Bug 505390: Make Bugzilla (and thus the WebService) throw an error when you try to...

Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 8b140e92f606272b1fa44b8526a94717c0a9e006..9b0bac1e19b6b22667e5474b1cf07855aab89811 100644 (file)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -1192,9 +1192,10 @@ sub _check_comment {
 
 sub _check_commentprivacy {
     my ($invocant, $comment_privacy) = @_;
-    my $insider_group = Bugzilla->params->{"insidergroup"};
-    return ($insider_group && Bugzilla->user->in_group($insider_group) 
-            && $comment_privacy) ? 1 : 0;
+    if ($comment_privacy && !Bugzilla->user->is_insider) {
+        ThrowUserError('user_not_insider');
+    }
+    return $comment_privacy ? 1 : 0;
 }
 
 sub _check_comment_type {

diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm
old mode 100755 (executable)
new mode 100644 (file)
index 1f26d12..29af9f7
--- a/Bugzilla/WebService/Bug.pm
+++ b/Bugzilla/WebService/Bug.pm
@@ -1390,6 +1390,10 @@ The id you specified doesn't exist in the database.
 
 You did not have the necessary rights to edit the bug.
 
+=item 113 (Can't Make Private Comments)
+
+You tried to add a private comment, but don't have the necessary rights.
+
 =back
 
 =item B<History>
@@ -1400,6 +1404,9 @@ You did not have the necessary rights to edit the bug.
 
 =item Modified to return the new comment's id in Bugzilla B<3.4>
 
+=item Modified to throw an error if you try to add a private comment
+but can't, in Bugzilla B<3.4>.
+
 =back
 
 =back

diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm
old mode 100755 (executable)
new mode 100644 (file)
index 172d757..2267c92
--- a/Bugzilla/WebService/Constants.pm
+++ b/Bugzilla/WebService/Constants.pm
@@ -87,6 +87,8 @@ use constant WS_ERROR_CODE => {
     # See Also errors
     bug_url_invalid => 112,
     bug_url_too_long => 112,
+    # Insidergroup Errors
+    user_not_insider => 113,
 
     # Authentication errors are usually 300-400.
     invalid_username_or_password => 300,

diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 73b70106776f9c4204c6f50e3f0528569bf42ba6..20bda228e40e98d86ff5f8fc688aff1f8bccf449 100644 (file)
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1150,9 +1150,11 @@
   [% ELSIF error == "no_bugs_in_list" %]
     [% title = "Delete Tag?" %]
     This will remove all [% terms.bugs %] from the
-    [% tag FILTER html %] tag. This will delete the tag completely. Click
+    <em>[% name FILTER html %]</em> tag. This will delete the tag completely. Click
     <a href="buglist.cgi?cmdtype=dorem&amp;remaction=forget&amp;namedcmd=
-    [%- tag FILTER url_quote %]">here</a> if you really want to delete it.
+    [%- name FILTER url_quote %]&amp;token=
+    [%- issue_hash_token([query_id, name]) FILTER url_quote %]">here</a>
+    if you really want to delete it.
 
   [% ELSIF error == "no_bugs_to_remove" %]
     [% title = "No Tag Selected" %]
@@ -1613,6 +1615,11 @@
     <tt>[% name FILTER html %]</tt> does not exist or you are not allowed 
     to see that user.
 
+  [% ELSIF error == "user_not_insider" %]
+    [% title = "User Not In Insidergroup" %]
+    Sorry, but you are not allowed to (un)mark comments or attachments
+    as private.
+
   [% ELSIF error == "votes_must_be_nonnegative" %]
     [% title = "Votes Must Be Non-negative" %]
     [% admindocslinks = {'voting.html' => 'Setting up the voting feature'} %]