From af986f45c5d82ed054780098898e2b726ffe416f Mon Sep 17 00:00:00 2001 From: "dave%intrec.com" <> Date: Tue, 18 Jul 2000 22:28:19 +0000 Subject: Fix for bug 45586. When using 'usebuggroupsentry', prevent users from seeing products the don't have access to on the query page. --- query.cgi | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'query.cgi') diff --git a/query.cgi b/query.cgi index dedd5fb6e..41e5b8131 100755 --- a/query.cgi +++ b/query.cgi @@ -274,6 +274,21 @@ sub GenerateEmailInput { my $emailinput1 = GenerateEmailInput(1); my $emailinput2 = GenerateEmailInput(2); +# if using usebuggroups, then we don't want people to see products they don't +# have access to. remove them from the list. + +@::product_list = (); +foreach my $p (@::legal_product) { + if(Param("usebuggroupsentry") + && GroupExists($p) + && !UserInGroup($p)) { + # If we're using bug groups to restrict entry on products, and + # this product has a bug group, and the user is not in that + # group, we don't want to include that product in this list. + next; + } + push @::product_list, $p; +} # javascript @@ -306,7 +321,7 @@ foreach $tm (@::legal_target_milestone) { $jscript .= "tms['$tm'] = new Array();\n"; } -for $p (@::legal_product) { +for $p (@::product_list) { if ($::components{$p}) { foreach $c (@{$::components{$p}}) { $jscript .= "cpts['$c'][cpts['$c'].length] = '$p';\n"; @@ -602,7 +617,7 @@ print " -- cgit v1.2.3-24-g4f1b