Bug 532493: [SECURITY] Restricting a bug to a group while moving it to another product has no effect if the group is not used by both products - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_4-BRANCH@259533 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
lpsolit%gmail.com
parent
f2cefa6c84
commit
84c133fdca
@ -613,33 +613,6 @@ sub run_create_validators {
|
||||
return $params;
|
||||
}
|
||||
|
||||
sub set_all {
|
||||
my ($self, $args) = @_;
|
||||
|
||||
# For security purposes, and because lots of other checks depend on it,
|
||||
# we set the product first before anything else.
|
||||
my $product_change = 0;
|
||||
if ($args->{product}) {
|
||||
my $changed = $self->set_product($args->{product},
|
||||
{ component => $args->{component},
|
||||
version => $args->{version},
|
||||
target_milestone => $args->{target_milestone},
|
||||
change_confirmed => $args->{confirm_product_change},
|
||||
other_bugs => $args->{other_bugs},
|
||||
});
|
||||
# that will be used later to check strict isolation
|
||||
$product_change = $changed;
|
||||
}
|
||||
|
||||
# add/remove groups
|
||||
$self->remove_group($_) foreach @{$args->{remove_group}};
|
||||
$self->add_group($_) foreach @{$args->{add_group}};
|
||||
|
||||
# this is temporary until all related code is moved from
|
||||
# process_bug.cgi to set_all
|
||||
return $product_change;
|
||||
}
|
||||
|
||||
sub update {
|
||||
my $self = shift;
|
||||
|
||||
|
||||
@ -248,36 +248,39 @@ foreach my $bug (@bug_objects) {
|
||||
}
|
||||
}
|
||||
|
||||
my $product_change;
|
||||
foreach my $bug (@bug_objects) {
|
||||
my $args;
|
||||
if (should_set('product')) {
|
||||
$args->{product} = scalar $cgi->param('product');
|
||||
$args->{component} = scalar $cgi->param('component');
|
||||
$args->{version} = scalar $cgi->param('version');
|
||||
$args->{target_milestone} = scalar $cgi->param('target_milestone');
|
||||
$args->{confirm_product_change} = scalar $cgi->param('confirm_product_change');
|
||||
$args->{other_bugs} = \@bug_objects;
|
||||
# For security purposes, and because lots of other checks depend on it,
|
||||
# we set the product first before anything else.
|
||||
my $product_change; # Used only for strict_isolation checks, right now.
|
||||
if (should_set('product')) {
|
||||
foreach my $b (@bug_objects) {
|
||||
my $changed = $b->set_product(scalar $cgi->param('product'),
|
||||
{ component => scalar $cgi->param('component'),
|
||||
version => scalar $cgi->param('version'),
|
||||
target_milestone => scalar $cgi->param('target_milestone'),
|
||||
change_confirmed => scalar $cgi->param('confirm_product_change'),
|
||||
other_bugs => \@bug_objects,
|
||||
});
|
||||
$product_change ||= $changed;
|
||||
}
|
||||
}
|
||||
|
||||
foreach my $group (@{$bug->product_obj->groups_valid}) {
|
||||
# strict_isolation checks mean that we should set the groups
|
||||
# immediately after changing the product.
|
||||
foreach my $b (@bug_objects) {
|
||||
foreach my $group (@{$b->product_obj->groups_valid}) {
|
||||
my $gid = $group->id;
|
||||
if (should_set("bit-$gid", 1)) {
|
||||
# Check ! first to avoid having to check defined below.
|
||||
if (!$cgi->param("bit-$gid")) {
|
||||
push (@{$args->{remove_group}}, $gid);
|
||||
$b->remove_group($gid);
|
||||
}
|
||||
# "== 1" is important because mass-change uses -1 to mean
|
||||
# "don't change this restriction"
|
||||
elsif ($cgi->param("bit-$gid") == 1) {
|
||||
push (@{$args->{add_group}}, $gid);
|
||||
$b->add_group($gid);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# this will be deleted later when code moves to $bug->set_all
|
||||
my $changed = $bug->set_all($args);
|
||||
$product_change ||= $changed;
|
||||
}
|
||||
|
||||
if ($cgi->param('id') && (defined $cgi->param('dependson')
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user