aboutsummaryrefslogtreecommitdiffstats
path: root/editusers.cgi
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2005-08-14 03:22:11 +0000
committerlpsolit%gmail.com <>2005-08-14 03:22:11 +0000
commit3f7f64ada2722579bea1b437576f7dd6f1b6788e (patch)
treedbf2f215a95b41e42e09fc6b181e65163937e722 /editusers.cgi
parent8afa5934a67c36d0439cc3b2c939bd4c7d9ae9e8 (diff)
downloadbugs-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar
bugs-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar.gz
bugs-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar.bz2
bugs-3f7f64ada2722579bea1b437576f7dd6f1b6788e.tar.xz
bugs-3f7f64ada2722579bea1b437576f7dd6f1b6788e.zip
Bug 284263: Inherited bless permissions without inherited membership do not work - Patch by Marc Schumann <wurblzap@gmail.com> r=joel,LpSolit a=justdave
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-xeditusers.cgi48
1 files changed, 4 insertions, 44 deletions
diff --git a/editusers.cgi b/editusers.cgi
index f628752cd..bada71af7 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -66,7 +66,7 @@ mirrorListSelectionValues();
###########################################################################
if ($action eq 'search') {
# Allow to restrict the search to any group the user is allowed to bless.
- $vars->{'restrictablegroups'} = groupsUserMayBless($user, 'id', 'name');
+ $vars->{'restrictablegroups'} = $user->bless_groups();
$template->process('admin/users/search.html.tmpl', $vars)
|| ThrowTemplateError($template->error());
@@ -315,7 +315,7 @@ if ($action eq 'search') {
# silently.
# XXX: checking for existence of each user_group_map entry
# would allow to display a friendlier error message on page reloads.
- foreach (@{groupsUserMayBless($user, 'id', 'name')}) {
+ foreach (@{$user->bless_groups()}) {
my $id = $$_{'id'};
my $name = $$_{'name'};
@@ -603,7 +603,7 @@ if ($action eq 'search') {
$vars->{'message'} = 'account_deleted';
$vars->{'otheruser'}{'login'} = $otherUserLogin;
- $vars->{'restrictablegroups'} = groupsUserMayBless($user, 'id', 'name');
+ $vars->{'restrictablegroups'} = $user->bless_groups();
$template->process('admin/users/search.html.tmpl', $vars)
|| ThrowTemplateError($template->error());
@@ -628,46 +628,6 @@ sub mirrorListSelectionValues {
}
}
-# Give a list of IDs of groups the user may bless.
-sub groupsUserMayBless {
- my $user = shift;
- my $fieldList = join(', ', @_);
- my $query;
- my $connector;
- my @bindValues;
-
- $user->derive_groups(1);
-
- if ($editusers) {
- $query = "SELECT DISTINCT $fieldList FROM groups";
- $connector = 'WHERE';
- } else {
- $query = qq{SELECT DISTINCT $fieldList
- FROM groups
- LEFT JOIN user_group_map AS ugm
- ON groups.id = ugm.group_id
- LEFT JOIN group_group_map AS ggm
- ON ggm.member_id = ugm.group_id
- AND ggm.grant_type = ?
- WHERE user_id = ?
- AND (ugm.isbless = 1 OR groups.id = ggm.grantor_id)
- };
- @bindValues = (GROUP_BLESS, $userid);
- $connector = 'AND';
- }
-
- # If visibilitygroups are used, restrict the set of groups.
- if (Param('usevisibilitygroups')) {
- # Users need to see a group in order to bless it.
- my $visibleGroups = $user->visible_groups_as_string() || return {};
- $query .= " $connector id in ($visibleGroups)";
- }
-
- $query .= ' ORDER BY name';
-
- return $dbh->selectall_arrayref($query, {'Slice' => {}}, @bindValues);
-}
-
# Retrieve user data for the user editing form. User creation and user
# editing code rely on this to call derive_groups().
sub userDataToVars {
@@ -679,7 +639,7 @@ sub userDataToVars {
$otheruser->derive_groups();
$vars->{'otheruser'} = $otheruser;
- $vars->{'groups'} = groupsUserMayBless($user, 'id', 'name', 'description');
+ $vars->{'groups'} = $user->bless_groups();
$vars->{'permissions'} = $dbh->selectall_hashref(
qq{SELECT id,