Bug 304696: Replace UserInGroup() by $user->in_group() when checking user privs…

Bug 304696: Replace UserInGroup() by $user->in_group() when checking user privs in edit*.cgi files - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave

Bug 304696: Replace UserInGroup() by $user->in_group() when checking user privs…
0e9fdfdc · lpsolit%gmail.com · b0fbfe87 · 0e9fdfdc · 0e9fdfdc · 0e9fdfdc
Commit 0e9fdfdc authored Sep 16, 2005 by lpsolit%gmail.com
12 changed files
--- a/doeditparams.cgi
+++ b/doeditparams.cgi
@@ -28,18 +28,17 @@ use lib qw(.);
 use Bugzilla;
 use Bugzilla::Constants;
 use Bugzilla::Config qw(:DEFAULT :admin $datadir);
-use Bugzilla::User;
 require "globals.pl";
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 my $cgi = Bugzilla->cgi;
 my $template = Bugzilla->template;
 print $cgi->header();
-UserInGroup("tweakparams")
+$user->in_group('tweakparams')
  || ThrowUserError("auth_failure", {group  => "tweakparams",
                                     action => "modify",
                                     object => "parameters"});

--- a/editcomponents.cgi
+++ b/editcomponents.cgi
@@ -53,7 +53,7 @@ my $whoid = $user->id;
 print $cgi->header();
-UserInGroup("editcomponents")
+$user->in_group('editcomponents')
  || ThrowUserError("auth_failure", {group  => "editcomponents",
                                     action => "edit",
                                     object => "components"});

--- a/editflagtypes.cgi
+++ b/editflagtypes.cgi
@@ -37,14 +37,13 @@ use Bugzilla::Constants;
 use Bugzilla::Flag;
 use Bugzilla::FlagType;
 use Bugzilla::Group;
-use Bugzilla::User;
 use Bugzilla::Util;
 use vars qw( $template $vars );
 # Make sure the user is logged in and is an administrator.
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
-UserInGroup("editcomponents")
+$user->in_group('editcomponents')
  || ThrowUserError("auth_failure", {group  => "editcomponents",
                                     action => "edit",
                                     object => "flagtypes"});

--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -31,7 +31,6 @@ use lib ".";
 use Bugzilla;
 use Bugzilla::Constants;
-use Bugzilla::User;
 use Bugzilla::Group;
 require "globals.pl";
@@ -40,11 +39,11 @@ my $dbh = Bugzilla->dbh;
 use vars qw($template $vars);
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 print $cgi->header();
-UserInGroup("creategroups")
+$user->in_group('creategroups')
  || ThrowUserError("auth_failure", {group  => "creategroups",
                                     action => "edit",
                                     object => "groups"});

--- a/editkeywords.cgi
+++ b/editkeywords.cgi
@@ -28,7 +28,6 @@ require "globals.pl";
 use Bugzilla;
 use Bugzilla::Constants;
 use Bugzilla::Config qw(:DEFAULT $datadir);
-use Bugzilla::User;
 my $cgi = Bugzilla->cgi;
 my $dbh = Bugzilla->dbh;
@@ -60,11 +59,11 @@ sub Validate {
 # Preliminary checks:
 #
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 print $cgi->header();
-UserInGroup("editkeywords")
+$user->in_group('editkeywords')
  || ThrowUserError("auth_failure", {group  => "editkeywords",
                                     action => "edit",
                                     object => "keywords"});

--- a/editmilestones.cgi
+++ b/editmilestones.cgi
@@ -23,7 +23,6 @@ require "globals.pl";
 use Bugzilla::Constants;
 use Bugzilla::Config qw(:DEFAULT $datadir);
-use Bugzilla::User;
 use Bugzilla::Product;
 use Bugzilla::Milestone;
 use Bugzilla::Bug;
@@ -42,7 +41,7 @@ my $whoid = $user->id;
 print $cgi->header();
-UserInGroup("editcomponents")
+$user->in_group('editcomponents')
  || ThrowUserError("auth_failure", {group  => "editcomponents",
                                     action => "edit",
                                     object => "milestones"});

