bmo API key set on wrong hierarchy member, preventing trusted items to go through

[padenot]

This started happening when addressing the comment to use libmozdata and I didn't re-try with an actual token, and the test to use an actual token was marked to skip if no token was present, and my tests did the wrong things :-(.

Before the patch, the code was setting the token on the Bugzilla class:

bugbug/bugbug/bugzilla.py

Line 123 in f248f8a

Bugzilla.TOKEN = token

(that's the commit right before the filtering commit). This was fine in practice, because Bugzilla was the only class used (from what I can tell).

After the patch, BugzillaUser was created, but the code is structured in a way that Bugzilla and BugzillaUser are both inheriting from BugzillaBase, so the token was set on the wrong member. And then the tests and mock followed the same thing, and it went unnoticed.

In practice, attempting to get info in the bug results in all comments being filtered out, so we're not in a problematic position.