Skip to content

bugzilla
bugzilla
Commit d0042bb7 authored by bugreport%peshkin.net's avatar bugreport%peshkin.net
Browse files
Options

Bug 312787 When strict_isolation is set, do not permit users to alter deps on…

Bug 312787 When strict_isolation is set, do not permit users to alter deps on bugs unless they can edit both bugs Patch by Joel Peshkin <bugreport@peshkin.net> r=kiko, a=justdave
parent 6d4505cc
Hide whitespace changes
Inline Side-by-side
Showing with 22 additions and 2 deletions
process_bug.cgi
View file @ d0042bb7
...@@ -165,6 +165,13 @@ foreach my $field ("dependson", "blocked") { ...@@ -165,6 +165,13 @@ foreach my $field ("dependson", "blocked") {
$vars->{'field'} = $field; $vars->{'field'} = $field;
ThrowUserError("illegal_change", $vars); ThrowUserError("illegal_change", $vars);
} }
if (Param("strict_isolation")) {
my $deltabug = new Bugzilla::Bug($id, $user);
if (!$user->can_edit_product($deltabug->{'product_id'})) {
$vars->{'field'} = $field;
ThrowUserError("illegal_change_deps", $vars);
}
}
} }
} else { } else {
# Bugzilla does not support mass-change of dependencies so they # Bugzilla does not support mass-change of dependencies so they
......
template/en/default/admin/params/groupsecurity.html.tmpl
View file @ d0042bb7
...@@ -49,6 +49,12 @@ ...@@ -49,6 +49,12 @@
usevisibilitygroups => "Do you wish to restrict visibility of users to members of " _ usevisibilitygroups => "Do you wish to restrict visibility of users to members of " _
"specific groups?", "specific groups?",
strict_isolation => "Don't allow users to assign, be qa-contacts or add to CC list " _ strict_isolation => "Don't allow users to be assigned to, " _
"any user that do not have permission to edit the bug." } "be qa-contacts on, " _
"be added to CC list, " _
"or make or remove dependencies " _
"involving any bug that is in a product on which that " _
"user is forbidden to edit.",
}
%] %]
template/en/default/global/user-error.html.tmpl
View file @ d0042bb7
...@@ -547,6 +547,13 @@ ...@@ -547,6 +547,13 @@
[% END %] [% END %]
a sufficiently empowered user may change that field. a sufficiently empowered user may change that field.
[% ELSIF error == "illegal_change_deps" %]
[% title = "Not allowed" %]
You tried to change the
<strong>[% field_descs.$field FILTER html %]</strong> field
but only a user empowered to edit
both involved [% terms.bugs %] may change that field.
[% ELSIF error == "illegal_changed_in_last_x_days" %] [% ELSIF error == "illegal_changed_in_last_x_days" %]
[% title = "Your Search Makes No Sense" %] [% title = "Your Search Makes No Sense" %]
The <em>Changed in last ___ days</em> field must be a simple number. The <em>Changed in last ___ days</em> field must be a simple number.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment