From: David Lawrence <dkl@mozilla.com>
Date: Wed, 12 Nov 2014 16:58:12 +0000 (+0000)
Subject: Bug 1001462: Bug.search causes error when using simple token auth and specifying... 
X-Git-Tag: bugzilla-4.4.7~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cbc11fd8416cd75fbafb6e12bfdb9b7aceeb72b7;p=thirdparty%2Fbugzilla.git

Bug 1001462: Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'
r=glob,a=glob
---

diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index b865e114c3..171017eb79 100644
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -53,27 +53,20 @@ use constant MAPPED_RETURNS => {
 sub login {
     my ($self, $params) = @_;
 
+    # Check to see if we are already logged in
+    my $user = Bugzilla->user;
+    if ($user->id) {
+        return $self->_login_to_hash($user);
+    }
+
     # Username and password params are required 
     foreach my $param ("login", "password") {
-        defined $params->{$param} 
+        (defined $params->{$param} || defined $params->{'Bugzilla_' . $param})
             || ThrowCodeError('param_required', { param => $param });
     }
 
-    # Make sure the CGI user info class works if necessary.
-    my $input_params = Bugzilla->input_params;
-    $input_params->{'Bugzilla_login'} =  $params->{login};
-    $input_params->{'Bugzilla_password'} = $params->{password};
-    $input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
-
-    my $user = Bugzilla->login();
-
-    my $result = { id => $self->type('int', $user->id) };
-
-    if ($user->{_login_token}) {
-        $result->{'token'} = $user->id . "-" . $user->{_login_token};
-    }
-
-    return $result;
+    $user = Bugzilla->login();
+    return $self->_login_to_hash($user);
 }
 
 sub logout {
@@ -384,6 +377,15 @@ sub _report_to_hash {
     return $item;
 }
 
+sub _login_to_hash {
+    my ($self, $user) = @_;
+    my $item = { id => $self->type('int', $user->id) };
+    if ($user->{_login_token}) {
+        $item->{'token'} = $user->id . "-" . $user->{_login_token};
+    }
+    return $item;
+}
+
 1;
 
 __END__
diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm
index 195de79e44..c7d63b3366 100644
--- a/Bugzilla/WebService/Util.pm
+++ b/Bugzilla/WebService/Util.pm
@@ -150,13 +150,13 @@ sub fix_credentials {
     # even if not calling User.login. We also do not delete them as
     # User.login requires "login" and "password".
     if (exists $params->{'login'} && exists $params->{'password'}) {
-        $params->{'Bugzilla_login'}    = $params->{'login'};
-        $params->{'Bugzilla_password'} = $params->{'password'};
+        $params->{'Bugzilla_login'}    = delete $params->{'login'};
+        $params->{'Bugzilla_password'} = delete $params->{'password'};
     }
     # Allow user to pass token=12345678 as a convenience which becomes
     # "Bugzilla_token" which is what the auth code looks for.
     if (exists $params->{'token'}) {
-        $params->{'Bugzilla_token'} = $params->{'token'};
+        $params->{'Bugzilla_token'} = delete $params->{'token'};
     }
 }