Permalink
Browse files

Fix application of view_handler_threshold

Fix the validation of view_handler_threshold for specific overrides,
instead of checking on only at global level.

Introduce the validation in changelog and roadmap.

Fixes: #23503
  • Loading branch information...
cproensa authored and vboctor committed Oct 21, 2017
1 parent 1cb34a3 commit 84725ae07760a74d18885e09ec834a2a49487aaa
Showing with 31 additions and 7 deletions.
  1. +23 −0 core/access_api.php
  2. +6 −5 core/columns_api.php
  3. +2 −2 core/custom_function_api.php
View
@@ -836,3 +836,26 @@ function access_threshold_min_level( $p_threshold ) {
}
}
/**
* Checks if the user can view the handler for the bug.
* @param BugData $p_bug Bug to check access against.
* @param integer|null $p_user_id Integer representing user id, defaults to null to use current user.
* @return boolean whether user can view the handler user.
*/
function access_can_see_handler_for_bug( BugData $p_bug, $p_user_id = null ) {
if( null === $p_user_id ) {
$t_user_id = auth_get_current_user_id();
} else {
$t_user_id = $p_user_id;
}
# handler can be viewed if allowed by access level, OR the user himself is the handler
$t_can_view_handler =
( $p_bug->handler_id == $t_user_id )
|| access_has_bug_level(
config_get( 'view_handler_threshold', null, $t_user_id, $p_bug->project_id ),
$p_bug->id );
return $t_can_view_handler;
}
View
@@ -1387,18 +1387,19 @@ function print_column_resolution( BugData $p_bug, $p_columns_target = COLUMNS_TA
* @access public
*/
function print_column_status( BugData $p_bug, $p_columns_target = COLUMNS_TARGET_VIEW_PAGE ) {
$t_current_user = auth_get_current_user_id();
# choose color based on status
$status_label = html_get_status_css_class( $p_bug->status, auth_get_current_user_id(), $p_bug->project_id );
$status_label = html_get_status_css_class( $p_bug->status, $t_current_user, $p_bug->project_id );
echo '<td class="column-status">';
echo '<div class="align-left">';
echo '<i class="fa fa-square fa-status-box ' . $status_label . '"></i> ';
printf( '<span title="%s">%s</span>',
get_enum_element( 'resolution', $p_bug->resolution, auth_get_current_user_id(), $p_bug->project_id ),
get_enum_element( 'status', $p_bug->status, auth_get_current_user_id(), $p_bug->project_id )
get_enum_element( 'resolution', $p_bug->resolution, $t_current_user, $p_bug->project_id ),
get_enum_element( 'status', $p_bug->status, $t_current_user, $p_bug->project_id )
);
# print username instead of status
if( ( ON == config_get( 'show_assigned_names' ) ) && ( $p_bug->handler_id > 0 ) && ( access_has_project_level( config_get( 'view_handler_threshold' ), $p_bug->project_id ) ) ) {
# print handler user next to status
if( $p_bug->handler_id > 0 && ON == config_get( 'show_assigned_names' ) && access_can_see_handler_for_bug( $p_bug ) ) {
printf( ' (%s)', prepare_user_name( $p_bug->handler_id ) );
}
echo '</div></td>';
@@ -108,7 +108,7 @@ function custom_function_default_changelog_print_issue( $p_issue_id, $p_issue_le
echo '<i class="fa fa-square fa-status-box ' . $status_label . '" title="' . $t_status_title . '"></i> ';
echo string_get_bug_view_link( $p_issue_id );
echo ': <span class="label label-light">', $t_category, '</span> ' , string_display_line_links( $t_bug->summary );
if( $t_bug->handler_id != 0 ) {
if( $t_bug->handler_id > 0 && ON == config_get( 'show_assigned_names' ) && access_can_see_handler_for_bug( $t_bug ) ) {
echo ' (', prepare_user_name( $t_bug->handler_id ), ')';
}
echo '<div class="space-2"></div>';
@@ -164,7 +164,7 @@ function custom_function_default_roadmap_print_issue( $p_issue_id, $p_issue_leve
echo '<i class="fa fa-square fa-status-box ' . $status_label . '" title="' . $t_status_title . '"></i> ';
echo string_get_bug_view_link( $p_issue_id );
echo ': <span class="label label-light">', $t_category, '</span> ', $t_strike_start, string_display_line_links( $t_bug->summary ), $t_strike_end;
if( $t_bug->handler_id != 0 ) {
if( $t_bug->handler_id > 0 && ON == config_get( 'show_assigned_names' ) && access_can_see_handler_for_bug( $t_bug ) ) {
echo ' (', prepare_user_name( $t_bug->handler_id ), ')';
}
echo '<div class="space-2"></div>';

0 comments on commit 84725ae

Please sign in to comment.