summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorendico%mozilla.org <>2000-04-19 11:14:36 +0200
committerendico%mozilla.org <>2000-04-19 11:14:36 +0200
commit8286387d6ea6cc755aa47459a609f60d75d59628 (patch)
treee6875367151fdffdeab687070ee6e7e8fc81ac9c
parent04e9a1ce86f50d71029cad6faee633d76bf466d8 (diff)
downloadbugzilla-8286387d6ea6cc755aa47459a609f60d75d59628.tar.gz
bugzilla-8286387d6ea6cc755aa47459a609f60d75d59628.tar.xz
backing out because this has broken bugzilla.mozilla.org. the choice is no longer given in show_bug.cgi to make bugs confidential. I need to change lounge so it no longer automatically updates.
-rw-r--r--CGI.pl3
-rw-r--r--bug_form.pl2
-rwxr-xr-xeditgroups.cgi470
-rwxr-xr-xenter_bug.cgi76
-rwxr-xr-xpost_bug.cgi6
5 files changed, 48 insertions, 509 deletions
diff --git a/CGI.pl b/CGI.pl
index bed81db83..6f31f604f 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -946,9 +946,6 @@ sub GetCommandMenu {
if (UserInGroup("editkeywords")) {
$html .= ", <a href=editkeywords.cgi>keywords</a>";
}
- if (UserInGroup("creategroups") && Param("usebuggroups")) {
- $html .= ", <a href=editgroups.cgi>groups</a>";
- }
$html .= " | <NOBR><a href=relogin.cgi>Log out</a> $::COOKIE{'Bugzilla_login'}</NOBR>";
} else {
$html .=
diff --git a/bug_form.pl b/bug_form.pl
index 2b705efd0..1402a1a47 100644
--- a/bug_form.pl
+++ b/bug_form.pl
@@ -355,7 +355,7 @@ print "
<TEXTAREA WRAP=HARD NAME=comment ROWS=5 COLS=80></TEXTAREA><BR>";
-if ($::usergroupset ne '0' and Param('usebuggroups')) {
+if ($::usergroupset ne '0') {
SendSQL("select bit, description, (bit & $bug{'groupset'} != 0) from groups where bit & $::usergroupset != 0 and isbuggroup != 0 order by bit");
while (MoreSQLData()) {
my ($bit, $description, $ison) = (FetchSQLData());
diff --git a/editgroups.cgi b/editgroups.cgi
deleted file mode 100755
index 1f329d8ac..000000000
--- a/editgroups.cgi
+++ /dev/null
@@ -1,470 +0,0 @@
-#!/usr/bonsaitools/bin/perl -w
-# -*- Mode: perl; indent-tabs-mode: nil -*-
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Bugzilla Bug Tracking System.
-#
-# The Initial Developer of the Original Code is Netscape Communications
-# Corporation. Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): Dave Miller <dave@intrec.com>
-
-# Code derived from editowners.cgi and editusers.cgi
-
-use diagnostics;
-use strict;
-
-require "CGI.pl";
-
-confirm_login();
-
-print "Content-type: text/html\n\n";
-
-if (!UserInGroup("creategroups")) {
- PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!");
- print "<H1>Sorry, you aren't a member of the 'creategroups' group.</H1>\n";
- print "And so, you aren't allowed to edit the groups.\n";
- print "<p>\n";
- PutFooter();
- exit;
-}
-
-my $action = trim($::FORM{action} || '');
-
-# TestGroup: check if the group name exists
-sub TestGroup ($)
-{
- my $group = shift;
-
- # does the group exist?
- SendSQL("SELECT name
- FROM groups
- WHERE name=" . SqlQuote($group));
- return FetchOneColumn();
-}
-
-sub ShowError ($)
-{
- my $msgtext = shift;
- print "<TABLE BGCOLOR=\"#FF0000\" CELLPADDING=15><TR><TD>";
- print "<B>$msgtext</B>";
- print "</TD></TR></TABLE><P>";
- return 1;
-}
-
-#
-# Displays a text like "a.", "a or b.", "a, b or c.", "a, b, c or d."
