diff options
| author | Simon Green <sgreen@redhat.com> | 2014-10-06 14:49:38 +0000 |
|---|---|---|
| committer | David Lawrence <dkl@mozilla.com> | 2014-10-06 14:49:38 +0000 |
| commit | fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d (patch) | |
| tree | 01b1eeaeeecd240a743cb280e2dbf101ad2aac37 | |
| parent | f33b119d68d21074d08a6bd72f960319276e182b (diff) | |
| download | bugs-fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d.tar bugs-fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d.tar.gz bugs-fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d.tar.bz2 bugs-fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d.tar.xz bugs-fa954ab78cc60aba43aedb85e2b4f98d56d7bf9d.zip | |
Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients who aren't in the insider group
r=glob,a=glob
| -rw-r--r-- | Bugzilla/Bug.pm | 15 | ||||
| -rw-r--r-- | Bugzilla/Flag.pm | 28 | ||||
| -rw-r--r-- | template/en/default/email/flagmail.txt.tmpl | 13 |
3 files changed, 38 insertions, 18 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm index a92a7077b..aa5085fe7 100644 --- a/Bugzilla/Bug.pm +++ b/Bugzilla/Bug.pm @@ -1030,12 +1030,6 @@ sub update { join(', ', @added_names)]; } - # Flags - my ($removed, $added) = Bugzilla::Flag->update_flags($self, $old_bug, $delta_ts); - if ($removed || $added) { - $changes->{'flagtypes.name'} = [$removed, $added]; - } - # Comments foreach my $comment (@{$self->{added_comments} || []}) { # Override the Comment's timestamp to be identical to the update @@ -1058,6 +1052,9 @@ sub update { $user->id, $delta_ts, $comment->id); } + # Clear the cache of comments + delete $self->{comments}; + # Insert the values into the multiselect value tables my @multi_selects = grep {$_->type == FIELD_TYPE_MULTI_SELECT} Bugzilla->active_custom_fields; @@ -1090,6 +1087,12 @@ sub update { join(', ', map { $_->name } @$added_see)]; } + # Flags + my ($removed, $added) = Bugzilla::Flag->update_flags($self, $old_bug, $delta_ts); + if ($removed || $added) { + $changes->{'flagtypes.name'} = [$removed, $added]; + } + $_->update foreach @{ $self->{_update_ref_bugs} || [] }; delete $self->{_update_ref_bugs}; diff --git a/Bugzilla/Flag.pm b/Bugzilla/Flag.pm index 772a39325..50474b885 100644 --- a/Bugzilla/Flag.pm +++ b/Bugzilla/Flag.pm @@ -1124,18 +1124,32 @@ sub notify { $default_lang = Bugzilla::User->new()->setting('lang'); } + # Get comments on the bug + my $all_comments = $bug->comments({ after => $bug->lastdiffed }); + @$all_comments = grep { $_->type || $_->body =~ /\S/ } @$all_comments; + + # Get public only comments + my $public_comments = [ grep { !$_->is_private } @$all_comments ]; + foreach my $to (keys %recipients) { # Add threadingmarker to allow flag notification emails to be the # threaded similar to normal bug change emails. my $thread_user_id = $recipients{$to} ? $recipients{$to}->id : 0; - my $vars = { 'flag' => $flag, - 'old_flag' => $old_flag, - 'to' => $to, - 'date' => $timestamp, - 'bug' => $bug, - 'attachment' => $attachment, - 'threadingmarker' => build_thread_marker($bug->id, $thread_user_id) }; + # We only want to show private comments to users in the is_insider group + my $comments = $recipients{$to} && $recipients{$to}->is_insider + ? $all_comments : $public_comments; + + my $vars = { + flag => $flag, + old_flag => $old_flag, + to => $to, + date => $timestamp, + bug => $bug, + attachment => $attachment, + threadingmarker => build_thread_marker($bug->id, $thread_user_id), + new_comments => $comments, + }; my $lang = $recipients{$to} ? $recipients{$to}->setting('lang') : $default_lang; diff --git a/template/en/default/email/flagmail.txt.tmpl b/template/en/default/email/flagmail.txt.tmpl index d0e1395e2..cf64d9661 100644 --- a/template/en/default/email/flagmail.txt.tmpl +++ b/template/en/default/email/flagmail.txt.tmpl @@ -68,11 +68,14 @@ Attachment [% attidsummary %] [%- FILTER bullet = wrap(80) %] -[% USE Bugzilla %] -[%-# .defined is necessary to avoid a taint issue, see bug 509794. %] -[% IF Bugzilla.cgi.param("comment").defined && Bugzilla.cgi.param("comment").length > 0 %] -------- Additional Comments from [% user.identity %] -[%+ Bugzilla.cgi.param("comment") FILTER strip_control_chars %] +[% FOREACH comment = new_comments %] + +[%- IF comment.count %] +--- Comment #[% comment.count %] from [% comment.author.identity %] --- +[% ELSE %] +--- Description --- +[% END %] +[%+ comment.body_full({ is_bugmail => 1, wrap => 1 }) FILTER strip_control_chars %] [% END %] [%- END %] |