Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
bugzilla
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
etersoft
bugzilla
Commits
438c4b52
Commit
438c4b52
authored
Feb 25, 2014
by
Dave Lawrence
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Bug 962060 - User.get ignores the "maxusermatches" parameter and allows listing all email addresses
r=LpSolit,a=justdave
parent
079bc035
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
22 additions
and
4 deletions
+22
-4
User.pm
Bugzilla/WebService/User.pm
+22
-4
No files found.
Bugzilla/WebService/User.pm
View file @
438c4b52
...
...
@@ -15,9 +15,11 @@ use Bugzilla::Constants;
use
Bugzilla::
Error
;
use
Bugzilla::
Group
;
use
Bugzilla::
User
;
use
Bugzilla::
Util
qw(trim)
;
use
Bugzilla::
Util
qw(trim
detaint_natural
)
;
use
Bugzilla::WebService::
Util
qw(filter validate translate params_to_objects)
;
use
List::
Util
qw(min)
;
# Don't need auth to login
use
constant
LOGIN_EXEMPT
=>
{
login
=>
1
,
...
...
@@ -186,10 +188,15 @@ sub get {
}
# User Matching
my
$limit
;
if
(
$params
->
{
'maxusermatches'
})
{
$limit
=
$params
->
{
'maxusermatches'
}
+
1
;
my
$limit
=
Bugzilla
->
params
->
{
maxusermatches
};
if
(
$params
->
{
limit
})
{
detaint_natural
(
$params
->
{
limit
})
||
ThrowCodeError
(
'param_must_be_numeric'
,
{
function
=>
'Bugzilla::WebService::User::match'
,
param
=>
'limit'
});
$limit
=
$limit
?
min
(
$params
->
{
limit
},
$limit
)
:
$params
->
{
limit
};
}
my
$exclude_disabled
=
$params
->
{
'include_disabled'
}
?
0
:
1
;
foreach
my
$match_string
(
@
{
$params
->
{
'match'
}
||
[]
})
{
my
$matched
=
Bugzilla::User::
match
(
$match_string
,
$limit
,
$exclude_disabled
);
...
...
@@ -741,6 +748,13 @@ if they try. (This is to make it harder for spammers to harvest email
addresses from Bugzilla, and also to enforce the user visibility
restrictions that are implemented on some Bugzillas.)
=item C<limit> (int)
Limit the number of users matched by the C<match> parameter. If value
is greater than the system limit, the system limit will be used. This
parameter is only used when user matching using the C<match> parameter
is being performed.
=item C<group_ids> (array)
=item C<groups> (array)
...
...
@@ -885,6 +899,10 @@ querying your own account, even if you are in the editusers group.
You passed an invalid login name in the "names" array or a bad
group ID in the C<group_ids> argument.
=item 52 (Invalid Parameter)
The value used must be an integer greater then zero.
=item 304 (Authorization Required)
You are logged in, but you are not authorized to see one of the users you
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment