Display all possible state transitions in a bug if the user is not

logged in.  Since they haven't logged in, we don't know what they will
be allowed to do.  And users who disable cookies tend to pretty often
not be logged in.

diff --git a/bug_form.pl b/bug_form.pl
index 520949a3699c59d715fcff817d74e16cbb00ab39..a556867f21918868c30f27988c9ec590a9b0c3d8 100644 (file)
--- a/bug_form.pl
+++ b/bug_form.pl
@@ -460,11 +460,18 @@ my $knum = 1;
 
 my $status = $bug{'bug_status'};
 
-my $canedit = UserInGroup("editbugs");
+# In the below, if the person hasn't logged in ($::userid == 0), then
+# we treat them as if they can do anything.  That's because we don't
+# know why they haven't logged in; it may just be because they don't
+# use cookies.  Display everything as if they have all the permissions
+# in the world; their permissions will get checked when they log in
+# and actually try to make the change.
+
+my $canedit = UserInGroup("editbugs") || ($::userid == 0);
 my $canconfirm;
 
 if ($status eq $::unconfirmedstate) {
-    $canconfirm = UserInGroup("canconfirm");
+    $canconfirm = UserInGroup("canconfirm") || ($::userid == 0);
     if ($canedit || $canconfirm) {
         print "<INPUT TYPE=radio NAME=knob VALUE=confirm>";
        print "Confirm bug (change status to <b>NEW</b>)<br>";
@@ -473,8 +480,8 @@ if ($status eq $::unconfirmedstate) {
 }
 
 
-if ($::userid && ($canedit || $::userid == $assignedtoid ||
-                  $::userid == $reporterid || $::userid == $qacontactid)) {
+if ($canedit || $::userid == $assignedtoid ||
+      $::userid == $reporterid || $::userid == $qacontactid) {
     if (IsOpenedState($status)) {
         if ($status ne "ASSIGNED") {
             print "<INPUT TYPE=radio NAME=knob VALUE=accept>";

diff --git a/process_bug.cgi b/process_bug.cgi
index 1e25ef8612927197f87be1cabdab5ccf8f630231..5b5b9e44eb08739178e9fe1c5afab0ffefd44dab 100755 (executable)
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -279,6 +279,9 @@ sub ChangeStatus {
         } else {
             $::query .= "bug_status = '$str'";
         }
+        $::FORM{'bug_status'} = $str; # Used later for call to
+                                      # CheckCanChangeField to make sure this
+                                      # is really kosher.
     }
 }