Skip to content

Commit 77a3c5b

Browse files
committed
Bug 616679: A user with local editcomponents privs should be able to set the grant and request groups to groups the user belongs to only
a=LpSolit
1 parent 846ac8a commit 77a3c5b

2 files changed

Lines changed: 20 additions & 5 deletions

File tree

editflagtypes.cgi

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@ if (my ($category_action) = grep { $_ =~ /^categoryAction-(?:\w+)$/ } $cgi->para
122122
}
123123
}
124124

125-
$vars->{'groups'} = [Bugzilla::Group->get_all];
125+
$vars->{'groups'} = get_settable_groups();
126126
$vars->{'action'} = $action;
127127

128128
my $type = {};
@@ -226,7 +226,7 @@ if ($action eq 'enter') {
226226
if $user->in_group('editcomponents');
227227
$vars->{'can_fully_edit'} = 1;
228228
# Get a list of groups available to restrict this flag type against.
229-
$vars->{'groups'} = [Bugzilla::Group->get_all];
229+
$vars->{'groups'} = get_settable_groups();
230230

231231
$template->process("admin/flag-type/edit.html.tmpl", $vars)
232232
|| ThrowTemplateError($template->error());
@@ -258,7 +258,7 @@ if ($action eq 'edit' || $action eq 'copy') {
258258
}
259259

260260
# Get a list of groups available to restrict this flag type against.
261-
$vars->{'groups'} = [Bugzilla::Group->get_all];
261+
$vars->{'groups'} = get_settable_groups();
262262

263263
$template->process("admin/flag-type/edit.html.tmpl", $vars)
264264
|| ThrowTemplateError($template->error());
@@ -490,6 +490,12 @@ sub get_editable_flagtypes {
490490
return $flagtypes;
491491
}
492492

493+
sub get_settable_groups {
494+
my $user = Bugzilla->user;
495+
my $groups = $user->in_group('editcomponents') ? [Bugzilla::Group->get_all] : $user->groups;
496+
return $groups;
497+
}
498+
493499
sub filter_group {
494500
my ($flag_types, $gid) = @_;
495501
return $flag_types unless $gid;

template/en/default/admin/flag-type/edit.html.tmpl

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -252,10 +252,19 @@
252252
[% BLOCK group_select %]
253253
<select name="[% selname %]" id="[% selname %]" [%- ' disabled="disabled"' UNLESS can_fully_edit %]>
254254
<option value="">(no group)</option>
255+
[% group_found = 0 %]
255256
[% FOREACH group = groups %]
256257
<option value="[% group.name FILTER html %]"
257-
[% " selected" IF (type.${selname} && type.${selname}.name == group.name) %]>
258-
[%- group.name FILTER html %]
258+
[% IF type.${selname} && type.${selname}.name == group.name %]
259+
[% ' selected="selected"' %]
260+
[% group_found = 1 %]
261+
[% END %]>
262+
[%- group.name FILTER html ~%]
263+
</option>
264+
[% END %]
265+
[% IF !group_found && type.${selname} %]
266+
<option value="[% type.${selname}.name FILTER html %]" selected="selected">
267+
[%- type.${selname}.name FILTER html ~%]
259268
</option>
260269
[% END %]
261270
</select>

0 commit comments

Comments
 (0)