Commit e5164f3e authored by mkanat%bugzilla.org's avatar mkanat%bugzilla.org

Bug 505390: Make Bugzilla (and thus the WebService) throw an error when you try…

Bug 505390: Make Bugzilla (and thus the WebService) throw an error when you try to add a private comment but aren't an insider. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
parent c9ce039e
...@@ -1192,9 +1192,10 @@ sub _check_comment { ...@@ -1192,9 +1192,10 @@ sub _check_comment {
sub _check_commentprivacy { sub _check_commentprivacy {
my ($invocant, $comment_privacy) = @_; my ($invocant, $comment_privacy) = @_;
my $insider_group = Bugzilla->params->{"insidergroup"}; if ($comment_privacy && !Bugzilla->user->is_insider) {
return ($insider_group && Bugzilla->user->in_group($insider_group) ThrowUserError('user_not_insider');
&& $comment_privacy) ? 1 : 0; }
return $comment_privacy ? 1 : 0;
} }
sub _check_comment_type { sub _check_comment_type {
......
...@@ -1536,6 +1536,10 @@ The id you specified doesn't exist in the database. ...@@ -1536,6 +1536,10 @@ The id you specified doesn't exist in the database.
You did not have the necessary rights to edit the bug. You did not have the necessary rights to edit the bug.
=item 113 (Can't Make Private Comments)
You tried to add a private comment, but don't have the necessary rights.
=back =back
=item B<History> =item B<History>
...@@ -1546,6 +1550,9 @@ You did not have the necessary rights to edit the bug. ...@@ -1546,6 +1550,9 @@ You did not have the necessary rights to edit the bug.
=item Modified to return the new comment's id in Bugzilla B<3.4> =item Modified to return the new comment's id in Bugzilla B<3.4>
=item Modified to throw an error if you try to add a private comment
but can't, in Bugzilla B<3.4>.
=back =back
=back =back
......
...@@ -87,6 +87,8 @@ use constant WS_ERROR_CODE => { ...@@ -87,6 +87,8 @@ use constant WS_ERROR_CODE => {
# See Also errors # See Also errors
bug_url_invalid => 112, bug_url_invalid => 112,
bug_url_too_long => 112, bug_url_too_long => 112,
# Insidergroup Errors
user_not_insider => 113,
# Authentication errors are usually 300-400. # Authentication errors are usually 300-400.
invalid_username_or_password => 300, invalid_username_or_password => 300,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment