From: jocuri%softhome.net <>
Date: Tue, 13 Jul 2004 12:12:29 +0000 (+0000)
Subject: Patch for bug 190222: templatize editgroups.cgi; r=joel, a=justdave.
X-Git-Tag: bugzilla-2.19.1~164
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac8796ba2733be5e0e618148ee12488cc567d34e;p=thirdparty%2Fbugzilla.git

Patch for bug 190222: templatize editgroups.cgi; r=joel, a=justdave.
---

diff --git a/editgroups.cgi b/editgroups.cgi
index 1b2f0d3df6..29e28dd9a0 100755
--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -32,22 +32,17 @@ use Bugzilla;
 use Bugzilla::Constants;
 require "CGI.pl";
 
+my $cgi = Bugzilla->cgi;
+
 use vars qw($template $vars);
 
 Bugzilla->login(LOGIN_REQUIRED);
 
 print Bugzilla->cgi->header();
 
-if (!UserInGroup("creategroups")) {
-    PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!");
-    print "<H1>Sorry, you aren't a member of the 'creategroups' group.</H1>\n";
-    print "And so, you aren't allowed to edit the groups.\n";
-    print "<p>\n";
-    PutFooter();
-    exit;
-}
+ThrowUserError("auth_cant_edit_groups") unless UserInGroup("creategroups");
 
-my $action  = trim($::FORM{action} || '');
+my $action = trim($cgi->param('action') || '');
 
 # RederiveRegexp: update user_group_map with regexp-based grants
 sub RederiveRegexp ($$)
@@ -85,108 +80,40 @@ sub TestGroup ($)
     return FetchOneColumn();
 }
 
-sub ShowError ($)
-{
-    my $msgtext = shift;
-    print "<TABLE BGCOLOR=\"#FF0000\" CELLPADDING=15><TR><TD>";
-    print "<B>$msgtext</B>";
-    print "</TD></TR></TABLE><P>";
-    return 1;
-}
-
-#
-# Displays a text like "a.", "a or b.", "a, b or c.", "a, b, c or d."
-#
-
-sub PutTrailer (@)
-{
-    my (@links) = ("Back to the <a href=\"./\">index</a>", @_);
-
-    my $count = $#links;
-    my $num = 0;
-    print "<P>\n";
-    foreach (@links) {
-        print $_;
-        if ($num == $count) {
-            print ".\n";
-        }
-        elsif ($num == $count-1) {
-            print " or ";
-        }
-        else {
-            print ", ";
-        }
-        $num++;
-    }
-    PutFooter();
-}
-
 #
 # action='' -> No action specified, get a list.
 #
 
 unless ($action) {
-    PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in.");
-
-    print "<table border=1>\n";
-    print "<tr>";
-    print "<th>Name</th>";
-    print "<th>Description</th>";
-    print "<th>User RegExp</th>";
-    print "<th>Use For Bugs</th>";
-    print "<th>Type</th>";
-    print "<th>Action</th>";
-    print "</tr>\n";
+    my @groups;
 
     SendSQL("SELECT id,name,description,userregexp,isactive,isbuggroup " .
             "FROM groups " .
             "ORDER BY isbuggroup, name");
 
     while (MoreSQLData()) {
-        my ($groupid, $name, $desc, $regexp, $isactive, $isbuggroup) = FetchSQLData();
-        print "<tr>\n";
-        print "<td>" . html_quote($name) . "</td>\n";
-        print "<td>" . html_quote($desc) . "</td>\n";
-        print "<td>" . html_quote($regexp) . "&nbsp</td>\n";
-        print "<td align=center>";
-        print "X" if (($isactive != 0) && ($isbuggroup != 0));
-        print "&nbsp</td>\n";
-        print "<td> &nbsp ";
-        print (($isbuggroup == 0 ) ? "system" : "user"); 
-        print "&nbsp</td>\n";
-        print "<td align=center valign=middle>
-               <a href=\"editgroups.cgi?action=changeform&group=$groupid\">Edit</a>";
-        print " | <a href=\"editgroups.cgi?action=del&group=$groupid\">Delete</a>" if ($isbuggroup != 0);
-        print "</td></tr>\n";
+        my ($id, $name, $description, $regexp, $isactive, $isbuggroup)
+            = FetchSQLData();
+        my $group = {};
+        $group->{'id'}          = $id;
+        $group->{'name'}        = $name;
+        $group->{'description'} = $description;
+        $group->{'regexp'}      = $regexp;
+        $group->{'isactive'}    = $isactive;
+        $group->{'isbuggroup'}  = $isbuggroup;
+
+        push(@groups, $group);
     }
 
-    print "<tr>\n";
-    print "<td colspan=5></td>\n";
-    print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n";
-    print "</tr>\n";
-    print "</table>\n";
-    print "<p>";
-    print "<b>Name</b> is what is used with the UserInGroup() function in any
-customized cgi files you write that use a given group.  It can also be used by
-people submitting bugs by email to limit a bug to a certain set of groups. <p>";
-    print "<b>Description</b> is what will be shown in the bug reports to
-members of the group where they can choose whether the bug will be restricted
-to others in the same group.<p>";
-    print "<b>User RegExp</b> is optional, and if filled in, will automatically
-grant membership to this group to anyone with an
-email address that matches this perl regular expression. Do not forget the trailing \'\$\'.  Example \'\@mycompany\\.com\$\'<p>";
-    print "The <b>Use For Bugs</b> flag determines whether or not the group is eligible to be used for bugs.
-If you remove this flag, it will no longer be possible for users to add bugs
-to this group, although bugs already in the group will remain in the group.
-Doing so is a much less drastic way to stop a group from growing
-than deleting the group as well as a way to maintain lists of users without cluttering the lists of groups used for bug restrictions.<p>";
-    print "The <b>Type</b> field identifies system groups.<p>";  
-
-    PutFooter();
+    $vars->{'groups'} = \@groups;
+    
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/list.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
+
     exit;
 }
 
-#
 #
 # action='changeform' -> present form for altering an existing group
 #
@@ -194,75 +121,21 @@ than deleting the group as well as a way to maintain lists of users without clut
 #
 
 if ($action eq 'changeform') {
-    PutHeader("Change Group");
-
-    my $gid = trim($::FORM{group} || '');
+    my $gid = trim($cgi->param('group') || '');
+    ThrowUserError("group_not_specified") unless ($gid);
     detaint_natural($gid);
-    unless ($gid) {
-        ShowError("No group specified.<BR>" .
-                  "Click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
 
     SendSQL("SELECT id, name, description, userregexp, isactive, isbuggroup
-             FROM groups WHERE id=$gid");
+             FROM groups WHERE id = $gid");
     my ($group_id, $name, $description, $rexp, $isactive, $isbuggroup) 
         = FetchSQLData();
 
-    print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
-    print "<TABLE BORDER=1 CELLPADDING=4>";
-    print "<TR><TH>Group:</TH><TD>";
-    if ($isbuggroup == 0) {
-        print html_quote($name);
-    } else {
-        print "<INPUT TYPE=HIDDEN NAME=\"oldname\" VALUE=\"" . 
-        html_quote($name) . "\">
-        <INPUT SIZE=60 NAME=\"name\" VALUE=\"" . html_quote($name) . "\">";
-    }
-    print "</TD></TR><TR><TH>Description:</TH><TD>";
-    if ($isbuggroup == 0) {
-        print html_quote($description);
-    } else {
-        print "<INPUT TYPE=HIDDEN NAME=\"olddesc\" VALUE=\"" .
-        html_quote($description) . "\">
-        <INPUT SIZE=70 NAME=\"desc\" VALUE=\"" . 
-            html_quote($description) . "\">";
-    }
-    print "</TD></TR><TR>
-           <TH>User Regexp:</TH><TD>";
-    print "<INPUT TYPE=HIDDEN NAME=\"oldrexp\" VALUE=\"" . 
-           html_quote($rexp) . "\">
-           <INPUT SIZE=40 NAME=\"rexp\" VALUE=\"" . 
-           html_quote($rexp) . "\"></TD></TR>";
-    if ($isbuggroup == 1) {
-        print "<TR><TH>Use For Bugs:</TH><TD>
-        <INPUT TYPE=checkbox NAME =\"isactive\" VALUE=1 " . (($isactive == 1) ? "CHECKED" : "") . ">
-        <INPUT TYPE=HIDDEN NAME=\"oldisactive\" VALUE=$isactive>
-        </TD>
-        </TR>";
-    }
-    print "</TABLE>
-           <BR>
-           Users become members of this group in one of three ways:
-           <BR>
-           - by being explicity included when the user is edited
-           <BR>
-           - by matching the user regexp above
-           <BR>
-           - by being a member of one of the groups included in this group
-           by checking the boxes  
-           below. <P>\n";
-
-    print "<TABLE>";
-    print "<TR><TD COLSPAN=4>Members of these groups can grant membership to this group</TD></TR>";
-    print "<TR><TD ALIGN=CENTER>|</TD><TD COLSPAN=3>Members of these groups are included in this group</TD></TR>";
-    print "<TR><TD ALIGN=CENTER>|</TD><TD ALIGN=CENTER>|</TD><TD COLSPAN=2></TD><TR>";
-
     # For each group, we use left joins to establish the existence of
     # a record making that group a member of this group
     # and the existence of a record permitting that group to bless
     # this one
+
+    my @groups;
     SendSQL("SELECT groups.id, groups.name, groups.description," .
              " group_group_map.member_id IS NOT NULL," .
              " B.member_id IS NOT NULL" .
@@ -279,47 +152,28 @@ if ($action eq 'changeform') {
 
     while (MoreSQLData()) {
         my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember) = FetchSQLData();
-        my $grpchecked = $grpmember ? "CHECKED" : "";
-        my $blesschecked = $blessmember ? "CHECKED" : "";
-        print "<TR>";
-        print "<TD><INPUT TYPE=checkbox NAME=\"bless-$grpid\" $blesschecked VALUE=1>";
-        print "<INPUT TYPE=HIDDEN NAME=\"oldbless-$grpid\" VALUE=$blessmember></TD>";
-        print "<TD><INPUT TYPE=checkbox NAME=\"grp-$grpid\" $grpchecked VALUE=1>";
-        print "<INPUT TYPE=HIDDEN NAME=\"oldgrp-$grpid\" VALUE=$grpmember></TD>";
-        print "<TD><B>" . html_quote($grpnam) . "</B></TD>";
-        print "<TD>" . html_quote($grpdesc) . "</TD>";
-        print "</TR>\n";
+
+        my $group = {};
+        $group->{'grpid'}       = $grpid;
+        $group->{'grpnam'}      = $grpnam;
+        $group->{'grpdesc'}     = $grpdesc;
+        $group->{'grpmember'}   = $grpmember;
+        $group->{'blessmember'} = $blessmember;
+        push(@groups, $group);
     }
 
-    print "</TABLE><BR>";
-    print "<INPUT TYPE=SUBMIT VALUE=\"Submit\">\n";
-    print <<EOF;
-<table width="76%" border="1">
-  <tr>
-    <td><p><strong>Conversion of groups created with Bugzilla versions 2.16 and
-        prior:</strong></p>
-          <ul>
-            <li>Remove all explicit memberships from this group: 
-              <input name="remove_explicit_members" type="submit" id="remove_explicit_members" value="Remove Memberships">
-</li>
-            <li>Remove all explicit memberships that are included in the above
-            regular expression: 
-              <input name="remove_explicit_members_regexp" type="submit" id="remove_explicit_members_regexp" value="Remove memberships included in regular expression"> 
-            </li>
-          </ul>          <p><br>            
-              </p>
-      </p></td>
-  </tr>
-</table>
-<BR>
-EOF
-    print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"postchanges\">\n";
-    print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=$gid>\n";
-    print "</FORM>";
-
-
-
-    PutTrailer("back to the <a href=\"editgroups.cgi\">group list</a>");
+    $vars->{'group_id'}    = $group_id;
+    $vars->{'name'}        = $name;
+    $vars->{'description'} = $description;
+    $vars->{'rexp'}        = $rexp;
+    $vars->{'isactive'}    = $isactive;
+    $vars->{'isbuggroup'}  = $isbuggroup;
+    $vars->{'groups'}      = \@groups;
+
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/edit.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
+
     exit;
 }
 
@@ -331,7 +185,6 @@ EOF
 
 if ($action eq 'add') {
     print Bugzilla->cgi->header();
-
     $template->process("admin/groups/create.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
     
@@ -345,42 +198,32 @@ if ($action eq 'add') {
 #
 
 if ($action eq 'new') {
-    PutHeader("Adding new group");
-
     # Cleanups and valididy checks
-    my $name = trim($::FORM{name} || '');
-    my $desc = trim($::FORM{desc} || '');
-    my $regexp = trim($::FORM{regexp} || '');
+    my $name = trim($cgi->param('name') || '');
+    my $desc = trim($cgi->param('desc') || '');
+    my $regexp = trim($cgi->param('regexp') || '');
     # convert an undefined value in the inactive field to zero
     # (this occurs when the inactive checkbox is not checked
     # and the browser does not send the field to the server)
-    my $isactive = $::FORM{isactive} ? 1 : 0;
+    my $isactive = $cgi->param('isactive') ? 1 : 0;
+
+    # At this point $isactive is either 0 or 1 so we can mark it safe
+    trick_taint($isactive);
+
+    ThrowUserError("empty_group_name") unless $name;
+    ThrowUserError("empty_group_description") unless $desc;
 
-    unless ($name) {
-        ShowError("You must enter a name for the new group.<BR>" .
-                  "Please click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
-    unless ($desc) {
-        ShowError("You must enter a description for the new group.<BR>" .
-                  "Please click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
     if (TestGroup($name)) {
-        ShowError("The group '" . $name . "' already exists.<BR>" .
-                  "Please click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
+        ThrowUserError("group_exists", { name => $name });
     }
 
-    if (!eval {qr/$regexp/}) {
-        ShowError("The regular expression you entered is invalid. " .
-                  "Please click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
+    ThrowUserError("invalid_regexp") unless (eval {qr/$regexp/});
+
+    # We use SqlQuote and FILTER html on name, description and regexp.
+    # So they are safe to be detaint
+    trick_taint($name);
+    trick_taint($desc);
+    trick_taint($regexp);
 
     # Add the new group
     SendSQL("INSERT INTO groups ( " .
@@ -399,7 +242,7 @@ if ($action eq 'new') {
     SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless)
              VALUES ($admin, $gid, 1)");
     # Permit all existing products to use the new group if makeproductgroups.
-    if ($::FORM{insertnew}) {
+    if ($cgi->param('insertnew')) {
         SendSQL("INSERT INTO group_control_map " .
                 "(group_id, product_id, entry, membercontrol, " .
                 "othercontrol, canedit) " .
@@ -409,9 +252,10 @@ if ($action eq 'new') {
                 "FROM products");
     }
     RederiveRegexp($regexp, $gid);
-    print "OK, done.<p>\n";
-    PutTrailer("<a href=\"editgroups.cgi?action=add\">add</a> another group",
-               "back to the <a href=\"editgroups.cgi\">group list</a>");
+
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/created.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
     exit;
 }
 
@@ -422,96 +266,58 @@ if ($action eq 'new') {
 #
 
 if ($action eq 'del') {
-    PutHeader("Delete group");
-    my $gid = trim($::FORM{group} || '');
+    my $gid = trim($cgi->param('group') || '');
+    ThrowUserError("group_not_specified") unless ($gid);
     detaint_natural($gid);
-    unless ($gid) {
-        ShowError("No group specified.<BR>" .
-                  "Click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
+
     SendSQL("SELECT id FROM groups WHERE id=$gid");
-    if (!FetchOneColumn()) {
-        ShowError("That group doesn't exist.<BR>" .
-                  "Click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
+    ThrowUserError("invalid_group_ID") unless FetchOneColumn();
+
     SendSQL("SELECT name,description " .
             "FROM groups " .
-            "WHERE id=$gid");
+            "WHERE id = $gid");
 
     my ($name, $desc) = FetchSQLData();
-    print "<table border=1>\n";
-    print "<tr>";
-    print "<th>Id</th>";
-    print "<th>Name</th>";
-    print "<th>Description</th>";
-    print "</tr>\n";
-    print "<tr>\n";
-    print "<td>$gid</td>\n";
-    print "<td>$name</td>\n";
-    print "<td>$desc</td>\n";
-    print "</tr>\n";
-    print "</table>\n";
-
-    print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
-    my $cantdelete = 0;
+
+    my $hasusers = 0;
     SendSQL("SELECT user_id FROM user_group_map 
              WHERE group_id = $gid AND isbless = 0");
-    if (!FetchOneColumn()) {} else {
-       $cantdelete = 1;
-       print "
-<B>One or more users belong to this group. You cannot delete this group while
-there are users in it.</B><BR>
-<A HREF=\"editusers.cgi?action=list&group=$gid\">Show me which users.</A> - <INPUT TYPE=CHECKBOX NAME=\"removeusers\">Remove all users from
-this group for me<P>
-";
+    if (FetchOneColumn()) {
+        $hasusers = 1;
     }
+
+    my $hasbugs = 0;
+    my $buglist = "";
     SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
-    my $buglist="";
+
     if (MoreSQLData()) {
-        $cantdelete = 1;
+        $hasbugs = 1;
         my $buglist = "0";
+
         while (MoreSQLData()) {
             my ($bug) = FetchSQLData();
             $buglist .= "," . $bug;
         }
-       print "
-<B>One or more bug reports are visible only to this group.
-You cannot delete this group while any bugs are using it.</B><BR>
-<A HREF=\"buglist.cgi?bug_id=$buglist\">Show me which bugs.</A> -
-<INPUT TYPE=CHECKBOX NAME=\"removebugs\">Remove all bugs from this group
-restriction for me<BR>
-<B>NOTE:</B> It's quite possible to make confidential bugs public by checking
-this box.  It is <B>strongly</B> suggested that you review the bugs in this
-group before checking the box.<P>
-";
     }
+
+    my $hasproduct = 0;
     SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name));
     if (MoreSQLData()) {
-       $cantdelete = 1;
-       print "
-<B>This group is tied to the <U>$name</U> product.
-You cannot delete this group while it is tied to a product.</B><BR>
-<INPUT TYPE=CHECKBOX NAME=\"unbind\">Delete this group anyway, and make the
-<U>$name</U> product publicly visible.<BR>
-";
+        $hasproduct = 1;
     }
 
-    print "<H2>Confirmation</H2>\n";
-    print "<P>Do you really want to delete this group?\n";
-    if ($cantdelete) {
-      print "<BR><B>You must check all of the above boxes or correct the " .
-            "indicated problems first before you can proceed.</B>";
-    }
-    print "<P><INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n";
-    print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n";
-    print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$gid\">\n";
-    print "</FORM>";
+    $vars->{'gid'}         = $gid;
+    $vars->{'name'}        = $name;
+    $vars->{'description'} = $desc;
+    $vars->{'hasusers'}    = $hasusers;
+    $vars->{'hasbugs'}     = $hasbugs;
+    $vars->{'hasproduct'}  = $hasproduct;
+    $vars->{'buglist'}     = $buglist;
 
-    PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>");
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/delete.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
+    
     exit;
 }
 
@@ -520,18 +326,11 @@ You cannot delete this group while it is tied to a product.</B><BR>
 #
 
 if ($action eq 'delete') {
-    PutHeader("Deleting group");
-    my $gid = trim($::FORM{group} || '');
+    my $gid = trim($cgi->param('group') || '');
+    ThrowUserError("group_not_specified") unless ($gid);
     detaint_natural($gid);
-    unless ($gid) {
-        ShowError("No group specified.<BR>" .
-                  "Click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
-    SendSQL("SELECT name " .
-            "FROM groups " .
-            "WHERE id = $gid");
+
+    SendSQL("SELECT name FROM groups WHERE id = $gid");
     my ($name) = FetchSQLData();
 
     my $cantdelete = 0;
@@ -539,43 +338,39 @@ if ($action eq 'delete') {
     SendSQL("SELECT user_id FROM user_group_map 
              WHERE group_id = $gid AND isbless = 0");
     if (FetchOneColumn()) {
-      if (!defined $::FORM{'removeusers'}) {
-        $cantdelete = 1;
-      }
+        if (!defined $cgi->param('removeusers')) {
+            $cantdelete = 1;
+        }
     }
     SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
     if (FetchOneColumn()) {
-      if (!defined $::FORM{'removebugs'}) {
-        $cantdelete = 1;
-      }
+        if (!defined $cgi->param('removebugs')) {
+            $cantdelete = 1;
+        }
     }
     SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name));
     if (FetchOneColumn()) {
-      if (!defined $::FORM{'unbind'}) {
-        $cantdelete = 1;
-      }
+        if (!defined $cgi->param('unbind')) {
+            $cantdelete = 1;
+        }
     }
 
-    if ($cantdelete == 1) {
-      ShowError("This group cannot be deleted because there are " .
-          "records in the database which refer to it.  All such records " .
-          "must be removed or altered to remove the reference to this " .
-          "group before the group can be deleted.");
-      print "<a href=\"editgroups.cgi?action=del&group=$gid\">" .
-            "View</a> the list of which records are affected.<br>";
-      PutTrailer("back to the <a href=\"editgroups.cgi\">group list</a>");
-      exit;
+    if (!$cantdelete) {
+        SendSQL("DELETE FROM user_group_map WHERE group_id = $gid");
+        SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid");
+        SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid");
+        SendSQL("DELETE FROM group_control_map WHERE group_id = $gid");
+        SendSQL("DELETE FROM groups WHERE id = $gid");
     }
 
-    SendSQL("DELETE FROM user_group_map WHERE group_id = $gid");
-    SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid");
-    SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid");
-    SendSQL("DELETE FROM group_control_map WHERE group_id = $gid");
-    SendSQL("DELETE FROM groups WHERE id = $gid");
-    print "<B>Group $gid has been deleted.</B><BR>";
+    $vars->{'gid'}        = $gid;
+    $vars->{'name'}       = $name;
+    $vars->{'cantdelete'} = $cantdelete;
 
