Skip to content

bugzilla
bugzilla
Commit f45790a7 authored by jake%bugzilla.org's avatar jake%bugzilla.org
Browse files
Options

Bug 180545 - It was possible to change the product/component of a bug without…

Bug 180545 - It was possible to change the product/component of a bug without having the editbugs permission. r=bbaetz a=justdave
parent f1b4d836
Hide whitespace changes
Inline Side-by-side
Showing with 26 additions and 3 deletions
process_bug.cgi
View file @ f45790a7
...@@ -204,6 +204,14 @@ if ((($::FORM{'id'} && $::FORM{'product'} ne $::oldproduct) ...@@ -204,6 +204,14 @@ if ((($::FORM{'id'} && $::FORM{'product'} ne $::oldproduct)
|| (!$::FORM{'id'} && $::FORM{'product'} ne $::FORM{'dontchange'})) || (!$::FORM{'id'} && $::FORM{'product'} ne $::FORM{'dontchange'}))
&& CheckonComment( "reassignbycomponent" )) && CheckonComment( "reassignbycomponent" ))
{ {
# Check to make sure they actually have the right to change the product
if (!CheckCanChangeField('product', $::FORM{'id'}, $::oldproduct, $::FORM{'product'})) {
$vars->{'oldvalue'} = $::oldproduct;
$vars->{'newvalue'} = $::FORM{'product'};
$vars->{'field'} = 'product';
ThrowUserError("illegal_change", undef, "abort");
}
CheckFormField(\%::FORM, 'product', \@::legal_product); CheckFormField(\%::FORM, 'product', \@::legal_product);
my $prod = $::FORM{'product'}; my $prod = $::FORM{'product'};
...@@ -1062,6 +1070,13 @@ foreach my $id (@idlist) { ...@@ -1062,6 +1070,13 @@ foreach my $id (@idlist) {
"keyworddefs READ, groups READ, attachments READ"); "keyworddefs READ, groups READ, attachments READ");
my @oldvalues = SnapShotBug($id); my @oldvalues = SnapShotBug($id);
my %oldhash; my %oldhash;
# Fun hack. @::log_columns only contains the component_id,
# not the name (since bug 43600 got fixed). So, we need to have
# this id ready for the loop below, otherwise anybody can
# change the component of a bug (we checked product above).
# http://bugzilla.mozilla.org/show_bug.cgi?id=180545
my $product_id = get_product_id($::FORM{'product'});
$::FORM{'component_id'} = get_component_id($product_id, $::FORM{'component'});
my $i = 0; my $i = 0;
foreach my $col (@::log_columns) { foreach my $col (@::log_columns) {
# Consider NULL db entries to be equivalent to the empty string # Consider NULL db entries to be equivalent to the empty string
...@@ -1069,9 +1084,17 @@ foreach my $id (@idlist) { ...@@ -1069,9 +1084,17 @@ foreach my $id (@idlist) {
$oldhash{$col} = $oldvalues[$i]; $oldhash{$col} = $oldvalues[$i];
if (exists $::FORM{$col}) { if (exists $::FORM{$col}) {
if (!CheckCanChangeField($col, $id, $oldvalues[$i], $::FORM{$col})) { if (!CheckCanChangeField($col, $id, $oldvalues[$i], $::FORM{$col})) {
$vars->{'oldvalue'} = $oldvalues[$i]; # More fun hacking... don't display component_id
$vars->{'newvalue'} = $::FORM{$col}; if ($col eq 'component_id') {
$vars->{'field'} = $col; $vars->{'oldvalue'} = get_component_name($product_id, $oldhash{'component_id'});
$vars->{'newvalue'} = $::FORM{'component'};
$vars->{'field'} = 'component';
}
else {
$vars->{'oldvalue'} = $oldvalues[$i];
$vars->{'newvalue'} = $::FORM{$col};
$vars->{'field'} = $col;
}
ThrowUserError("illegal_change", undef, "abort"); ThrowUserError("illegal_change", undef, "abort");
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment