diff --git a/bug_change_status_page.php b/bug_change_status_page.php
index 648b722f29..553515f937 100644
--- a/bug_change_status_page.php
+++ b/bug_change_status_page.php
@@ -78,7 +78,7 @@
}
$f_new_status = gpc_get_int( 'new_status' );
-$f_reopen_flag = gpc_get_int( 'reopen_flag', OFF );
+$f_change_type = gpc_get_string( 'change_type', BUG_UPDATE_TYPE_CHANGE_STATUS );
$t_reopen = config_get( 'bug_reopen_status', null, null, $t_bug->project_id );
$t_resolved = config_get( 'bug_resolved_status_threshold', null, null, $t_bug->project_id );
@@ -86,7 +86,7 @@
$t_current_user_id = auth_get_current_user_id();
# Ensure user has proper access level before proceeding
-if( $f_new_status == $t_reopen && $f_reopen_flag ) {
+if( $f_new_status == $t_reopen && $f_change_type == BUG_UPDATE_TYPE_REOPEN ) {
access_ensure_can_reopen_bug( $t_bug, $t_current_user_id );
} else if( $f_new_status == $t_closed ) {
access_ensure_can_close_bug( $t_bug, $t_current_user_id );
@@ -327,7 +327,7 @@
}
?>
-
+
' . "\n", config_get( 'bug_reopen_resolution' ) );
@@ -388,7 +388,7 @@
-
+
diff --git a/bug_update.php b/bug_update.php
index 2f049b609e..6a6218deda 100644
--- a/bug_update.php
+++ b/bug_update.php
@@ -67,29 +67,12 @@
$t_existing_bug = bug_get( $f_bug_id, true );
$f_update_type = gpc_get_string( 'action_type', BUG_UPDATE_TYPE_NORMAL );
+$t_current_user_id = auth_get_current_user_id();
+
if( helper_get_current_project() !== $t_existing_bug->project_id ) {
$g_project_override = $t_existing_bug->project_id;
}
-$t_reporter_closing =
- ( $f_update_type == BUG_UPDATE_TYPE_CLOSE ) &&
- bug_is_user_reporter( $f_bug_id, auth_get_current_user_id() ) &&
- config_get( 'allow_reporter_close' ) == ON;
-
-if ( !$t_reporter_closing ) {
- # Ensure that the user has permission to update bugs. This check also factors
- # in whether the user has permission to view private bugs. The
- # $g_limit_reporters option is also taken into consideration.
- access_ensure_bug_level( config_get( 'update_bug_threshold' ), $f_bug_id );
-
- # Check if the bug is in a read-only state and whether the current user has
- # permission to update read-only bugs.
- if( bug_is_readonly( $f_bug_id ) ) {
- error_parameters( $f_bug_id );
- trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
- }
-}
-
$t_updated_bug = clone $t_existing_bug;
$t_updated_bug->additional_information = gpc_get_string( 'additional_information', $t_existing_bug->additional_information );
@@ -155,6 +138,30 @@
$t_reopen_issue = true;
}
+$t_reporter_closing =
+ ( $f_update_type == BUG_UPDATE_TYPE_CLOSE ) &&
+ bug_is_user_reporter( $f_bug_id, $t_current_user_id ) &&
+ access_can_close_bug( $t_existing_bug, $t_current_user_id );
+
+$t_reporter_reopening =
+ ( ( $f_update_type == BUG_UPDATE_TYPE_REOPEN ) || $t_reopen_issue ) &&
+ bug_is_user_reporter( $f_bug_id, $t_current_user_id ) &&
+ access_can_reopen_bug( $t_existing_bug, $t_current_user_id );
+
+if ( !$t_reporter_reopening && !$t_reporter_closing ) {
+ # Ensure that the user has permission to update bugs. This check also factors
+ # in whether the user has permission to view private bugs. The
+ # $g_limit_reporters option is also taken into consideration.
+ access_ensure_bug_level( config_get( 'update_bug_threshold' ), $f_bug_id );
+
+ # Check if the bug is in a read-only state and whether the current user has
+ # permission to update read-only bugs.