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/deleted.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
 
-    PutTrailer("back to the <a href=\"editgroups.cgi\">group list</a>");
     exit;
 }
 
@@ -584,64 +379,48 @@ if ($action eq 'delete') {
 #
 
 if ($action eq 'postchanges') {
-
     # ZLL: Bug 181589: we need to have something to remove explictly listed users from
     # groups in order for the conversion to 2.18 groups to work
-    if ($::FORM{remove_explicit_members}) {
-        PutHeader("Confirm: Remove All Explicit Members?");
-        my ($gid, $chgs) = doGroupChanges();
-        print "<br><br>\n";
-        if ($chgs) {
-            print "Group updated, please confirm removal:<p>\n";
-        }
-        confirmRemove(0,$gid);
-        PutFooter();
-        exit;
-    } elsif ($::FORM{remove_explicit_members_regexp}) {
-        PutHeader("Confirm: Remove Explicit Members in the Regular Expression?");
-        my ($gid, $chgs, $rexp) = doGroupChanges();
-        print "<br><br>\n";
-        if ($chgs) {
-            print "Group updated, please confirm removal:<p>\n";
-        }
-        confirmRemove(1, $gid, $rexp);
-        PutFooter();
-        exit;
+    my $action;
+
+    if ($cgi->param('remove_explicit_members')) {
+        $action = 1;
+    } elsif ($cgi->param('remove_explicit_members_regexp')) {
+        $action = 2;
+    } else {
+        $action = 3;
     }
     
-   # if we got this far, the admin doesn't want to convert, so just save their changes
-   
-    PutHeader("Updating group hierarchy");
     my ($gid, $chgs) = doGroupChanges();
     
-    if (!$chgs) {
-        print "You didn't change anything!<BR>\n";
-        print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n";
-    } else {
-        print "Done.<p>\n";
+    $vars->{'action'}  = $action;
+    $vars->{'changes'} = $chgs;
+    $vars->{'gid'}     = $gid;
+    $vars->{'name'}    = $cgi->param('name');
+    if ($action == 2) {
+        $vars->{'regexp'} = $cgi->param("rexp");
     }
-    PutTrailer("back to the <a href=\"editgroups.cgi\">group list</a>");
+    
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/change.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
     exit;
 }
 
 if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
-    # remove all explicit users from the group with gid $::FORM{group} 
-    # that match the regexp stored in the db for that group 
+    # remove all explicit users from the group with gid $cgi->param('group')
+    # that match the regexp stored in the DB for that group
     # or all of them period
-    my $dbh = Bugzilla->dbh;
-    my $gid = $::FORM{group};
+
+    my $gid = $cgi->param('group');
+    ThrowUserError("group_not_specified") unless ($gid);
     detaint_natural($gid);
+
+    my $dbh = Bugzilla->dbh;
     my $sth = $dbh->prepare("SELECT name, userregexp FROM groups
                              WHERE id = ?");
     $sth->execute($gid);
     my ($name, $regexp) = $sth->fetchrow_array();
-    if ($action eq 'remove_all_regexp') {
-        PutHeader("Removing All Explicit Group Memberships Matching "
-                . "Group RegExp from \'" . html_quote($name) . "\'");
-    } else {
-        PutHeader("Removing All Explicit Group Memberships from \'"
-                . html_quote($name) . "\'");
-    }
     $dbh->do("LOCK TABLES
                   groups WRITE,
                   profiles READ,
@@ -653,157 +432,115 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
                              AND grant_type = ?
                              AND isbless = 0");
     $sth->execute($gid, GRANT_DIRECT);
+
+    my @users;
     my $sth2 = $dbh->prepare("DELETE FROM user_group_map
                               WHERE user_id = ?
                               AND isbless = 0
                               AND group_id = ?");
-    if ($action eq 'remove_all_regexp') {
-        print "<br><b>Removing explicit memberships of users matching \'"
-              . html_quote($regexp) . "\'...</b><br>\n";
-    } else {
-        print "<br><b>Removing explicit membership</b><br>\n";
-    }
     while ( my ($userid, $userlogin) = $sth->fetchrow_array() ) {
         if ((($regexp =~ /\S/) && ($userlogin =~ m/$regexp/i))
             || ($action eq 'remove_all'))
         {
             $sth2->execute($userid,$gid);
-            print html_quote($userlogin) . " removed<br>\n";
+
+            my $user = {};
+            $user->{'login'} = $userlogin;
+            push(@users, $user);
         }
     }
-    print "<br><b>Done</b><br>";
 
     $sth = $dbh->prepare("UPDATE groups
              SET last_changed = NOW()
              WHERE id = ?");
     $sth->execute($gid);
     $dbh->do("UNLOCK TABLES");
-    PutTrailer("back to the <a href=\"editgroups.cgi\">group list</a>");
-    exit;
-}
 
+    $vars->{'users'}      = \@users;
+    $vars->{'name'}       = $name;
+    $vars->{'regexp'}     = $regexp;
+    $vars->{'remove_all'} = ($action eq 'remove_all');
+    $vars->{'gid'}        = $gid;
+    
+    print Bugzilla->cgi->header();
+    $template->process("admin/groups/remove.html.tmpl", $vars)
+      || ThrowTemplateError($template->error());
 
+    exit;
+}
 
 
 #
 # No valid action found
 #
 
-PutHeader("Error");
-print "I don't have a clue what you want.<BR>\n";
+ThrowCodeError("action_unrecognized", $vars);
 
-PutTrailer("<a href=editgroups.cgi>Try the group list</a>");
-
-# confirm if the user wants to remove the explicit users
-sub confirmRemove {
-    my ($remove_regexp_only, $group, $regexp) = @_;
-    
-    if (!$remove_regexp_only) { 
-        print "This option will remove ";
-        print "all explicitly defined users ";
-    } elsif ($regexp =~ /\S/) { 
-        print "This option will remove ";
-        print "all users included in the regular expression: " . 
-              html_quote($regexp) . " ";
-    } else {
-        print "<b>There is no regular expression defined.</b>\n";
-        print "No users will be removed<p>\n";
-        print "<a href=\"editgroups.cgi\">return to the Edit Groups page</a>\n";
-        return;
-    }
-    print "from group $::FORM{name}.<p>\n";
-    print "Generally, you will only need to do this when upgrading groups ";
-    print "created with Bugzilla versions 2.16 and prior. Use this option ";
-    print "with <b>extreme care</b> and consult the Bugzilla Guide for ";
-    print "further information.<p>\n";
-    
-    print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
-    print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=$group>\n";
-    
-    if ($remove_regexp_only) {
-        print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"remove_all_regexp\">\n";
-    } else {
-        print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"remove_all\">\n";
-    }
-    
-    print "<INPUT NAME=\"confirm\" TYPE=SUBMIT VALUE=\"Confirm\">\n";
-    print "<p>Or <a href=\"editgroups.cgi\">return to the Edit Groups page</a>\n";
-    print "</FORM>";
-}
 