--- a/editparams.cgi
+++ b/editparams.cgi
@@ -27,17 +27,16 @@ use lib ".";
 use Bugzilla::Constants;
 use Bugzilla::Config qw(:DEFAULT :admin);
-use Bugzilla::User;
 require "globals.pl";
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 my $template = Bugzilla->template;
 print Bugzilla->cgi->header();
-UserInGroup("tweakparams")
+$user->in_group('tweakparams')
  || ThrowUserError("auth_failure", {group  => "tweakparams",
                                     action => "modify",
                                     object => "parameters"});

--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -37,7 +37,6 @@ use Bugzilla::Constants;
 require "globals.pl";
 use Bugzilla::Bug;
 use Bugzilla::Series;
-use Bugzilla::User;
 use Bugzilla::Config qw(:DEFAULT $datadir);
 # Shut up misguided -w warnings about "used only once".  "use vars" just
@@ -242,7 +241,7 @@ my $whoid = $user->id;
 my $cgi = Bugzilla->cgi;
 print $cgi->header();
-UserInGroup("editcomponents")
+$user->in_group('editcomponents')
  || ThrowUserError("auth_failure", {group  => "editcomponents",
                                     action => "edit",
                                     object => "products"});

--- a/editsettings.cgi
+++ b/editsettings.cgi
@@ -21,7 +21,6 @@ use lib qw(.);
 use Bugzilla;
 use Bugzilla::Constants;
-use Bugzilla::User;
 use Bugzilla::User::Setting;
 require "globals.pl";
@@ -69,12 +68,12 @@ sub SaveSettings{
 ###  Live code  ###
 ###################
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 my $cgi = Bugzilla->cgi;
 print $cgi->header;
-UserInGroup("tweakparams")
+$user->in_group('tweakparams')
  || ThrowUserError("auth_failure", {group  => "tweakparams",
                                     action => "modify",
                                     object => "settings"});

--- a/editusers.cgi
+++ b/editusers.cgi
@@ -43,7 +43,7 @@ my $editusers = $user->in_group('editusers');
 # Reject access if there is no sense in continuing.
 $editusers
-    || Bugzilla->user->can_bless()
+    || $user->can_bless()
    || ThrowUserError("auth_failure", {group  => "editusers",
                                       reason => "cant_bless",
                                       action => "edit",

--- a/editversions.cgi
+++ b/editversions.cgi
@@ -35,7 +35,6 @@ require "globals.pl";
 use Bugzilla::Constants;
 use Bugzilla::Config qw(:DEFAULT $datadir);
-use Bugzilla::User;
 use Bugzilla::Product;
 use Bugzilla::Version;
@@ -48,11 +47,11 @@ my $dbh = Bugzilla->dbh;
 # Preliminary checks:
 #
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 print $cgi->header();
-UserInGroup("editcomponents")
+$user->in_group('editcomponents')
  || ThrowUserError("auth_failure", {group  => "editcomponents",
                                     action => "edit",
                                     object => "versions"});

--- a/editwhines.cgi
+++ b/editwhines.cgi
@@ -36,7 +36,7 @@ use Bugzilla::Constants;
 use Bugzilla::User;
 use Bugzilla::Group;
 # require the user to have logged in
-Bugzilla->login(LOGIN_REQUIRED);
+my $user = Bugzilla->login(LOGIN_REQUIRED);
 ###############################################################################
 # Main Body Execution
@@ -46,7 +46,6 @@ my $cgi      = Bugzilla->cgi;
 my $template = Bugzilla->template;
 my $dbh      = Bugzilla->dbh;
-my $user     = Bugzilla->user;
 my $userid   = $user->id;
 my $sth; # database statement handle
@@ -73,7 +72,7 @@ my $sth; # database statement handle
 my $events = get_events($userid);
 # First see if this user may use whines
-UserInGroup("bz_canusewhines")
+$user->in_group('bz_canusewhines')
  || ThrowUserError("auth_failure", {group  => "bz_canusewhines",
                                     action => "schedule",
                                     object => "reports"});