Commit 52c0a0a8 authored by Max Kanat-Alexander's avatar Max Kanat-Alexander

Bug 560252: By default, users in editbugs should be in bz_canusewhines.

(Make editbugs inherit bz_canusewhines when we create bz_canusewhines.) r=mkanat, a=mkanat (module owner)
parent a424a29d
......@@ -109,14 +109,25 @@ use constant SYSTEM_GROUPS => (
description => 'Can confirm a bug or mark it a duplicate'
},
{
name => 'bz_canusewhineatothers',
description => 'Can configure whine reports for other users',
},
{
name => 'bz_canusewhines',
description => 'User can configure whine reports for self'
description => 'User can configure whine reports for self',
# inherited_by means that users in the groups listed below are
# automatically members of bz_canusewhines.
inherited_by => ['editbugs', 'bz_canusewhineatothers'],
},
{
name => 'bz_sudoers',
description => 'Can perform actions as other users'
description => 'Can perform actions as other users',
},
{
name => 'bz_sudo_protect',
description => 'Can not be impersonated by other users',
inherited_by => ['bz_sudoers'],
},
# There are also other groups created in update_system_groups.
);
use constant DEFAULT_CLASSIFICATION => {
......@@ -154,38 +165,29 @@ sub update_settings {
sub update_system_groups {
my $dbh = Bugzilla->dbh;
$dbh->bz_start_transaction();
# Create most of the system groups
foreach my $definition (SYSTEM_GROUPS) {
my $exists = new Bugzilla::Group({ name => $definition->{name} });
if (!$exists) {
$definition->{isbuggroup} = 0;
Bugzilla::Group->create($definition) unless $exists;
my $inherited_by = delete $definition->{inherited_by};
my $created = Bugzilla::Group->create($definition);
# Each group in inherited_by is automatically a member of this
# group.
if ($inherited_by) {
foreach my $name (@$inherited_by) {
my $member = Bugzilla::Group->check($name);
$dbh->do('INSERT INTO group_group_map (grantor_id,
member_id) VALUES (?,?)',
undef, $created->id, $member->id);
}
# Certain groups need something done after they are created. We do
# that here.
# Make sure people who can whine at others can also whine.
if (!new Bugzilla::Group({name => 'bz_canusewhineatothers'})) {
my $whineatothers = Bugzilla::Group->create({
name => 'bz_canusewhineatothers',
description => 'Can configure whine reports for other users',
isbuggroup => 0 });
my $whine = new Bugzilla::Group({ name => 'bz_canusewhines' });
$dbh->do('INSERT INTO group_group_map (grantor_id, member_id)
VALUES (?,?)', undef, $whine->id, $whineatothers->id);
}
# Make sure sudoers are automatically protected from being sudoed.
if (!new Bugzilla::Group({name => 'bz_sudo_protect'})) {
my $sudo_protect = Bugzilla::Group->create({
name => 'bz_sudo_protect',
description => 'Can not be impersonated by other users',
isbuggroup => 0 });
my $sudo = new Bugzilla::Group({ name => 'bz_sudoers' });
$dbh->do('INSERT INTO group_group_map (grantor_id, member_id)
VALUES (?,?)', undef, $sudo_protect->id, $sudo->id);
}
}
$dbh->bz_commit_transaction();
}
sub create_default_classification {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment