# If we are using insiders, and the comment is private, only send
# to insiders
my $insider_ok = 1;
- $insider_ok = 0 if (Bugzilla->params->{"insidergroup"} &&
- ($anyprivate != 0) &&
- (!$user->groups->{Bugzilla->params->{"insidergroup"}}));
+ $insider_ok = 0 if $anyprivate && !$user->is_insider;
# We shouldn't send mail if this is a dependency mail (i.e. there
# is something in @depbugs), and any of the depending bugs are not
next;
}
# Only send estimated_time if it is enabled and the user is in the group
- if (($f ne 'estimated_time' && $f ne 'deadline') ||
- $user->groups->{Bugzilla->params->{'timetrackinggroup'}}) {
-
+ if (($f ne 'estimated_time' && $f ne 'deadline')
+ || $user->is_timetracker)
+ {
my $desc = $fielddescription{$f};
$head .= multiline_sprintf(FORMAT_DOUBLE, ["$desc:", $value],
FORMAT_2_SIZE);
($diff->{'fieldname'} eq 'estimated_time' ||
$diff->{'fieldname'} eq 'remaining_time' ||
$diff->{'fieldname'} eq 'work_time' ||
- $diff->{'fieldname'} eq 'deadline')){
- if ($user->groups->{Bugzilla->params->{"timetrackinggroup"}}) {
- $add_diff = 1;
- }
- } elsif (($diff->{'isprivate'})
- && Bugzilla->params->{'insidergroup'}
- && !($user->groups->{Bugzilla->params->{'insidergroup'}})
- ) {
+ $diff->{'fieldname'} eq 'deadline'))
+ {
+ $add_diff = 1 if $user->is_timetracker;
+ } elsif ($diff->{'isprivate'}
+ && !$user->is_insider)
+ {
$add_diff = 0;
} else {
$add_diff = 1;
sub getVisibleSeries {
my %cats;
- # List of groups the user is in; use -1 to make sure it's not empty.
- my $grouplist = join(", ", (-1, values(%{Bugzilla->user->groups})));
+ my $grouplist = Bugzilla->user->groups_as_string;
# Get all visible series
my $dbh = Bugzilla->dbh;
" ON bug_group_map.bug_id = bugs.bug_id ";
if ($user->id) {
- if (%{$user->groups}) {
- $query .= " AND bug_group_map.group_id NOT IN (" . join(',', values(%{$user->groups})) . ") ";
+ if (scalar @{ $user->groups }) {
+ $query .= " AND bug_group_map.group_id NOT IN ("
+ . $user->groups_as_string . ") ";
}
$query .= " LEFT JOIN cc ON cc.bug_id = bugs.bug_id AND cc.who = " . $user->id;
my $self = shift;
return $self->{groups} if defined $self->{groups};
- return {} unless $self->id;
+ return [] unless $self->id;
my $dbh = Bugzilla->dbh;
- my $groups = $dbh->selectcol_arrayref(q{SELECT DISTINCT groups.name, group_id
- FROM groups, user_group_map
- WHERE groups.id=user_group_map.group_id
- AND user_id=?
- AND isbless=0},
- { Columns=>[1,2] },
- $self->id);
-
- # The above gives us an arrayref [name, id, name, id, ...]
