v1.2.3-24-g4f1b