Bug 1796692 - Update triage owners report to alter permitted status v…

…alues depending on if the product belongs to core-security
mozilla-bteam · Oct 24, 2022 · 9f04dbf · 9f04dbf
1 parent 5310b2f
commit 9f04dbf
Showing 1 changed file with 32 additions and 6 deletions.
diff --git a/extensions/BMO/lib/Reports/Triage.pm b/extensions/BMO/lib/Reports/Triage.pm
@@ -14,6 +14,7 @@ use warnings;
 use Bugzilla::Component;
 use Bugzilla::Constants;
 use Bugzilla::Error;
+use Bugzilla::Group;
 use Bugzilla::Product;
 use Bugzilla::User;
 use Bugzilla::Util qw(detaint_natural trim url_quote);
@@ -295,6 +296,15 @@ sub owners {
     }
   }
 
+  # List of core security groups to be used later when determining if the triage
+  # owner is a member of core security groups needed to see private bugs
+  my @core_security_names;
+  foreach my $group (Bugzilla::Group->get_all()) {
+    if ($group->name =~ /.*core-security$/) {
+      push @core_security_names, $group->name;
+    }
+  }
+
   my $sql
     = "SELECT products.name, components.name, components.id, components.triage_owner_id
                FROM components JOIN products ON components.product_id = products.id
@@ -355,15 +365,31 @@ sub owners {
     # if the product object has the default_security_group method.
     # Also make sure the current user has permission to see this information
     my $product_obj = Bugzilla::Product->new({name => $product_name, cache => 1});
-    if ( $product_obj->can('default_security_group')
-      && $product_obj->default_security_group
-      && $user->in_group('mozilla-employee-confidential'))
+    if ( $triage_owner
+      && $user->in_group('mozilla-employee-confidential')
+      && $product_obj->can('default_security_group')
+      && $product_obj->default_security_group)
     {
-      $data->{in_prod_security_group}
-        = $triage_owner
-        && $triage_owner->in_group($product_obj->default_security_group)
+      my $in_secure_group
+        = $triage_owner->in_group($product_obj->default_security_group)
         ? 'Yes'
         : 'No';
+
+      # core-security is different in that very limited people are actually
+      # in this group. Normally these are triaged by security team first and
+      # and then a more appropriate group is selected. So we will show yes
+      # if the triage owner is a member or one or more .*core-security groups.
+      if ($product_obj->default_security_group eq 'core-security') {
+        foreach my $group_name (@core_security_names) {
+
+          if ($triage_owner->in_group($group_name)) {
+            $in_secure_group = "Yes (member of $group_name)";
+            last;
+          }
+        }
+      }
+
+      $data->{in_prod_security_group} = $in_secure_group;
     }
 
     my $total = 0;