 # Helper sub to handle the making of changes to a group
 sub doGroupChanges {
-    my $gid = trim($::FORM{group} || '');
+    my $cgi = Bugzilla->cgi;
+    
+    my $gid = trim($cgi->param('group') || '');
+    ThrowUserError("group_not_specified") unless ($gid);
     detaint_natural($gid);
-    unless ($gid) {
-        ShowError("No group specified.<BR>" .
-                  "Click the <b>Back</b> button and try again.");
-        PutFooter();
-        exit;
-    }
+    
     SendSQL("SELECT isbuggroup FROM groups WHERE id = $gid");
     my ($isbuggroup) = FetchSQLData();
     my $chgs = 0;
-    if (($isbuggroup == 1) && ($::FORM{"oldname"} ne $::FORM{"name"})) {
+
+    if (($isbuggroup == 1) && ($cgi->param('oldname') ne $cgi->param("name"))) {
         $chgs = 1;
         SendSQL("UPDATE groups SET name = " . 
-            SqlQuote($::FORM{"name"}) . " WHERE id = $gid");
+            SqlQuote($cgi->param("name")) . " WHERE id = $gid");
     }
-    if (($isbuggroup == 1) && ($::FORM{"olddesc"} ne $::FORM{"desc"})) {
+    if (($isbuggroup == 1) && ($cgi->param('olddesc') ne $cgi->param("desc"))) {
         $chgs = 1;
         SendSQL("UPDATE groups SET description = " . 
-            SqlQuote($::FORM{"desc"}) . " WHERE id = $gid");
+            SqlQuote($cgi->param("desc")) . " WHERE id = $gid");
     }
-    if ($::FORM{"oldrexp"} ne $::FORM{"rexp"}) {
+    if ($cgi->param("oldrexp") ne $cgi->param("rexp")) {
         $chgs = 1;
-        if (!eval {qr/$::FORM{"rexp"}/}) {
-            ShowError("The regular expression you entered is invalid. " .
-                      "Please click the <b>Back</b> button and try again.");
-            PutFooter();
-            exit;
-        }
+
+        my $rexp = $cgi->param('rexp');
+        ThrowUserError("invalid_regexp") unless (eval {qr/$rexp/});
+
         SendSQL("UPDATE groups SET userregexp = " . 
-            SqlQuote($::FORM{"rexp"}) . " WHERE id = $gid");
+            SqlQuote($rexp) . " WHERE id = $gid");
         RederiveRegexp($::FORM{"rexp"}, $gid);
     }
-    if (($isbuggroup == 1) && ($::FORM{"oldisactive"} ne $::FORM{"isactive"})) {
+    if (($isbuggroup == 1) && ($cgi->param("oldisactive") ne $cgi->param("isactive"))) {
         $chgs = 1;
         SendSQL("UPDATE groups SET isactive = " . 
-            SqlQuote($::FORM{"isactive"}) . " WHERE id = $gid");
+            SqlQuote($cgi->param("isactive")) . " WHERE id = $gid");
     }
-    
-    print "Checking....";
-    foreach my $b (grep(/^oldgrp-\d*$/, keys %::FORM)) {
-        if (defined($::FORM{$b})) {
-            my $v = substr($b, 7);
-            my $grp = $::FORM{"grp-$v"} || 0;
-            if ($::FORM{"oldgrp-$v"} != $grp) {
+
+    foreach my $b (grep {/^oldgrp-\d*$/} $cgi->param()) {
+        if (defined($cgi->param($b))) {
+            $b =~ /^oldgrp-(\d+)$/;
+            my $v = $1;
+            my $grp = $cgi->param("grp-$v") || 0;
+            if ($cgi->param("oldgrp-$v") != $grp) {
                 $chgs = 1;
-                print "changed";
                 if ($grp != 0) {
-                    print " set ";
                     SendSQL("INSERT INTO group_group_map 
                              (member_id, grantor_id, isbless)
                              VALUES ($v, $gid, 0)");
                 } else {
-                    print " cleared ";
                     SendSQL("DELETE FROM group_group_map
                              WHERE member_id = $v AND grantor_id = $gid
                              AND isbless = 0");
                 }
             }
 
-            my $bless = $::FORM{"bless-$v"} || 0;
-            if ($::FORM{"oldbless-$v"} != $bless) {
+            my $bless = $cgi->param("bless-$v") || 0;
+            if ($cgi->param("oldbless-$v") != $bless) {
                 $chgs = 1;
-                print "changed";
                 if ($bless != 0) {
-                    print " set ";
                     SendSQL("INSERT INTO group_group_map 
                              (member_id, grantor_id, isbless)
                              VALUES ($v, $gid, 1)");
                 } else {
-                    print " cleared ";
                     SendSQL("DELETE FROM group_group_map
                              WHERE member_id = $v AND grantor_id = $gid
                              AND isbless = 1");
@@ -817,5 +554,5 @@ sub doGroupChanges {
         # mark the changes
         SendSQL("UPDATE groups SET last_changed = NOW() WHERE id = $gid");
     }
-    return $gid, $chgs, $::FORM{"rexp"};
+    return $gid, $chgs;
 }
diff --git a/template/en/default/admin/groups/change.html.tmpl b/template/en/default/admin/groups/change.html.tmpl
new file mode 100644
index 0000000000..c2f2c8f9f6
--- /dev/null
+++ b/template/en/default/admin/groups/change.html.tmpl
@@ -0,0 +1,111 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # action: integer. Can be 1, 2 or 3, depending on the action
+  #         performed:
+  #         1 - remove_explicit_members
+  #         2 - remove_explicit_members_regexp
+  #         3 - no conversion, just save the changes
+  # changes: boolean int. Is 1 if changes occured.
+  # gid: integer. The ID of the group.
+  # name: the name of the product where removal is performed.
+  # regexp: the regexp according to which the update is performed.
+  #%]
+
+[% IF (action == 1) %]
+  [% title = "Confirm: Remove All Explicit Members?" %]
+[% ELSIF (action == 2) %]
+  [% title = "Confirm: Remove Explicit Members in the Regular Expression?" %]
+[% ELSE %]
+  [% title = "Updating group hierarchy" %]
+[% END %]
+
+[% PROCESS global/header.html.tmpl %]
+
+<p>
+  Checking....
+
+  [% IF changes %]
+    changed.
+  [% END %]
+</p>
+    
+[% IF (action == 1) || (action == 2) %]
+  [% IF changes %]
+    <p>Group updated, please confirm removal:</p>
+  [% END %]
+
+  [% IF (action == 1) %]
+    <p>This option will remove all explicitly defined users
+  [% ELSIF regexp %]
+    <p>This option will remove all users included in the regular expression:
+    [% regexp FILTER html %]
+  [% ELSE %]
+    <p>
+      <b>There is no regular expression defined.</b>
+      No users will be removed.
+    </p>
+  [% END %]
+  
+  [% IF ((action == 1) || regexp) %]
+    from group [% name FILTER html %].</p>
+    
+    <p>
+      Generally, you will only need to do this when upgrading groups
+      created with [% terms.Bugzilla %] versions 2.16 and prior. Use
+      this option with <b>extreme care</b> and consult the documentation
+      for further information.
+    </p>
+    
+    <form method="post" action="editgroups.cgi">
+      <input type="hidden" name="group" value="[% gid FILTER html %]">
+    
+      [% IF (action == 2) %]
+        <input type="hidden" name="action" value="remove_all_regexp">
+      [% ELSE %]
+        <input type="hidden" name="action" value="remove_all">
+      [% END %]
+    
+      <input name="confirm" type="submit" value="Confirm">
+      <p>Or <a href="editgroups.cgi">return to the Edit Groups page</a>.</p>
+    </form>
+  [% END %]
+[% ELSE %]
+  [%# if we got this far, the admin doesn't want to convert, so just save
+    # their changes %]
+
+  [% IF changes %]
+    <p>Done.</p>
+  [% ELSE %]
+    <p>
+      You didn't change anything! If you really meant it, hit the <b>Back</b>
+      button and try again.
+    </p>
+  [% END %]
+    
+  <p>Back to the <a href="editgroups.cgi">group list</a>.</p>
+[% END %]
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/admin/groups/create.html.tmpl b/template/en/default/admin/groups/create.html.tmpl
index 239d7f9840..8da00a7994 100644
--- a/template/en/default/admin/groups/create.html.tmpl
+++ b/template/en/default/admin/groups/create.html.tmpl
@@ -20,7 +20,10 @@
   #                 Joel Peshkin <bugreport@peshkin.net>
   #                 Jacob Steenhagen <jake@bugzilla.org>
   #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
 