- # Convert that into a hashref
- my %groups = @$groups;
- my @groupidstocheck = values(%groups);
- my %groupidschecked = ();
+ my $groups_to_check = $dbh->selectcol_arrayref(
+ q{SELECT DISTINCT group_id
+ FROM user_group_map
+ WHERE user_id = ? AND isbless = 0}, undef, $self->id);
+
my $rows = $dbh->selectall_arrayref(
- "SELECT DISTINCT groups.name, groups.id, member_id
- FROM group_group_map
- INNER JOIN groups
- ON groups.id = grantor_id
- WHERE grant_type = " . GROUP_MEMBERSHIP);
- my %group_names = ();
- my %group_membership = ();
+ "SELECT DISTINCT grantor_id, member_id
+ FROM group_group_map
+ WHERE grant_type = " . GROUP_MEMBERSHIP);
+
+ my %group_membership;
foreach my $row (@$rows) {
- my ($member_name, $grantor_id, $member_id) = @$row;
- # Just save the group names
- $group_names{$grantor_id} = $member_name;
-
- # And group membership
- push (@{$group_membership{$member_id}}, $grantor_id);
+ my ($grantor_id, $member_id) = @$row;
+ push (@{ $group_membership{$member_id} }, $grantor_id);
}
# Let's walk the groups hierarchy tree (using FIFO)
# On the first iteration it's pre-filled with direct groups
# membership. Later on, each group can add its own members into the
# FIFO. Circular dependencies are eliminated by checking
- # $groupidschecked{$member_id} hash values.
+ # $checked_groups{$member_id} hash values.
# As a result, %groups will have all the groups we are the member of.
- while ($#groupidstocheck >= 0) {
+ my %checked_groups;
+ my %groups;
+ while (scalar(@$groups_to_check) > 0) {
# Pop the head group from FIFO
- my $member_id = shift @groupidstocheck;
+ my $member_id = shift @$groups_to_check;
# Skip the group if we have already checked it
- if (!$groupidschecked{$member_id}) {
+ if (!$checked_groups{$member_id}) {
# Mark group as checked
- $groupidschecked{$member_id} = 1;
+ $checked_groups{$member_id} = 1;
# Add all its members to the FIFO check list
# %group_membership contains arrays of group members
# for all groups. Accessible by group number.
- foreach my $newgroupid (@{$group_membership{$member_id}}) {
- push @groupidstocheck, $newgroupid
- if (!$groupidschecked{$newgroupid});
- }
- # Note on if clause: we could have group in %groups from 1st
- # query and do not have it in second one
- $groups{$group_names{$member_id}} = $member_id
- if $group_names{$member_id} && $member_id;
+ my $members = $group_membership{$member_id};
+ my @new_to_check = grep(!$checked_groups{$_}, @$members);
+ push(@$groups_to_check, @new_to_check);
+
+ $groups{$member_id} = 1;
}
}
- $self->{groups} = \%groups;
+
+ $self->{groups} = Bugzilla::Group->new_from_list([keys %groups]);
return $self->{groups};
}
sub groups_as_string {
my $self = shift;
- return (join(',',values(%{$self->groups})) || '-1');
+ my @ids = map { $_->id } @{ $self->groups };
+ return scalar(@ids) ? join(',', @ids) : '-1';
}
sub bless_groups {
sub in_group {
my ($self, $group, $product_id) = @_;
- if (exists $self->groups->{$group}) {
+ if (scalar grep($_->name eq $group, @{ $self->groups })) {
return 1;
}
elsif ($product_id && detaint_natural($product_id)) {
sub in_group_id {
my ($self, $id) = @_;
- my %j = reverse(%{$self->groups});
- return exists $j{$id} ? 1 : 0;
+ return grep($_->id == $id, @{ $self->groups }) ? 1 : 0;
}
sub get_products_by_permission {
my $sth;
if (Bugzilla->params->{'usevisibilitygroups'}) {
- my $glist = join(',',(-1,values(%{$self->groups})));
+ my $glist = $self->groups_as_string;
$sth = $dbh->prepare("SELECT DISTINCT grantor_id
FROM group_group_map
WHERE member_id IN($glist)
}
}
else {
- @queryshare_groups = values(%{$self->groups});
+ @queryshare_groups = map { $_->id } @{ $self->groups };
}
}
return $self->{'is_global_watcher'};
}
+sub is_timetracker {
+ my $self = shift;
+
+ if (!defined $self->{'is_timetracker'}) {
+ my $tt_group = Bugzilla->params->{'timetrackinggroup'};
+ $self->{'is_timetracker'} =
+ ($tt_group && $self->in_group($tt_group)) ? 1 : 0;
+ }
+ return $self->{'is_timetracker'};
+}
+
sub get_userlist {
my $self = shift;
=item C<groups>
-Returns a hashref of group names for groups the user is a member of. The keys
-are the names of the groups, whilst the values are the respective group ids.
-(This is so that a set of all groupids for groups the user is in can be
-obtained by C<values(%{$user-E<gt>groups})>.)
+Returns an arrayref of L<Bugzilla::Group> objects representing
+groups that this user is a member of.
=item C<groups_as_string>
FROM namedquery_group_map
WHERE namedquery_id = ?',
undef, $id);
- if (!grep {$_ == $group} values(%{$user->groups()})) {
+ if (!grep { $_->id == $group } @{ $user->groups }) {
ThrowUserError("missing_query", {'queryname' => $name,
'sharer_id' => $sharer_id});
}
<programlisting><![CDATA[...
[% ', <a href="editkeywords.cgi">keywords</a>'
- IF user.groups.editkeywords %]
+ IF user.in_group('editkeywords') %]
[% Hook.process("edit") %]
...]]></programlisting>
You then create that template file and add the following constant:
</para>
- <programlisting><![CDATA[...[% ', <a href="edit-projects.cgi">projects</a>' IF user.groups.projman_admins %]]]></programlisting>
+ <programlisting><![CDATA[...[% ', <a href="edit-projects.cgi">projects</a>' IF user.in_group('projman_admins') %]]]></programlisting>
<para>
Voila! The link now appears after the other administration links in the
positive check, which returns 1 (allow) if certain conditions are true,
or a negative check, which returns 0 (deny.) E.g.:
<programlisting> if ($field eq "qacontact") {
- if (Bugzilla->user->groups("quality_assurance")) {
+ if (Bugzilla->user->in_group("quality_assurance")) {
return 1;
}
else {
print $cgi->header();
-exists Bugzilla->user->groups->{'editclassifications'}
+Bugzilla->user->in_group('editclassifications')
|| ThrowUserError("auth_failure", {group => "editclassifications",
action => "edit",
object => "classifications"});
print $cgi->header();
-exists Bugzilla->user->groups->{'admin'} ||
+Bugzilla->user->in_group('admin') ||
ThrowUserError('auth_failure', {group => "admin",
action => "edit",
object => "field_values"});
LEFT JOIN bug_group_map AS bgmap
ON bgmap.bug_id = bugs.bug_id
AND bgmap.group_id NOT IN (" .
- join(', ', (-1, values(%{$user->groups}))) . ")
+ $user->groups_as_string . ")
LEFT JOIN cc AS ccmap
ON ccmap.who = $userid
AND ccmap.bug_id = bugs.bug_id
There are no permission bits set on your account.
[% END %]
- [% IF user.groups.editusers %]
+ [% IF user.in_group('editusers') %]
<br>
You have editusers privileges. You can turn on and off
all permissions for all users.
</table>
[% END %]
- [% IF user.groups.bz_sudoers %]
+ [% IF user.in_group('bz_sudoers') %]
<br>
You are a member of the <b>bz_sudoers</b> group, so you can
<a href="relogin.cgi?action=prepare-sudo">impersonate someone else</a>.
<tr>
<td class="admin_links">
<dl>
- [% class = user.groups.tweakparams ? "" : "forbidden" %]
+ [% class = user.in_group('tweakparams') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editparams.cgi">Parameters</a></dt>
<dd class="[% class %]">Set core parameters of the installation. That's the
place where you specify the URL to access this installation, determine how
which will be used by default for all users. Users will be able to edit their
own preferences from the <a href="userprefs.cgi?tab=settings">Preferences</a>.</dd>
- [% class = user.groups.editcomponents ? "" : "forbidden" %]
+ [% class = user.in_group('editcomponents') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="sanitycheck.cgi">Sanity Check</a></dt>
<dd class="[% class %]">Run sanity checks to locate problems in your database.
This may take several tens of minutes depending on the size of your installation.
You can also automate this check by running <tt>sanitycheck.pl</tt> from a cron job.
A notification will be sent per email to the specified user if errors are detected.</dd>
- [% class = (user.groups.editusers || user.can_bless) ? "" : "forbidden" %]
+ [% class = (user.in_group('editusers') || user.can_bless) ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editusers.cgi">Users</a></dt>
<dd class="[% class %]">Create new user accounts or edit existing ones. You can
also add and remove users from groups (also known as "user privileges").</dd>
- [% class = (Param('useclassification') && user.groups.editclassifications) ? "" : "forbidden" %]
+ [% class = (Param('useclassification') && user.in_group('editclassifications')) ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editclassifications.cgi">Classifications</a></dt>
<dd class="[% class %]">If your installation has to manage many products at once,
it's a good idea to group these products into distinct categories. This lets users
find information more easily when doing searches or when filing new [% terms.bugs %].</dd>
- [% class = (user.groups.editcomponents
+ [% class = (user.in_group('editcomponents')
|| user.get_products_by_permission("editcomponents").size) ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editproducts.cgi">Products</a></dt>
<dd class="[% class %]">Edit all aspects of products, including group restrictions
<a href="editcomponents.cgi">components</a>, <a href="editversions.cgi">versions</a>
and <a href="editmilestones.cgi">milestones</a> directly.</dd>
- [% class = user.groups.editcomponents ? "" : "forbidden" %]
+ [% class = user.in_group('editcomponents') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editflagtypes.cgi">Flags</a></dt>
<dd class="[% class %]">A flag is a custom 4-states attribute of [% terms.bugs %]
and/or attachments. These states are: granted, denied, requested and undefined.
<td class="admin_links">
<dl>
- [% class = user.groups.admin ? "" : "forbidden" %]
+ [% class = user.in_group('admin') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editfields.cgi">Custom Fields</a></dt>
<dd class="[% class %]">[% terms.Bugzilla %] lets you define fields which are
not implemented by default, based on your local and specific requirements.
statuses available on [% terms.bug %] creation and allowed [% terms.bug %] status
transitions when editing existing [% terms.bugs %].</dd>
- [% class = user.groups.creategroups ? "" : "forbidden" %]
+ [% class = user.in_group('creategroups') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editgroups.cgi">Groups</a></dt>
<dd class="[% class %]">Define groups which will be used in the installation.
They can either be used to define new user privileges or to restrict the access
to some [% terms.bugs %].</dd>
- [% class = user.groups.editkeywords ? "" : "forbidden" %]
+ [% class = user.in_group('editkeywords') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editkeywords.cgi">Keywords</a></dt>
<dd class="[% class %]">Set keywords to be used with [% terms.bugs %]. Keywords
are an easy way to "tag" [% terms.bugs %] to let you find them more easily later.</dd>
- [% class = user.groups.bz_canusewhines ? "" : "forbidden" %]
+ [% class = user.in_group('bz_canusewhines') ? "" : "forbidden" %]
<dt class="[% class %]"><a href="editwhines.cgi">Whining</a></dt>
<dd class="[% class %]">Set queries which will be run at some specified date
and time, and get the result of these queries directly per email. This is a
[% IF param_name.defined && Param(param_name) == value %]
<li>'[% value FILTER html %]' is the default value for
the '[% field.description FILTER html %]' field.
- [% IF user.groups.tweakparams %]
+ [% IF user.in_group('tweakparams') %]
You first have to <a href="editparams.cgi?section=bugfields#
[%- param_name FILTER url_quote %]">change the default value</a> for
this field before you can delete this value.
<td>
[% IF otheruser.groups.size %]
<ul>
- [% FOREACH group = otheruser.groups.keys %]
- <li>[% group FILTER html %]</li>
+ [% FOREACH group = otheruser.groups %]
+ <li>[% group.name FILTER html %]</li>
[% END %]
</ul>
[% ELSE %]
<input size="64" maxlength="255" name="login"
id="login" value="[% otheruser.login FILTER html %]" />
[% IF editform %]
- [% IF !otheruser.groups.bz_sudo_protect %]
+ [% IF !otheruser.in_group('bz_sudo_protect') %]
<br />
<a href="relogin.cgi?action=prepare-sudo&target_login=
[%- otheruser.login FILTER url_quote %]">Impersonate this user</a>
| <a href="attachment.cgi?id=[% attachment.id %]&action=diff">Diff</a>
[% END %]
[% IF Param("allow_attachment_deletion")
- && user.groups.admin
+ && user.in_group('admin')
&& attachment.datasize > 0 %]
| <a href="attachment.cgi?id=[% attachment.id %]&action=delete">Delete</a>
[% END %]
[% IF ids.size %]
([% IF maxdepth -%]Up to [% maxdepth %] level[% "s" IF maxdepth > 1 %] deep | [% END -%]
<a href="buglist.cgi?bug_id=[% ids.join(",") %]">view as [% terms.bug %] list</a>
- [% IF user.groups.editbugs && ids.size > 1 %]
+ [% IF user.in_group('editbugs') && ids.size > 1 %]
| <a href="buglist.cgi?bug_id=[% ids.join(",") %]&tweak=1">change several</a>
[% END %])
<ul class="tree">
[% IF user.login %]
<li><span class="separator">| </span><a href="userprefs.cgi">Preferences</a></li>
- [% IF user.groups.tweakparams || user.groups.editusers || user.can_bless
- || (Param('useclassification') && user.groups.editclassifications)
- || user.groups.editcomponents || user.groups.admin || user.groups.creategroups
- || user.groups.editkeywords || user.groups.bz_canusewhines
+ [% IF user.in_group('tweakparams') || user.in_group('editusers') || user.can_bless
+ || (Param('useclassification') && user.in_group('editclassifications'))
+ || user.in_group('editcomponents') || user.in_group('admin') || user.in_group('creategroups')
+ || user.in_group('editkeywords') || user.in_group('bz_canusewhines')
|| user.get_products_by_permission("editcomponents").size %]
<li><span class="separator">| </span><a href="admin.cgi">Administration</a></li>
[% END %]
[%# *** Bugzilla Administration Tools *** %]
[% IF user.login %]
[% '<link rel="Administration" title="Parameters"
- href="editparams.cgi">' IF user.groups.tweakparams %]
+ href="editparams.cgi">' IF user.in_group('tweakparams') %]
[% '<link rel="Administration" title="Users"
- href="editusers.cgi">' IF user.groups.editusers %]
+ href="editusers.cgi">' IF user.in_group('editusers') %]
[% '<link rel="Administration" title="Products" href="editproducts.cgi">'
- IF user.groups.editcomponents || user.get_products_by_permission("editcomponents").size %]
+ IF user.in_group('editcomponents') || user.get_products_by_permission("editcomponents").size %]
[% '<link rel="Administration" title="Flag Types"
- href="editflagtypes.cgi">' IF user.groups.editcomponents %]
+ href="editflagtypes.cgi">' IF user.in_group('editcomponents') %]
[% '<link rel="Administration" title="Groups"
- href="editgroups.cgi">' IF user.groups.creategroups %]
+ href="editgroups.cgi">' IF user.in_group('creategroups') %]
[% '<link rel="Administration" title="Keywords"
- href="editkeywords.cgi">' IF user.groups.editkeywords %]
+ href="editkeywords.cgi">' IF user.in_group('editkeywords') %]
[% '<link rel="Administration" title="Whining"
- href="editwhines.cgi">' IF user.groups.bz_canusewhines %]
+ href="editwhines.cgi">' IF user.in_group('bz_canusewhines') %]
[% '<link rel="Administration" title="Sanity Check"
- href="sanitycheck.cgi">' IF user.groups.editcomponents %]
+ href="sanitycheck.cgi">' IF user.in_group('editcomponents') %]
[% END %]
[% END %]
[% title = "Specified Field Value Is Default" %]
'[% value FILTER html %]' is the default value for
the '[% field.description FILTER html %]' field and cannot be deleted.
