Bug 144565 - describecomponents.cgi shows wrong components when user has

access to only one product
Bug 145113 - describecomponents doesn't call quietly_check_login()
r=justdave, gerv

diff --git a/describecomponents.cgi b/describecomponents.cgi
index 8d2c219f4b40431d308f1cd07f83578c3f546a56..8ae98260b3b5a098944f71f0b259034600e17e39 100755 (executable)
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -36,13 +36,15 @@ require "CGI.pl";
 ConnectToDatabase();
 GetVersionTable();
 
+quietly_check_login();
+
 if (!defined $::FORM{'product'}) {
     # Reference to a subset of %::proddesc, which the user is allowed to see
     my %products;
 
     if (Param("usebuggroups")) {
         # OK, now only add products the user can see
-        confirm_login();
+        confirm_login() unless $::userid;
         foreach my $p (@::legal_product) {
             if (!GroupExists($p) || UserInGroup($p)) {
                 $products{$p} = $::proddesc{$p};
@@ -72,7 +74,7 @@ if (!defined $::FORM{'product'}) {
         exit;
     }
 
-    $::FORM{'product'} = (keys %::proddesc)[0];
+    $::FORM{'product'} = (keys %products)[0];
 }
 
 my $product = $::FORM{'product'};
@@ -88,8 +90,8 @@ grep($product eq $_ , @::legal_product)
   && exit;
 
 # Make sure the user is authorized to access this product.
-if (Param("usebuggroups") && GroupExists($product) && !$::userid) {
-    confirm_login();
+if (Param("usebuggroups") && GroupExists($product)) {
+    confirm_login() unless $::userid;
     UserInGroup($product)
       || DisplayError("You are not authorized to access that product.")
         && exit;