Bug 1001462: Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'
r=glob,a=glob git-svn-id: svn://10.0.0.236/trunk@265670 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
bzrmirror%bugzilla.org
parent
5c8aa307d8
commit
1cd1e87f99
@ -1 +1 @@
|
||||
9205
|
||||
9206
|
||||
@ -1 +1 @@
|
||||
ded5d29a6083d08350ddf78d05266872cc2e9bb7
|
||||
c0156f20dfd3f5bfa3a0e1c2b6ca0f2de34797a4
|
||||
@ -117,6 +117,7 @@ our @ISA = qw(XMLRPC::Deserializer);
|
||||
|
||||
use Bugzilla::Error;
|
||||
use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
|
||||
use Bugzilla::WebService::Util qw(fix_credentials);
|
||||
use Scalar::Util qw(tainted);
|
||||
|
||||
sub deserialize {
|
||||
@ -140,7 +141,13 @@ sub deserialize {
|
||||
my $params = $som->paramsin;
|
||||
# This allows positional parameters for Testopia.
|
||||
$params = {} if ref $params ne 'HASH';
|
||||
|
||||
# Update the params to allow for several convenience key/values
|
||||
# use for authentication
|
||||
fix_credentials($params);
|
||||
|
||||
Bugzilla->input_params($params);
|
||||
|
||||
return $som;
|
||||
}
|
||||
|
||||
|
||||
@ -53,27 +53,20 @@ use constant MAPPED_RETURNS => {
|
||||
sub login {
|
||||
my ($self, $params) = @_;
|
||||
|
||||
# Check to see if we are already logged in
|
||||
my $user = Bugzilla->user;
|
||||
if ($user->id) {
|
||||
return $self->_login_to_hash($user);
|
||||
}
|
||||
|
||||
# Username and password params are required
|
||||
foreach my $param ("login", "password") {
|
||||
defined $params->{$param}
|
||||
(defined $params->{$param} || defined $params->{'Bugzilla_' . $param})
|
||||
|| ThrowCodeError('param_required', { param => $param });
|
||||
}
|
||||
|
||||
# Make sure the CGI user info class works if necessary.
|
||||
my $input_params = Bugzilla->input_params;
|
||||
$input_params->{'Bugzilla_login'} = $params->{login};
|
||||
$input_params->{'Bugzilla_password'} = $params->{password};
|
||||
$input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
|
||||
|
||||
my $user = Bugzilla->login();
|
||||
|
||||
my $result = { id => $self->type('int', $user->id) };
|
||||
|
||||
if ($user->{_login_token}) {
|
||||
$result->{'token'} = $user->id . "-" . $user->{_login_token};
|
||||
}
|
||||
|
||||
return $result;
|
||||
$user = Bugzilla->login();
|
||||
return $self->_login_to_hash($user);
|
||||
}
|
||||
|
||||
sub logout {
|
||||
@ -409,6 +402,15 @@ sub _report_to_hash {
|
||||
return $item;
|
||||
}
|
||||
|
||||
sub _login_to_hash {
|
||||
my ($self, $user) = @_;
|
||||
my $item = { id => $self->type('int', $user->id) };
|
||||
if ($user->{_login_token}) {
|
||||
$item->{'token'} = $user->id . "-" . $user->{_login_token};
|
||||
}
|
||||
return $item;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
||||
@ -266,8 +266,8 @@ sub fix_credentials {
|
||||
# even if not calling GET /login. We also do not delete them as
|
||||
# GET /login requires "login" and "password".
|
||||
if (exists $params->{'login'} && exists $params->{'password'}) {
|
||||
$params->{'Bugzilla_login'} = $params->{'login'};
|
||||
$params->{'Bugzilla_password'} = $params->{'password'};
|
||||
$params->{'Bugzilla_login'} = delete $params->{'login'};
|
||||
$params->{'Bugzilla_password'} = delete $params->{'password'};
|
||||
}
|
||||
# Allow user to pass api_key=12345678 as a convenience which becomes
|
||||
# "Bugzilla_api_key" which is what the auth code looks for.
|
||||
@ -277,7 +277,7 @@ sub fix_credentials {
|
||||
# Allow user to pass token=12345678 as a convenience which becomes
|
||||
# "Bugzilla_token" which is what the auth code looks for.
|
||||
if (exists $params->{'token'}) {
|
||||
$params->{'Bugzilla_token'} = $params->{'token'};
|
||||
$params->{'Bugzilla_token'} = delete $params->{'token'};
|
||||
}
|
||||
|
||||
# Allow extensions to modify the credential data before login
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user