+ if( bug_is_readonly( $f_bug_id ) ) {
+ error_parameters( $f_bug_id );
+ trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
+ }
+}
+
# If resolving or closing, ensure that all dependant issues have been resolved.
if( ( $t_resolve_issue || $t_close_issue ) &&
!relationship_can_resolve_bug( $f_bug_id ) ) {
@@ -172,13 +179,13 @@
$t_can_bypass_status_access_thresholds = false;
if( $t_close_issue &&
$t_existing_bug->status >= $t_resolved_status &&
- $t_existing_bug->reporter_id === auth_get_current_user_id() &&
+ $t_existing_bug->reporter_id === $t_current_user_id &&
config_get( 'allow_reporter_close' ) ) {
$t_can_bypass_status_access_thresholds = true;
} else if( $t_reopen_issue &&
$t_existing_bug->status >= $t_resolved_status &&
$t_existing_bug->status <= $t_closed_status &&
- $t_existing_bug->reporter_id === auth_get_current_user_id() &&
+ $t_existing_bug->reporter_id === $t_current_user_id &&
config_get( 'allow_reporter_reopen' ) ) {
$t_can_bypass_status_access_thresholds = true;
}
@@ -346,8 +353,8 @@
config_get( 'reassign_on_feedback' ) &&
$t_existing_bug->status === config_get( 'bug_feedback_status' ) &&
$t_updated_bug->status !== $t_existing_bug->status &&
- $t_updated_bug->handler_id !== auth_get_current_user_id() &&
- $t_updated_bug->reporter_id === auth_get_current_user_id() ) {
+ $t_updated_bug->handler_id !== $t_current_user_id &&
+ $t_updated_bug->reporter_id === $t_current_user_id ) {
if( $t_updated_bug->handler_id !== NO_USER ) {
$t_updated_bug->status = config_get( 'bug_assigned_status' );
} else {
diff --git a/core/constant_inc.php b/core/constant_inc.php
index 45e1c4bb6e..ce06f745b0 100644
--- a/core/constant_inc.php
+++ b/core/constant_inc.php
@@ -223,6 +223,8 @@
define( 'BUG_UPDATE_TYPE_NORMAL', 'update' );
define( 'BUG_UPDATE_TYPE_ASSIGN', 'assign' );
define( 'BUG_UPDATE_TYPE_CLOSE', 'close' );
+define( 'BUG_UPDATE_TYPE_REOPEN', 'reopen' );
+define( 'BUG_UPDATE_TYPE_CHANGE_STATUS', 'change_status' );
# error messages
define( 'ERROR_GENERIC', 0 );
diff --git a/core/html_api.php b/core/html_api.php
index 781b02bea2..24007fcd2d 100644
--- a/core/html_api.php
+++ b/core/html_api.php
@@ -1554,6 +1554,7 @@ function html_button_bug_change_status( BugData $p_bug ) {
$t_bug_id = string_attribute( $p_bug->id );
echo '' . "\n";
+ echo '' . "\n";
echo '' . "\n";
}
@@ -1688,7 +1689,7 @@ function html_button_bug_reopen( BugData $p_bug ) {
html_button(
'bug_change_status_page.php',
lang_get( 'reopen_bug_button' ),
- array( 'id' => $p_bug->id, 'new_status' => $t_reopen_status, 'reopen_flag' => ON ) );
+ array( 'id' => $p_bug->id, 'new_status' => $t_reopen_status, 'change_type' => BUG_UPDATE_TYPE_REOPEN ) );
}
}
@@ -1706,7 +1707,7 @@ function html_button_bug_close( BugData $p_bug ) {
html_button(
'bug_change_status_page.php',
lang_get( 'close_bug_button' ),
- array( 'id' => $p_bug->id, 'new_status' => $t_closed_status ) );
+ array( 'id' => $p_bug->id, 'new_status' => $t_closed_status, 'change_type' => BUG_UPDATE_TYPE_CLOSE ) );
}
}