vitalif
/
bugzilla-4intranet
mirror of https://github.com/vitalif/bugzilla-4intranet
1
0
Fork 0
Code Issues Releases Wiki Activity

Allow admin users to see all saved queries

classes
Vitaliy Filippov 2016-01-25 18:27:54 +03:00
parent 4ad3e1d881
commit 4736a51e18
2 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Bugzilla/Checker.pm
View File

@ -122,14 +122,9 @@ sub update
sub _check_query_id
{
my ($invocant, $value, $field) = @_;
my $q = Bugzilla::Search::Saved->check({ id => $value });
# This code allows to create predicates using searches shared by other users,
# but the UI doesn't allow it (yet?).
if ($q->user->id != Bugzilla->user->id &&
(!$q->shared_with_group || !Bugzilla->user->in_group($q->shared_with_group)))
{
ThrowUserError('query_access_denied', { query => $q });
}
my $q = Bugzilla::Search::Saved->check({ id => $value });
# Check if a named query is not a search query, but just an HTTP url
if ($q->query =~ /^[a-z][a-z0-9]*:/iso)
{

3
Bugzilla/Search/Saved.pm
View File

@ -105,7 +105,8 @@ sub check
my $search = $class->SUPER::check(@_);
my $user = Bugzilla->user;
return $search if $search->user->id == $user->id;
if (!$search->shared_with_group || !$user->in_group($search->shared_with_group))
if (!Bugzilla->user->in_group('admin') &&
(!$search->shared_with_group || !$user->in_group($search->shared_with_group)))
{
ThrowUserError('missing_query', {
queryname => $search->name,