- [% IF user.groups.tweakparams %]
+ [% IF user.in_group('tweakparams') %]
You have to <a href="editparams.cgi?section=bugfields#
[%- param_name FILTER url_quote %]">change</a> the default value first.
[% END %]
<p>
<font color="red">
Your quip '<tt>[% added_quip FILTER html %]</tt>' has been added.
- [% IF Param("quip_list_entry_control") == "moderated" AND !user.groups.admin %]
+ [% IF Param("quip_list_entry_control") == "moderated" AND !user.in_group('admin') %]
It will be used as soon as it gets approved.
[% END %]
</font>
<p>
You can extend the quip list. Type in something clever or funny or boring
(but not obscene or offensive, please) and bonk on the button.
- [% IF Param("quip_list_entry_control") == "moderated" AND !user.groups.admin %]
+ [% IF Param("quip_list_entry_control") == "moderated" AND !user.in_group('admin') %]
Note that your quip has to be approved before it is used.
[% END %]
</p>
</p>
<p id="message">
- [% IF user.groups.bz_sudoers %]
+ [% IF user.in_group('bz_sudoers') %]
You are a member of the <b>bz_sudoers</b> group. You may use this
feature to impersonate others.
[% ELSE %]
You are not a member of an appropriate group. You may not use this
feature.
[% END %]
- [% IF user.groups.bz_sudo_protect %]
+ [% IF user.in_group('bz_sudo_protect') %]
<br>
You are a member of the <b>bz_sudo_protect</b> group. Other people will
not be able to use this feature to impersonate you.
[% IF user.id %]
<text class="text-link" onclick="load_relative_url('userprefs.cgi')" value="edit prefs"/>
- [%- IF user.groups.tweakparams %]
+ [%- IF user.in_group('tweakparams') %]
<text class="text-link" onclick="load_relative_url('editparams.cgi')" value="edit params"/>
<text class="text-link" onclick="load_relative_url('editsettings.cgi')" value="edit default preferences"/>
[%- END %]
- [%- IF user.groups.editusers || user.can_bless %]
+ [%- IF user.in_group('editusers') || user.can_bless %]
<text class="text-link" onclick="load_relative_url('editusers.cgi')" value="edit users"/>
[%- END %]
- [%- IF Param('useclassification') && user.groups.editclassifications %]
+ [%- IF Param('useclassification') && user.in_group('editclassifications') %]
<text class="text-link" onclick="load_relative_url('editclassifications.cgi')" value="edit classifications"/>
[%- END %]
- [%- IF user.groups.editcomponents %]
+ [%- IF user.in_group('editcomponents') %]
<text class="text-link" onclick="load_relative_url('editcomponents.cgi')" value="edit components"/>
<text class="text-link" onclick="load_relative_url('editflagtypes.cgi')" value="edit flags"/>
<text class="text-link" onclick="load_relative_url('editvalues.cgi')" value="edit field values"/>
[%- END %]
- [%- IF user.groups.creategroups %]
+ [%- IF user.in_group('creategroups') %]
<text class="text-link" onclick="load_relative_url('editgroups.cgi')" value="edit groups"/>
[%- END %]
- [%- IF user.groups.editkeywords %]
+ [%- IF user.in_group('editkeywords') %]
<text class="text-link" onclick="load_relative_url('editkeywords.cgi')" value="edit keywords"/>
[%- END %]
- [%- IF user.groups.bz_canusewhines %]
+ [%- IF user.in_group('bz_canusewhines') %]
<text class="text-link" onclick="load_relative_url('editwhines.cgi')" value="edit whining"/>
[%- END %]
- [%- IF user.groups.editcomponents %]
+ [%- IF user.in_group('editcomponents') %]
<text class="text-link" onclick="load_relative_url('sanitycheck.cgi')" value="sanity check"/>
[%- END %]
[%- IF user.authorizer.can_logout %]
projects / thirdparty / bugzilla.git / commitdiff
