Bug 830330: Make flags honour bug_check_can_change_field

r=dkl, a=LpSolit

Bug 830330: Make flags honour bug_check_can_change_field
d5f626b5 · Hugo Seabrook · Byron Jones · a42f528a · d5f626b5 · d5f626b5
Commit d5f626b5 authored Feb 15, 2013 by Hugo Seabrook Committed by Byron Jones Feb 15, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 3 deletions

Bug.pm Bugzilla/Bug.pm +2 -2

Flag.pm Bugzilla/Flag.pm +6 -0

list.html.tmpl template/en/default/flag/list.html.tmpl +1 -1

No files found.
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -4057,8 +4057,8 @@ sub check_can_change_field {
        return 1;
    }
-    # Allow anyone to change comments.
+    # Allow anyone to change comments, or set flags
-    if ($field =~ /^longdesc/) {
+    if ($field =~ /^longdesc/ || $field eq 'flagtypes.name') {
        return 1;
    }

--- a/Bugzilla/Flag.pm
+++ b/Bugzilla/Flag.pm
@@ -296,6 +296,12 @@ sub set_flag {
        ThrowCodeError('flag_unexpected_object', { 'caller' => ref $obj });
    }
+    # Make sure the user can change flags
+    my $privs;
+    $bug->check_can_change_field('flagtypes.name', 0, 1, \$privs)
+        || ThrowUserError('illegal_change',
+                          { field => 'flagtypes.name', privs => $privs });
    # Update (or delete) an existing flag.
    if ($params->{id}) {
        my $flag = $class->check({ id => $params->{id} });

--- a/template/en/default/flag/list.html.tmpl
+++ b/template/en/default/flag/list.html.tmpl
@@ -6,7 +6,7 @@
  # defined by the Mozilla Public License, v. 2.0.
  #%]
-[% IF user.id AND !read_only_flags %]
+[% IF user.id && !read_only_flags && bug.check_can_change_field('flagtypes.name', 0, 1) %]
 [%# We list flags by looping twice over the flag types relevant for the bug.
  # In the first loop, we display existing flags and then, for active types,