diff options
author | bugreport%peshkin.net <> | 2005-10-18 04:19:00 +0000 |
---|---|---|
committer | bugreport%peshkin.net <> | 2005-10-18 04:19:00 +0000 |
commit | 1f9c83ae81c5c81d005fa0d9a428e23ea5126576 (patch) | |
tree | 191cd91527ab952c5d2abe6d3a797bd415937494 /globals.pl | |
parent | 1a84cc52fea5f653e51a6ec43c778d4452351964 (diff) | |
download | bugs-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar bugs-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.gz bugs-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.bz2 bugs-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.tar.xz bugs-1f9c83ae81c5c81d005fa0d9a428e23ea5126576.zip |
Bug 309681 Prevent users from adding another user who shouldn't have access to a bug as assignee or CC member
Patch by Gabriel Sales de Oliveira <gabriel@async.com.br>
r=joel, a=justdave
Diffstat (limited to 'globals.pl')
-rw-r--r-- | globals.pl | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/globals.pl b/globals.pl index 07d12a984..ebbce4c16 100644 --- a/globals.pl +++ b/globals.pl @@ -372,27 +372,6 @@ sub AnyDefaultGroups { return $::CachedAnyDefaultGroups; } -# -# This function checks if, given a product id, the user can edit -# bugs in this product at all. -sub CanEditProductId { - my ($productid) = @_; - my $dbh = Bugzilla->dbh; - my $query = "SELECT group_id FROM group_control_map " . - "WHERE product_id = $productid " . - "AND canedit != 0 "; - if (%{Bugzilla->user->groups}) { - $query .= "AND group_id NOT IN(" . - join(',', values(%{Bugzilla->user->groups})) . ") "; - } - $query .= $dbh->sql_limit(1); - PushGlobalSQLState(); - SendSQL($query); - my ($result) = FetchSQLData(); - PopGlobalSQLState(); - return (!defined($result)); -} - sub IsInClassification { my ($classification,$productname) = @_; |