Bug 455099: Some methods in Search.pm use the wrong user object to check privs -…

Bug 455099: Some methods in Search.pm use the wrong user object to check privs - Patch by FrÃ©dÃ©ric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit

Bug 455099: Some methods in Search.pm use the wrong user object to check privs -…
3805f522 · lpsolit%gmail.com · ac1f49a8 · 3805f522
Commit 3805f522 authored Sep 15, 2008 by lpsolit%gmail.com
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 43 deletions

Search.pm Bugzilla/Search.pm +8 -43

No files found.
--- a/Bugzilla/Search.pm
+++ b/Bugzilla/Search.pm
@@ -369,7 +369,7 @@ sub init {

    my $sql_deadlinefrom;
    my $sql_deadlineto;
-    if (Bugzilla->user->in_group(Bugzilla->params->{'timetrackinggroup'})){
+    if ($user->is_timetracker) {
      my $deadlinefrom;
      my $deadlineto;
            
@@ -1292,12 +1292,7 @@ sub _commenter_exact {
        $$sequence++;
    }
    my $table = "longdescs_$chartseq";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $user->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                       "ON $table.bug_id = bugs.bug_id $extra " .
                       "AND $table.who IN ($match)");
@@ -1316,12 +1311,7 @@ sub _commenter {
        $$sequence++;
    }
    my $table = "longdescs_$chartseq";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    $$f = "login_name";
    $$ff = "profiles.login_name";
    $$funcsbykey{",$$t"}($self, %func_args);
@@ -1340,12 +1330,7 @@ sub _long_desc {
        @func_args{qw(chartid supptables f)};
    
    my $table = "longdescs_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                       "ON $table.bug_id = bugs.bug_id $extra");
    $$f = "$table.thetext";
@@ -1358,12 +1343,7 @@ sub _longdescs_isprivate {
        @func_args{qw(chartid supptables f)};
    
    my $table = "longdescs_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"}
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"}))
-    {
-        $extra = "AND $table.isprivate < 1";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate < 1";
    push(@$supptables, "LEFT JOIN longdescs AS $table " .
                      "ON $table.bug_id = bugs.bug_id $extra");
    $$f = "$table.isprivate";
@@ -1505,12 +1485,7 @@ sub _attach_data_thedata {
    
    my $atable = "attachments_$$chartid";
    my $dtable = "attachdata_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $atable.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $atable.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $atable " .
                       "ON bugs.bug_id = $atable.bug_id $extra");
    push(@$supptables, "INNER JOIN attach_data AS $dtable " .
@@ -1525,12 +1500,7 @@ sub _attachments_submitter {
        @func_args{qw(chartid supptables f)};
    
    my $atable = "map_attachment_submitter_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"}
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"}))
-    {
-        $extra = "AND $atable.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $atable.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $atable " .
                       "ON bugs.bug_id = $atable.bug_id $extra");
    push(@$supptables, "LEFT JOIN profiles AS attachers_$$chartid " .
@@ -1546,12 +1516,7 @@ sub _attachments {
    my $dbh = Bugzilla->dbh;
    
    my $table = "attachments_$$chartid";
-    my $extra = "";
-    if (Bugzilla->params->{"insidergroup"} 
-        && !Bugzilla->user->in_group(Bugzilla->params->{"insidergroup"})) 
-    {
-        $extra = "AND $table.isprivate = 0";
-    }
+    my $extra = $self->{'user'}->is_insider ? "" : "AND $table.isprivate = 0";
    push(@$supptables, "INNER JOIN attachments AS $table " .
                       "ON bugs.bug_id = $table.bug_id $extra");
    $$f =~ m/^attachments\.(.*)$/;