From 7a9a4fdc72fa194e1921ee157ae7f79507540f1c Mon Sep 17 00:00:00 2001
From: Robert Webb <rowebb@gmail.com>
Date: Thu, 1 Sep 2011 13:24:27 -0700
Subject: Bug 683025 - Add a check_for_edit to Bugzilla::Bug to return the bug
 object if the user can edit the bug r=mkanat, a=mkanat

---
 process_bug.cgi | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

(limited to 'process_bug.cgi')

diff --git a/process_bug.cgi b/process_bug.cgi
index 9ba03e277..dc5ad9138 100755
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -96,14 +96,14 @@ sub should_set {
 # Create a list of objects for all bugs being modified in this request.
 my @bug_objects;
 if (defined $cgi->param('id')) {
-  my $bug = Bugzilla::Bug->check(scalar $cgi->param('id'));
+  my $bug = Bugzilla::Bug->check_for_edit(scalar $cgi->param('id'));
   $cgi->param('id', $bug->id);
   push(@bug_objects, $bug);
 } else {
     foreach my $i ($cgi->param()) {
         if ($i =~ /^id_([1-9][0-9]*)/) {
             my $id = $1;
-            push(@bug_objects, Bugzilla::Bug->check($id));
+            push(@bug_objects, Bugzilla::Bug->check_for_edit($id));
         }
     }
 }
@@ -213,15 +213,6 @@ else {
     $action = 'nothing';
 }
 
-# For each bug, we have to check if the user can edit the bug the product
-# is currently in, before we allow them to change anything.
-foreach my $bug (@bug_objects) {
-    if (!$user->can_edit_product($bug->product_obj->id)) {
-        ThrowUserError("product_edit_denied",
-                      { product => $bug->product });
-    }
-}
-
 # Component, target_milestone, and version are in here just in case
 # the 'product' field wasn't defined in the CGI. It doesn't hurt to set
 # them twice.
-- 
cgit v1.2.3-24-g4f1b