Skip to content

bugzilla
bugzilla
Commit 9797547f authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 286003: Direct access to summarize-time.cgi when time tracking is off…

Bug 286003: Direct access to summarize-time.cgi when time tracking is off generates an error - Patch by Shane H. W. Travis <shane.h.w.travis@gmail.com> r=jouni a=justdave
parent 49951829
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 2 deletions
summarize_time.cgi
View file @ 9797547f
...@@ -360,8 +360,10 @@ my $cgi = Bugzilla->cgi; ...@@ -360,8 +360,10 @@ my $cgi = Bugzilla->cgi;
Bugzilla->switch_to_shadow_db(); Bugzilla->switch_to_shadow_db();
ThrowUserError("timetracking_access_denied") unless UserInGroup(Param("timetrackinggroup"))
UserInGroup(Param("timetrackinggroup")); || ThrowUserError("auth_failure", {group => "time-tracking",
action => "access",
object => "timetracking_summaries"});
my @ids = split(",", $cgi->param('id')); my @ids = split(",", $cgi->param('id'));
map { ValidateBugID($_) } @ids; map { ValidateBugID($_) } @ids;
......
template/en/default/global/user-error.html.tmpl
View file @ 9797547f
...@@ -160,6 +160,8 @@ ...@@ -160,6 +160,8 @@
whine reports whine reports
[% ELSIF object == "sanity_check" %] [% ELSIF object == "sanity_check" %]
a sanity check a sanity check
[% ELSIF object == "timetracking_summaries" %]
time-tracking summary reports
[% ELSIF object == "user" %] [% ELSIF object == "user" %]
the user you specified the user you specified
[% ELSIF object == "users" %] [% ELSIF object == "users" %]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment