Currently the 2.18 stable system does a lot to try and filter out email addresses on pages displayable by anonymous users. I thought 3.2 already and similar functionality but was mistaken. Working on a patch to filter out email addresses for anonymous users in our 3.2 based system now. Dave
Created attachment 306312 [details] Patch to sanitize email addresses for anonymous users (v1) Attaching patch to sanitize email addresses for anonymous users. Please look it over for any issues. Also I may have missed some places where email addresses occur so please let me know if you find other places. Thanks Dave
*** Bug 447677 has been marked as a duplicate of this bug. ***
Hi Dave ,, The patch looks good and i think it covered all places,, however it is giving me an error in the buglist.cgi as the following: The custom sort order specified in your cookie contains an invalid column name map_assigned_to.login_name. The cookie has been cleared. It has to do with the columns hash that you changed in Bugzilla/Search.pm other than that it is working perfectly everywhere else Thanks, Noura
Created attachment 306553 [details] Patch to sanitize email addresses for anonymous users (v2) Thanks for the review Noura. Attaching a new patch the fixes the order cookie/formvar to properly remap map_*.login_name to map_*.realname if the user is not logged in. This should get rid of the error that you were getting. Please review Thanks Dave
Committed to CVS. Want to get this in thursdays update. Dave
Comment on attachment 306553 [details] Patch to sanitize email addresses for anonymous users (v2) Hi Dave, Sorry for the late review the patch looks good, and that error now disappeared, however there were couple of things for the webservice interface i am attaching a patch for that. Noura
Created attachment 307006 [details] patch to fix bugzilla.getBug and bugzilla.getProdCompDetails Attached is a patch to make some modification to bugzilla.getBug basically i made use of the %items hash that was not used properly and deleted the login_name from the comments if the user was not logged in. also made a little fix to the bugzilla.getProdCompDetails where it was using wrong key name for the realnames. Please review. Thanks, Noura
Comment on attachment 307006 [details] patch to fix bugzilla.getBug and bugzilla.getProdCompDetails > foreach my $key ( keys %custom_field_return_map ) { > my $field = $custom_field_return_map{$key}; >- $bug->{$key} = $bug->{$field} if defined $bug->{$field}; >+ $item{$key} = $bug->{$field} if defined $bug->{$field}; > delete $bug->{$field}; > } Looks good Noura. Works as expected. Nit-pick: Do we need to do the 'delete $bug->{$field};' anymore since you are no longer returning $bug? Otherwise harmless. Feel free to check in. Dave
cool i have deleted that line Dave and committed to cvs. Thanks, Noura
Pushed to partner-bugzilla. Closing. Dave
*** Bug 486766 has been marked as a duplicate of this bug. ***