From 641f68eed63a982261e37431b6265d01914583a6 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Fri, 30 Nov 2007 01:54:25 +0000
Subject: [PATCH] =?utf8?q?Bug=20405788:=20$bug->add=5Fcomment=20incorrectl?=
 =?utf8?q?y=20calls=20check=5Fcan=5Fchange=5Ffield()=20-=20Patch=20by=20Fr?=
 =?utf8?q?=C3=83=C2=A9d=C3=83=C2=A9ric=20Buclin=20<LpSolit@gmail.com>=20r/?=
 =?utf8?q?a=3Dmkanat?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/Bug.pm | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 0a45daf143..7c0cc191f9 100755
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -1565,10 +1565,6 @@ sub add_comment {
     my ($self, $comment, $params) = @_;
 
     $comment = $self->_check_comment($comment);
-    # XXX At some point we need to refactor check_can_change_field
-    # so that custom installs can use PrivilegesRequired here.
-    $self->check_can_change_field('longdesc')
-        || ThrowUserError('illegal_change', { field => 'longdesc' });
 
     $params ||= {};
     if (exists $params->{work_time}) {
@@ -1589,6 +1585,11 @@ sub add_comment {
         return;
     }
 
+    # So we really want to comment. Make sure we are allowed to do so.
+    my $privs;
+    $self->check_can_change_field('longdesc', 0, 1, \$privs)
+        || ThrowUserError('illegal_change', { field => 'longdesc', privs => $privs });
+
     $self->{added_comments} ||= [];
     my $add_comment = dclone($params);
     $add_comment->{thetext} = $comment;
-- 
2.47.2