diff -u bugzilla/buglist.cgi /usr/share/bugzilla/buglist.cgi --- bugzilla/buglist.cgi 2008-03-07 15:53:40.000000000 -0600 +++ /usr/share/bugzilla/buglist.cgi 2008-03-26 12:30:23.000000000 -0500 @@ -49,16 +49,20 @@ use Date::Parse; + my $cgi = Bugzilla->cgi; my $dbh = Bugzilla->dbh; my $template = Bugzilla->template; my $vars = {}; my $buffer = $cgi->query_string(); +my $trusted_group = 'DevTeam'; + # We have to check the login here to get the correct footer if an error is # thrown and to prevent a logged out user to use QuickSearch if 'requirelogin' # is turned 'on'. Bugzilla->login(); +my $istrusted = Bugzilla->user->in_group($trusted_group) ? 1 : 0; if (length($buffer) == 0) { print $cgi->header(-refresh=> '10; URL=query.cgi'); @@ -623,18 +627,24 @@ DefineColumn("bug_severity" , "bugs.bug_severity" , "Severity" ); DefineColumn("priority" , "bugs.priority" , "Priority" ); DefineColumn("rep_platform" , "bugs.rep_platform" , "Hardware" ); -DefineColumn("assigned_to" , "map_assigned_to.realname" , "Assignee" ); -DefineColumn("reporter" , "map_reporter.realname" , "Reporter" ); -DefineColumn("qa_contact" , "map_qa_contact.realname" , "QA Contact" ); -#if ($format->{'extension'} eq 'html') { -# DefineColumn("assigned_to_realname", "CASE WHEN map_assigned_to.realname = '' THEN map_assigned_to.login_name ELSE map_assigned_to.realname END AS assigned_to_realname", "Assignee" ); -# DefineColumn("reporter_realname" , "CASE WHEN map_reporter.realname = '' THEN map_reporter.login_name ELSE map_reporter.realname END AS reporter_realname" , "Reporter" ); -# DefineColumn("qa_contact_realname" , "CASE WHEN map_qa_contact.realname = '' THEN map_qa_contact.login_name ELSE map_qa_contact.realname END AS qa_contact_realname" , "QA Contact"); -#} else { +if ($istrusted) { + DefineColumn("assigned_to" , "map_assigned_to.login_name" , "Assignee" ); + DefineColumn("reporter" , "map_reporter.login_name" , "Reporter" ); + DefineColumn("qa_contact" , "map_qa_contact.login_name" , "QA Contact" ); +} else { + DefineColumn("assigned_to" , "map_assigned_to.realname" , "Assignee" ); + DefineColumn("reporter" , "map_reporter.realname" , "Reporter" ); + DefineColumn("qa_contact" , "map_qa_contact.realname" , "QA Contact" ); +} +if ($format->{'extension'} eq 'html' && $istrusted) { + DefineColumn("assigned_to_realname", "CASE WHEN map_assigned_to.realname = '' THEN map_assigned_to.login_name ELSE map_assigned_to.realname END AS assigned_to_realname", "Assignee" ); + DefineColumn("reporter_realname" , "CASE WHEN map_reporter.realname = '' THEN map_reporter.login_name ELSE map_reporter.realname END AS reporter_realname" , "Reporter" ); + DefineColumn("qa_contact_realname" , "CASE WHEN map_qa_contact.realname = '' THEN map_qa_contact.login_name ELSE map_qa_contact.realname END AS qa_contact_realname" , "QA Contact"); +} else { DefineColumn("assigned_to_realname", "map_assigned_to.realname AS assigned_to_realname", "Assignee" ); DefineColumn("reporter_realname" , "map_reporter.realname AS reporter_realname" , "Reporter" ); DefineColumn("qa_contact_realname" , "map_qa_contact.realname AS qa_contact_realname" , "QA Contact"); -#} +} DefineColumn("bug_status" , "bugs.bug_status" , "Status" ); DefineColumn("resolution" , "bugs.resolution" , "Resolution" ); DefineColumn("short_short_desc" , "bugs.short_desc" , "Summary" ); diff -u bugzilla/.htaccess /usr/share/bugzilla/.htaccess --- bugzilla/.htaccess 2007-11-07 10:12:54.000000000 -0600 +++ /usr/share/bugzilla/.htaccess 2008-03-26 11:23:33.000000000 -0500 @@ -1,4 +1,4 @@ -# don't allow people to retrieve non-cgi executable files or our private data +# Don't allow people to retrieve non-cgi executable files or our private data deny from all