+[%# INTERFACE:
+  # none
   #%]
 
 [% PROCESS global/header.html.tmpl
diff --git a/template/en/default/admin/groups/created.html.tmpl b/template/en/default/admin/groups/created.html.tmpl
new file mode 100644
index 0000000000..4ac051c2d5
--- /dev/null
+++ b/template/en/default/admin/groups/created.html.tmpl
@@ -0,0 +1,38 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # none
+  #%]
+
+[% PROCESS global/header.html.tmpl
+  title = "Adding new group"
+%]
+
+<p>OK, done.</p>
+
+<p><a href="editgroups.cgi?action=add">Add</a> another group or
+go back to the <a href="editgroups.cgi">group list</a>.</p>
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/admin/groups/delete.html.tmpl b/template/en/default/admin/groups/delete.html.tmpl
new file mode 100644
index 0000000000..0e17cbb1cc
--- /dev/null
+++ b/template/en/default/admin/groups/delete.html.tmpl
@@ -0,0 +1,100 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # gid: number. The group ID.
+  # name: string. The name of the group.
+  # description: string. The description of the group.
+  # hasusers: boolean int. True if the group includes users in it.
+  # hasbugs: boolean int. True if the group includes bugs in it.
+  # hasproduct: boolean int. True if the group is binded to a product.
+  # buglist: string. The list of bugs included in this group.
+  #%]
+
+
+[% PROCESS global/header.html.tmpl
+  title = "Delete group"
+%]
+
+<table border="1">
+  <tr>
+    <th>Id</th>
+    <th>Name</th>
+    <th>Description</th>
+  </tr>
+  <tr>
+    <td>[% gid FILTER html %]</td>
+    <td>[% name FILTER html %]</td>
+    <td>[% desc FILTER html %]</td>
+  </tr>
+</table>
+
+<form method="post" action="editgroups.cgi">
+  [% IF hasusers %]
+    <p><b>One or more users belong to this group. You cannot delete
+    this group while there are users in it.</b>
+
+    <br><a href="editusers.cgi?action=list&group=[% gid FILTER html %]">Show
+    me which users</a> - <input type="checkbox" name="removeusers">Remove
+    all users from this group for me.</p>
+  [% END %]
+
+  [% IF hasbugs %]
+    <p><b>One or more [% terms.bug %] reports are visible only to this group.
+    You cannot delete this group while any [% terms.bugs %] are using it.</b>
+
+    <br><a href="buglist.cgi?bug_id=[% buglist FILTER html %]">Show me
+    which [% terms.bugs %]</a> - <input type="checkbox" name="removebugs">Remove
+    all [% terms.bugs %] from this group restriction for me.</p>
+
+    <p><b>NOTE:</b> It's quite possible to make confidential [% terms.bugs %]
+    public by checking this box.  It is <B>strongly</B> suggested
+    that you review the [% terms.bugs %] in this group before checking
+    the box.</p>
+  [% END %]
+
+  [% IF hasproduct %]
+    <p><b>This group is tied to the <U>[% name FILTER html %]</U> product.
+    You cannot delete this group while it is tied to a product.</b>
+
+    <br><input type="checkbox" name="unbind">Delete this group anyway,
+    and make the <U>[% name FILTER html %]</U> publicly visible.</p>
+  [% END %]
+
+  <h2>Confirmation</h2>
+
+  <p>Do you really want to delete this group?</p>
+  [% IF (hasusers || hasbugs || hasproduct) %]
+    <p><b>You must check all of the above boxes or correct the
+          indicated problems first before you can proceed.</b></p>
+  [% END %]
+
+  <p><input type="submit" value="Yes, delete">
+  <input type="hidden" name="action" value="delete">
+  <input type="hidden" name="group" value="[% gid FILTER html %]">
+</form>
+
+Go back to the <a href="editgroups.cgi">group list</a>.
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/admin/groups/deleted.html.tmpl b/template/en/default/admin/groups/deleted.html.tmpl
new file mode 100644
index 0000000000..fc91190cb6
--- /dev/null
+++ b/template/en/default/admin/groups/deleted.html.tmpl
@@ -0,0 +1,54 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # gid: number. The group ID.
+  # name: string. The name of the group.
+  # cantdelete: boolean int. Is 1 if the group couldn't have been deleted.
+  #%]
+
+
+[% PROCESS global/header.html.tmpl
+  title = "Deleting group"
+%]
+
+[% IF cantdelete %]
+  <p>
+    This group cannot be deleted because there are records
+    in the database which refer to it.  All such records
+    must be removed or altered to remove the reference to this
+    group before the group can be deleted.
+  </p>
+
+  <p>
+    <a href="editgroups.cgi?action=del&amp;group=[% gid FILTER html %]">View</a>
+    the list of which records are affected.
+  </p>
+[% ELSE %]
+  <p><b>The group [% name FILTER html %] has been deleted.</b></p>
+[% END %]
+
+<p>Go back to the <a href="editgroups.cgi">group list</a>.
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/admin/groups/edit.html.tmpl b/template/en/default/admin/groups/edit.html.tmpl
new file mode 100644
index 0000000000..619db777c3
--- /dev/null
+++ b/template/en/default/admin/groups/edit.html.tmpl
@@ -0,0 +1,159 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # group_id: number. The group ID.
+  # name: string. The name of the group.
+  # description: string. The description of the group.
+  # rexp: string. The regular expression for the users of the group.
+  # isactive: boolean int. Shows if the group is still active.
+  # isbuggroup: boolean int. Is 1 if this is a bug group.
+  # groups: array with group objects having the properties:
+  #   - grpid: number. The ID of the group.
+  #   - grpname: string. The name of the group.
+  #   - grpdesc: string. The description of the group.
+  #   - grpmember: boolean int. Is 1 if the current user is a group member.
+  #   - blessmember: boolean int. Is 1 if the current user can bless members
+  #                  in the current group.
+  #%]
+
+
+[% PROCESS global/header.html.tmpl
+  title = "Change Group"
+%]
+
+<form method="post" action="editgroups.cgi">
+  <table border="1" cellpadding="4">
+    <tr>
+      <th>Group:</th>
+      <td>
+        [% IF isbuggroup %]
+          <input type="hidden" name="oldname" value="[% name FILTER html %]">
+          <input type="text" name="name" size="60" value="[% name FILTER html %]">
+        [% ELSE %]
+          [% name FILTER html %]
+        [% END %]
+      </td>
+    </tr>
+
+    <tr>
+      <th>Description:</th>
+      <td>
+        [% IF isbuggroup %]
+          <input type="hidden" name="olddesc" value="[% description FILTER html %]">
+          <input type="text" name="desc" size="70" value="[% description FILTER html %]">
+        [% ELSE %]
+          [% description FILTER html %]
+        [% END %]
+      </td>
+    </tr>
+
+    <tr>
+      <th>User Regexp:</th>
+      <td>
+        <input type="hidden" name="oldrexp" value="[% rexp FILTER html %]">
+        <input type="text" name="rexp" size="40" value="[% rexp FILTER html %]">
+      </td>
+    </tr>
+
+    [% IF isbuggroup %]
+      <tr>
+        <th>Use For [% terms.Bugs %]:</th>
+        <td>
+          <input type="checkbox" name="isactive" value="1" [% (isactive == 1) ? "checked" : "" %]>
+          <input type="hidden" name="oldisactive" value="[% isactive FILTER html %]">
+        </td>
+      </tr>
+    [% END %]
+  </table>
+
+  <p>
+    Users become members of this group in one of three ways:
+    <ul>
+      <li> by being explicity included when the user is edited.
+      <li> by matching the user regexp above.
+      <li> by being a member of one of the groups included in this group
+           by checking the boxes below.
+    </ul>
+  </p>
+
+  <table>
+    <tr>