-#
-
-sub PutTrailer (@)
-{
- my (@links) = ("<a href=index.html>Back to the Main Bugs Page</a>", @_);
-
- my $count = $#links;
- my $num = 0;
- print "<P>\n";
- foreach (@links) {
- print $_;
- if ($num == $count) {
- print ".\n";
- }
- elsif ($num == $count-1) {
- print " or ";
- }
- else {
- print ", ";
- }
- $num++;
- }
- PutFooter();
-}
-
-#
-# action='' -> No action specified, get a list.
-#
-
-unless ($action) {
- PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in.");
-
- print "<form method=post action=editgroups.cgi>\n";
- print "<table border=1>\n";
- print "<tr>";
- print "<th>Bit</th>";
- print "<th>Name</th>";
- print "<th>Description</th>";
- print "<th>User RegExp</th>";
- print "<th>Action</th>";
- print "</tr>\n";
-
- SendSQL("SELECT bit,name,description,userregexp " .
- "FROM groups " .
- "WHERE isbuggroup != 0 " .
- "ORDER BY bit");
-
- while (MoreSQLData()) {
- my ($bit, $name, $desc, $regexp) = FetchSQLData();
- print "<tr>\n";
- print "<td valign=middle>$bit</td>\n";
- print "<td><input size=20 name=\"name-$bit\" value=\"$name\">\n";
- print "<input type=hidden name=\"oldname-$bit\" value=\"$name\"></td>\n";
- print "<td><input size=40 name=\"desc-$bit\" value=\"$desc\">\n";
- print "<input type=hidden name=\"olddesc-$bit\" value=\"$desc\"></td>\n";
- print "<td><input size=30 name=\"regexp-$bit\" value=\"$regexp\">\n";
- print "<input type=hidden name=\"oldregexp-$bit\" value=\"$regexp\"></td>\n";
- print "<td align=center valign=middle><a href=\"editgroups.cgi?action=del&group=$bit\">Delete</a></td>\n";
- print "</tr>\n";
- }
-
- print "<tr>\n";
- print "<td colspan=4></td>\n";
- print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n";
- print "</tr>\n";
- print "</table>\n";
- print "<input type=hidden name=\"action\" value=\"update\">";
- print "<input type=submit value=\"Submit changes\">\n";
- print "</form>\n";
-
- print "<p>";
- print "<b>Name</b> is what is used with the UserInGroup() function in any
-customized cgi files you write that use a given group. It can also be used by
-people submitting bugs by email to limit a bug to a certain groupset. It
-may not contain any spaces.<p>";
- print "<b>Description</b> is what will be shown in the bug reports to
-members of the group where they can choose whether the bug will be restricted
-to others in the same group.<p>";
- print "<b>User RegExp</b> is optional, and if filled in, will automatically
-grant membership to this group to anyone creating a new account with an
-email address that matches this regular expression.<p>";
- print "In addition, the following groups that determine user privileges
-exist. You can not edit these, but you need to know they are here, because
-you can't duplicate the Names of any of them in your user groups either.<p>";
-
- print "<table border=1>\n";
- print "<tr>";
- print "<th>Bit</th>";
- print "<th>Name</th>";
- print "<th>Description</th>";
- print "</tr>\n";
-
- SendSQL("SELECT bit,name,description " .
- "FROM groups " .
- "WHERE isbuggroup = 0 " .
- "ORDER BY bit");
-
- while (MoreSQLData()) {
- my ($bit, $name, $desc) = FetchSQLData();
- print "<tr>\n";
- print "<td>$bit</td>\n";
- print "<td>$name</td>\n";
- print "<td>$desc</td>\n";
- print "</tr>\n";
- }
-
- print "</table><p>\n";
-
- PutFooter();
- exit;
-}
-
-#
-# action='add' -> present form for parameters for new group
-#
-# (next action will be 'new')
-#
-
-if ($action eq 'add') {
- PutHeader("Add group");
-
- print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
- print "<TABLE BORDER=1 CELLPADDING=4 CELLSPACING=0><TR>\n";
- print "<th>New Name</th>";
- print "<th>New Description</th>";
- print "<th>New User RegExp</th>";
- print "</tr><tr>";
- print "<td><input size=20 name=\"name\"></td>\n";
- print "<td><input size=40 name=\"desc\"></td>\n";
- print "<td><input size=30 name=\"regexp\"></td>\n";
- print "</TR></TABLE>\n<HR>\n";
- print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
- print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"new\">\n";
- print "</FORM>";
-
- print "<p>";
- print "<b>Name</b> is what is used with the UserInGroup() function in any
-customized cgi files you write that use a given group. It can also be used by
-people submitting bugs by email to limit a bug to a certain groupset. It
-may not contain any spaces.<p>";
- print "<b>Description</b> is what will be shown in the bug reports to
-members of the group where they can choose whether the bug will be restricted
-to others in the same group.<p>";
- print "<b>User RegExp</b> is optional, and if filled in, will automatically
-grant membership to this group to anyone creating a new account with an
-email address that matches this regular expression.<p>";
-
- PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
- exit;
-}
-
-
-
-#
-# action='new' -> add group entered in the 'action=add' screen
-#
-
-if ($action eq 'new') {
- PutHeader("Adding new group");
-
- # Cleanups and valididy checks
- my $name = trim($::FORM{name} || '');
- my $desc = trim($::FORM{desc} || '');
- my $regexp = trim($::FORM{regexp} || '');
-
- unless ($name) {
- ShowError("You must enter a name for the new group.<BR>" .
