[Rt-commit] rt branch, 3.8-trunk, updated. rt-3.8.8-42-g2338cd1
? sunnavy
sunnavy at bestpractical.com
Thu May 13 09:20:17 EDT 2010
The branch, 3.8-trunk has been updated
via 2338cd19ed7a7f4c1e94f639ab2789d6586d01f3 (commit)
from 4fe46463daa743db38ab8e582b2fa7e3e42a16c9 (commit)
Summary of changes:
lib/RT/Scrips_Overlay.pm | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
- Log -----------------------------------------------------------------
commit 2338cd19ed7a7f4c1e94f639ab2789d6586d01f3
Author: sunnavy <sunnavy at bestpractical.com>
Date: Thu May 13 20:28:35 2010 +0800
security fix: clone the ticket to set CurrentUser
diff --git a/lib/RT/Scrips_Overlay.pm b/lib/RT/Scrips_Overlay.pm
index df24b3c..1d30702 100644
--- a/lib/RT/Scrips_Overlay.pm
+++ b/lib/RT/Scrips_Overlay.pm
@@ -283,7 +283,10 @@ sub _SetupSourceObjects {
TransactionObj => undef,
@_ );
- if ( ( $self->{'TicketObj'} = $args{'TicketObj'} ) ) {
+
+ if ( $args{'TicketObj'} ) {
+ # clone the ticket here as we need to change CurrentUser
+ $self->{'TicketObj'} = bless { %{$args{'TicketObj'} } }, 'RT::Ticket';
$self->{'TicketObj'}->CurrentUser( $self->CurrentUser );
}
else {
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list