Bug 455099: Some methods in Search.pm use the wrong user object to check privs - Patch by FrÃ©dÃ©ric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit

git-svn-id: svn://10.0.0.236/trunk@254208 18797224-902f-48f8-a5cc-f745e15eee43
2008-09-15 05:47:52 +00:00 · 2008-09-15 05:47:52 +00:00 · ac612a7983
commit ac612a7983
parent bcc0d6a9a1
1 changed files with 8 additions and 43 deletions
--- a/mozilla/webtools/bugzilla/Bugzilla/Search.pm
+++ b/mozilla/webtools/bugzilla/Bugzilla/Search.pm
@ -369,7 +369,7 @@ sub init {

    my $sql_deadlinefrom;
    my $sql_deadlineto;
-    if (Bugzilla->user->in_group(Bugzilla->params->{'timetrackinggroup'})){
+    if ($user->is_timetracker) {
      my $deadlinefrom;
      my $deadlineto;
            
@ -1292,12 +1292,7 @@ sub _commenter_exact {
        $$sequence++;
    }
    my $table = "longdescs_$chartseq";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $user->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                       "ON $table.bug_id = bugs.bug_id $extra " .
                       "AND $table.who IN ($match)");
@ -1316,12 +1311,7 @@ sub _commenter {
        $$sequence++;
    }
    my $table = "longdescs_$chartseq";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    $$f = "login_name";
    $$ff = "profiles.login_name";
    $$funcsbykey{",$$t"}($self, %func_args);
@ -1340,12 +1330,7 @@ sub _long_desc {
        @func_args{qw(chartid supptables f)};
    
    my $table = "longdescs_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                       "ON $table.bug_id = bugs.bug_id $extra");
    $$f = "$table.thetext";
@ -1358,12 +1343,7 @@ sub _longdescs_isprivate {
        @func_args{qw(chartid supptables f)};
    
    my $table = "longdescs_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"}
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"}))
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                      "ON $table.bug_id = bugs.bug_id $extra");
    $$f = "$table.isprivate";
@ -1505,12 +1485,7 @@ sub _attach_data_thedata {
    
    my $atable = "attachments_$$chartid";
    my $dtable = "attachdata_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $atable.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $atable.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $atable " .
                       "ON bugs.bug_id = $atable.bug_id $extra");
    push(@$supptables, "INNER JOIN attach_data AS $dtable " .
@ -1525,12 +1500,7 @@ sub _attachments_submitter {
        @func_args{qw(chartid supptables f)};
    
    my $atable = "map_attachment_submitter_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"}
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"}))
-    {
-        $extra = "AND $atable.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $atable.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $atable " .
                       "ON bugs.bug_id = $atable.bug_id $extra");
    push(@$supptables, "LEFT JOIN profiles AS attachers_$$chartid " .
@ -1546,12 +1516,7 @@ sub _attachments {
    my $dbh = Bugzilla->dbh;
    
    my $table = "attachments_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $table " .
                       "ON bugs.bug_id = $table.bug_id $extra");
    $$f =~ m/^attachments\.(.*)$/;