+      <td colspan="4">Members of these groups can grant membership to this group</td>
+    </tr>
+    <tr>
+      <td align="center">|</td>
+      <td colspan="3">Members of these groups are included in this group</td>
+    </tr>
+    <tr>
+      <td align="center">|</td>
+      <td align="center">|</td>
+      <td colspan="2"></td>
+    </tr>
+    [% FOREACH group = groups %]
+      <tr>
+        <td>
+          <input type="checkbox" name="bless-[% group.grpid FILTER html %]" [% group.blessmember ? "checked " : "" %]value="1">
+          <input type="hidden" name="oldbless-[% group.grpid FILTER html %]" value="[% group.blessmember FILTER html %]">
+        </td>
+        <td>
+          <input type="checkbox" name="grp-[% group.grpid FILTER html %]" [% group.grpmember ? "checked " : "" %]value="1">
+          <input type="hidden" name="oldgrp-[% group.grpid FILTER html %]" value="[% group.grpmember FILTER html %]">
+        </td>
+        <td><b>[% group.grpnam FILTER html %]</b></td>
+        <td>[% group.grpdesc FILTER html %]</td>
+      </tr>
+    [% END %]
+  </table>
+  
+  <input type="submit" value="Submit">
+
+  <p>
+  <table width="76%" border="1">
+    <tr>
+      <td>
+        <p><strong>Conversion of groups created with [% terms.Bugzilla %]
+        versions 2.16 and prior:</strong></p>
+        
+        <ul>
+          <li>Remove all explicit memberships from this group: 
+            <input name="remove_explicit_members" type="submit" id="remove_explicit_members" value="Remove Memberships">
+          </li>
+
+          <li>Remove all explicit memberships that are included in the above
+            regular expression: 
+            <input name="remove_explicit_members_regexp" type="submit" id="remove_explicit_members_regexp" value="Remove memberships included in regular expression"> 
+          </li>
+        </ul>
+      </td>
+    </tr>
+  </table>
+
+  <input type="hidden" name="action" value="postchanges">
+  <input type="hidden" name="group" value="[% group_id FILTER html %]">
+</form>
+
+Back to the <a href="editgroups.cgi">group list</a>.
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/admin/groups/list.html.tmpl b/template/en/default/admin/groups/list.html.tmpl
new file mode 100644
index 0000000000..9e6520244d
--- /dev/null
+++ b/template/en/default/admin/groups/list.html.tmpl
@@ -0,0 +1,119 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # groups: array with group objects having the properties:
+  #   - id: number. The ID of the group.
+  #   - name: string. The name of the group.
+  #   - description: string. The description of the group.
+  #   - regexp: string. The user regexp for the given group.
+  #   - isactive: boolean int. Specifies if the group is active or not.
+  #   - isbuggroup: boolean int. Specifies if it can be used for bugs.
+  #%]
+
+[% PROCESS global/header.html.tmpl
+  title = "Edit Groups"
+  h2 = "This lets you edit the groups available to put users in."
+%]
+
+
+<table border="1">
+  <tr>
+    <th>Name</th>
+    <th>Description</th>
+    <th>User RegExp</th>
+    <th>Use For [% terms.Bugs %]</th>
+    <th>Type</th>
+    <th>Action</th>
+  </tr>
+
+  [% FOREACH group = groups %]
+    <tr>
+      <td>[% group.name FILTER html %]</td>
+      <td>[% group.description FILTER html %]</td>
+      <td>[% group.regexp FILTER html %]&nbsp</td>
+
+      <td align="center">
+        [% IF (group.isactive != 0) && (group.isbuggroup) %]
+          X
+        [% ELSE %]
+          &nbsp
+        [% END %]
+      </td>
+
+      <td align="center">
+        [% (group.isbuggroup) ? "user" : "system" %]
+      </td>
+
+      <td align="center" valign="middle">
+        <a href="editgroups.cgi?action=changeform&amp;group=[% group.id FILTER html %]">Edit</a>
+        [% IF (group.isbuggroup) %]
+          | <a href="editgroups.cgi?action=del&amp;group=[% group.id FILTER html %]">Delete</a>
+        [% END %]
+      </td>
+    </tr>
+  [% END %]
+
+  <tr>
+    <td colspan="5"></td>
+    <td><a href="editgroups.cgi?action=add">Add Group</a></td>
+  </tr>
+</table>
+
+<p>
+  <b>Name</b> is what is used with the UserInGroup() function in any
+customized cgi files you write that use a given group.  It can also be used
+by people submitting [% terms.bugs %] by email to limit [% terms.abug %]
+to a certain set of groups.
+</p>
+
+<p>
+  <b>Description</b> is what will be shown in the [% terms.bug %] reports
+to members of the group where they can choose whether the [% terms.bug %]
+will be restricted to others in the same group.
+</p>
+
+<p>
+  <b>User RegExp</b> is optional, and if filled in, will automatically
+grant membership to this group to anyone with an email address
+that matches this perl regular expression. Do not forget
+the trailing '$'.  Example '@mycompany\.com$'
+</p>
+
+<p>
+  The <b>Use For [% terms.Bugs %]</b> flag determines whether or not
+the group is eligible to be used for [% terms.bugs %]. If you remove
+this flag, it will no longer be possible for users to add [% terms.bugs %]
+to this group, although [% terms.bugs %] already in the group will remain
+in the group. Doing so is a much less drastic way to stop a group
+from growing than deleting the group as well as a way to maintain
+lists of users without cluttering the lists of groups used
+for [% terms.bug %] restrictions.
+</p>
+
+<p>
+  The <b>Type</b> field identifies system groups.
+</p>
+
+[% PROCESS global/footer.html.tmpl %]
diff --git a/template/en/default/admin/groups/remove.html.tmpl b/template/en/default/admin/groups/remove.html.tmpl
new file mode 100644
index 0000000000..0eed2d9fbe
--- /dev/null
+++ b/template/en/default/admin/groups/remove.html.tmpl
@@ -0,0 +1,60 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Netscape Communications
+  # Corporation. Portions created by Netscape are
+  # Copyright (C) 1998 Netscape Communications Corporation. All
+  # Rights Reserved.
+  #
+  # Contributor(s): Dave Miller <justdave@syndicomm.com>
+  #                 Joel Peshkin <bugreport@peshkin.net>
+  #                 Jacob Steenhagen <jake@bugzilla.org>
+  #                 Vlad Dascalu <jocuri@softhome.net>
+  #%]
+
+[%# INTERFACE:
+  # remove_all: boolean int. Is 1 if the action was remove_all,
+  #         and 0 if the action was remove_all_regexp.
+  # name: string. The place where removal is performed.
+  # regexp: string. The regexp according to which the removal is performed.
+  # users: array with group objects having the properties:
+  #   - login: string. The login which is removed.
+  #%]
+
+
+[% IF remove_all %]
+  [% title = "Removing All Explicit Group Memberships from '"
+      _ name _ "'" %]
+[% ELSE %]
+  [% title = "Removing All Explicit Group Memberships Matching "
+      _ "Group RegExp from '" _ name _ "'" %]
+[% END %]
+
+[% PROCESS global/header.html.tmpl %]
+
+[% IF remove_all %]
+  <p><b>Removing explicit membership</b></p>
+[% ELSE %]
+  <p><b>Removing explicit memberships of users matching
+  '[% regexp FILTER html %]'...</b></p>
+[% END %]
+    
+[% FOREACH user = users %]
+  [% user.login FILTER html %] removed<br>
+[% END %]
+
+<p><b>Done</b>.</p>
+
+<p>Back to the <a href="editgroups.cgi">group list</a>.</p>
+
+[% PROCESS global/footer.html.tmpl %] 
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index c5233b8e88..ae47ed3495 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -61,6 +61,10 @@
     The ID <code>[% page_id FILTER html %]</code> is not a
     valid page identifier.
 
