From 3b2f0ca83f4670d408902a00bfe4264cee5c57aa Mon Sep 17 00:00:00 2001 From: "karl%kornel.name" <> Date: Sun, 20 Nov 2005 09:31:35 +0000 Subject: Bug 312441: relogin.cgi allows you to impersonate user accounts you are not allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel r=LpSolit a=justdave --- .../en/default/account/prefs/permissions.html.tmpl | 2 +- template/en/default/admin/sudo.html.tmpl | 27 ++++++++++++++-------- template/en/default/admin/users/userdata.html.tmpl | 2 +- template/en/default/global/user-error.html.tmpl | 19 +++++++++++++++ 4 files changed, 38 insertions(+), 12 deletions(-) (limited to 'template') diff --git a/template/en/default/account/prefs/permissions.html.tmpl b/template/en/default/account/prefs/permissions.html.tmpl index 2de04328d..dd6e1785b 100644 --- a/template/en/default/account/prefs/permissions.html.tmpl +++ b/template/en/default/account/prefs/permissions.html.tmpl @@ -74,7 +74,7 @@ [% IF user.groups.bz_sudoers %]
You are a member of the bz_sudoers group, so you can - impersonate someone else. + impersonate someone else. [% END %] diff --git a/template/en/default/admin/sudo.html.tmpl b/template/en/default/admin/sudo.html.tmpl index 12aa586a6..4e781796c 100644 --- a/template/en/default/admin/sudo.html.tmpl +++ b/template/en/default/admin/sudo.html.tmpl @@ -66,7 +66,8 @@

Next, please take a moment to explain why you are doing this:
- +

@@ -75,21 +76,27 @@ are impersonating them.

-

- Finally, click the button to begin the session: - - -

- - [% IF will_logout %] + [% IF user.get_flag("can_logout") %]

- When you press the button, you may be logged out and asked to log in - again. This is done for two reasons. First of all, it is done to reduce + Finally, enter your [% terms.Bugzilla %] password: + + +
+ This is done for two reasons. First of all, it is done to reduce the chances of someone doing large amounts of damage using your already-logged-in account. Second, it is there to force you to take the time to consider if you really need to use this feature.

[% END %] + +

+ Click the button to begin the session: + + + +

+ [% PROCESS global/footer.html.tmpl %] diff --git a/template/en/default/admin/users/userdata.html.tmpl b/template/en/default/admin/users/userdata.html.tmpl index f606bb73d..96c9df515 100644 --- a/template/en/default/admin/users/userdata.html.tmpl +++ b/template/en/default/admin/users/userdata.html.tmpl @@ -32,7 +32,7 @@ value="[% otheruser.login FILTER html %]" /> [% IF !otheruser.groups.bz_sudo_protect %]
- Impersonate this user [% END %] [% END %] diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index be86ae506..e911b39d2 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -1128,6 +1128,20 @@ An sudo session (impersonating [% target FILTER html %]) is in progress. End that session (using the link in the footer) before starting a new one. + [% ELSIF error == "sudo_password_required" %] + [% title = "Password Required" %] + Your [% terms.Bugzilla %] password is required to begin a sudo + session. Please go back and enter your password. + + [% ELSIF error == "sudo_preparation_required" %] + [% title = "Preparation Required" %] + You may not start a sudo session directly. Please + start your session normally. + [% ELSIF error == "sudo_protected" %] [% title = "User Protected" %] The user [% login FILTER html %] may not be impersonated by sudoers. @@ -1202,6 +1216,11 @@ [% title = "Login Name Required" %] You must enter a login name for the new user. + [% ELSIF error == "user_match_failed" %] + [% title = "Match Failed" %] + [% name FILTER html %] does not exist or you are not allowed + to see that user. + [% ELSIF error == "votes_must_be_nonnegative" %] [% title = "Votes Must Be Non-negative" %] Only use non-negative numbers for your [% terms.bug %] votes. -- cgit v1.2.3-24-g4f1b