[TEST] locking priority, severity, assignee, QA contact in bugzilla

Hi All,

I've hacked bugzilla a bit but it needs some thorough testing before we
commit it to our actual bugzilla instance.

*What I've done*:

  * Locked the following fields to anyone that does not belong to group
    "contributors" or are assigned the bug
      o QA Contact;
      o Assignee;
      o Severity
      o Priority

*To test:*

 1. Head over to our test instance of bugzilla:
    *https://bugzilla-test.documentfoundation.org/*
     1. As a starting point you can check by going here:
        https://bugzilla-test.documentfoundation.org/show_bug.cgi?id=89058
        (you should see fields locked out)
 2. Contact me to get added to contributor group (include your email
    that you use on bugzilla)
 3. Create a test login that won't have any privileges

Now you should be able to report bugs and compare what happens with your
two users (the one in contributors and the new test account you create)

*What Needs Testing
*

 1. Basically do everything you could think of, create a bug with both
    accounts, compare your access, change status (NEW, FIXED, ETC....),
    see what impact you see, report any issues to me directly (please
    include repro steps to save me time :) )


*Goal:
**We hope to abandon MAB once and for all and replace with objectively
accurate priorities/severity
*Being added to "contributor" group will be *very* easy, we'll document
it on the wiki but basically it will be emailing the QA list with a
generic email that requests being added. We don't want this to be a
hurdle beyond users manipulating bug priority/severity.

Contact me with any questions/concerns


Thanks all


Best,
Joel