+  [% ELSIF error == "bad_arg" %]
+    Bad argument <code>[% argument FILTER html %]</code> sent to
+    <code>[% function FILTER html %]</code> function.
+
   [% ELSIF error == "bug_error" %]
     Trying to retrieve [% terms.bug %] [%+ bug.bug_id FILTER html %] returned 
     the error [% bug.error FILTER html %].
@@ -104,10 +108,6 @@
     Attempted to add [% terms.bug %] to an inactive group, identified by the bit
     '[% bit FILTER html %]'.
 
-  [% ELSIF error == "bad_arg" %]
-    Bad argument <code>[% argument FILTER html %]</code> sent to
-    <code>[% function FILTER html %]</code> function.
-
   [% ELSIF error == "invalid_attach_id_to_obsolete" %]
      The attachment number of one of the attachments you wanted to obsolete,
      [% attach_id FILTER html %], is invalid.
@@ -131,7 +131,12 @@
   [% ELSIF error == "invalid_dimensions" %]
     [% title = "Invalid Dimensions" %]
     The width or height specified is not a positive integer.
-    
+
+  [% ELSIF error == "invalid_isactive_flag" %]
+    [% title = "Invalid isactive flag" %]        
+    The active flag was improperly set.  There may be
+    a problem with [% terms.Bugzilla %] or [% terms.abug %] in your browser.
+
   [% ELSIF error == "invalid_series_id" %]
     [% title = "Invalid Series" %]
     The series_id [% series_id FILTER html %] is not valid. It may be that
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index e4c9863df7..97987b786b 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -96,6 +96,11 @@
     account creation. Please contact an administrator to get a new account
     created.
 
+  [% ELSIF error == "auth_cant_edit_groups" %]
+    [% title = "Not authorized to edit groups" %]
+    Sorry, you aren't a member of the 'creategroups' group. And so,
+    you aren't allowed to edit the groups.
+
   [% ELSIF error == "authorization_failure" %]
     [% title = "Authorization Failed" %]
     You are not allowed to [% action FILTER html %].
@@ -169,6 +174,14 @@
     [% title = "Email Address Confirmation Failed" %]
     Email address confirmation failed.
 
+  [% ELSIF error == "empty_group_description" %]
+    [% title = "The group description can not be empty" %]
+    You must enter a description for the new group.
+
+  [% ELSIF error == "empty_group_name" %]
+    [% title = "The group name can not be empty" %]
+    You must enter a name for the new group.
+  
   [% ELSIF error == "entry_access_denied" %]
     [% title = "Permission Denied" %]
     Sorry; you do not have the permissions necessary to enter [% terms.abug %]
@@ -235,7 +248,15 @@
     [% title = "Flag Type Sort Key Invalid" %]
     The sort key must be an integer between 0 and 32767 inclusive.
     It cannot be <em>[% sortkey FILTER html %]</em>.
-  
+
+  [% ELSIF error == "group_exists" %]
+    [% title = "The group already exists" %]
+    The group [% name FILTER html %] already exists.
+
+  [% ELSIF error == "group_not_specified" %]
+    [% title = "Group not specified" %]
+    No group was specified.
+
   [% ELSIF error == "illegal_at_least_x_votes" %]
     [% title = "Your Search Makes No Sense" %]
     The <em>At least ___ votes</em> field must be a simple number. 
@@ -370,6 +391,10 @@
     [% END %]
     ).
 
+  [% ELSIF error == "invalid_group_ID" %]
+    [% title = "Invalid group ID" %]
+    The group you specified doesn't exist.
+
   [% ELSIF error == "invalid_maxrows" %]
     [% title = "Invalid Max Rows" %]
     The maximum number of rows, '[% maxrows FILTER html %]', must be
@@ -378,7 +403,11 @@
   [% ELSIF error == "invalid_product_name" %]
     [% title = "Invalid Product Name" %]
     The product name '[% product FILTER html %]' is invalid or does not exist.
-    
+
+  [% ELSIF error == "invalid_regexp" %]
+    [% title = "Invalid regular expression" %]
+    The regular expression you entered is invalid.
+
   [% ELSIF error == "invalid_username" %]
     [% title = "Invalid Username" %]
     The name <tt>[% name FILTER html %]</tt> is not a valid username.  

Name	Description	User RegExp	Use For Bugs	Type	Action
" . html_quote($name) . "	" . html_quote($desc) . "	" . html_quote($regexp) . "	"; - print "X" if (($isactive != 0) && ($isbuggroup != 0)); - print "	"; - print (($isbuggroup == 0 ) ? "system" : "user"); - print "	- Edit"; - print " \| Delete" if ($isbuggroup != 0); - print "
					Add Group
Group:	"; - if ($isbuggroup == 0) { - print html_quote($name); - } else { - print " - "; - } - print "
Description:	"; - if ($isbuggroup == 0) { - print html_quote($description); - } else { - print " - "; - } - print "
User Regexp:	"; - print " -
Use For Bugs:	- - -
Members of these groups can grant membership to this group
\|	Members of these groups are included in this group
\|	\|
"; - print "	"; - print "	" . html_quote($grpnam) . "	" . html_quote($grpdesc) . "
Group:	+ [% IF isbuggroup %] + + + [% ELSE %] + [% name FILTER html %] + [% END %] +
Description:	+ [% IF isbuggroup %] + + + [% ELSE %] + [% description FILTER html %] + [% END %] +
User Regexp:	+ + +
Use For [% terms.Bugs %]:	+ + +
Name	Description	User RegExp	Use For [% terms.Bugs %]	Type	Action
[% group.name FILTER html %]	[% group.description FILTER html %]	[% group.regexp FILTER html %]	+ [% IF (group.isactive != 0) && (group.isbuggroup) %] + X + [% ELSE %] + + [% END %] +	+ [% (group.isbuggroup) ? "user" : "system" %] +	+ Edit + [% IF (group.isbuggroup) %] + \| Delete + [% END %] +
					Add Group