- "Please click the <b>Back</b> button and try again.");
- PutFooter();
- exit;
- }
- unless ($desc) {
- ShowError("You must enter a description for the new group.<BR>" .
- "Please click the <b>Back</b> button and try again.");
- PutFooter();
- exit;
- }
- if (TestGroup($name)) {
- ShowError("The group '" . $name . "' already exists.<BR>" .
- "Please click the <b>Back</b> button and try again.");
- PutFooter();
- exit;
- }
-
- # Major hack for bit values... perl can't handle 64-bit ints, so I can't
- # just do the math to get the next available bit number, gotta handle
- # them as strings... also, we're actually only going to allow 63 bits
- # because that's all that opblessgroupset masks for (the high bit is off
- # to avoid signing issues).
-
- my @bitvals = ('1','2','4','8','16','32','64','128','256','512','1024',
- '2048','4096','8192','16384','32768',
-
- '65535','131072','262144','524288','1048576','2097152',
- '4194304','8388608','16777216','33554432','67108864',
- '134217728','268435456','536870912','1073741824',
- '2147483648',
-
- '4294967296','8589934592','17179869184','34359738368',
- '68719476736','137438953472','274877906944',
- '549755813888','1099511627776','2199023255552',
- '4398046511104','8796093022208','17592186044416',
- '35184372088832','70368744177664','140737488355328',
-
- '281474976710656','562949953421312','1125899906842624',
- '2251799813685248','4503599627370496','9007199254740992',
- '18014398509481984','36028797018963968','72057594037927936',
- '144115188075855872','288230376151711744',
- '576460752303423488','1152921504606846976',
- '2305843009213693958','4611686018427387916');
-
- # First the next available bit
- my $bit = "";
- foreach (@bitvals) {
- if ($bit == "") {
- SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($_));
- if (!FetchOneColumn()) { $bit = $_; }
- }
- }
- if ($bit == "") {
- ShowError("Sorry, you already have the maximum number of groups " .
- "defined.<BR><BR>You must delete a group first before you " .
- "can add any more.</B>");
- PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
- exit;
- }
-
- # Add the new group
- SendSQL("INSERT INTO groups ( " .
- "bit, name, description, isbuggroup, userregexp" .
- " ) VALUES ( " .
- $bit . "," .
- SqlQuote($name) . "," .
- SqlQuote($desc) . "," .
- "1," .
- SqlQuote($regexp) . ")" );
-
- print "OK, done.<p>\n";
- print "Your new group was assigned bit #$bit.<p>";
- PutTrailer("<a href=\"editgroups.cgi?action=add\">Add another group</a>",
- "<a href=\"editgroups.cgi\">Back to the group list</a>");
- exit;
-}
-
-#
-# action='del' -> ask if user really wants to delete
-#
-# (next action would be 'delete')
-#
-
-if ($action eq 'del') {
- PutHeader("Delete group");
- my $bit = trim($::FORM{group} || '');
- unless ($bit) {
- ShowError("No group specified.<BR>" .
- "Click the <b>Back</b> button and try again.");
- PutFooter();
- exit;
- }
- SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($bit));
- if (!FetchOneColumn()) {
- ShowError("That group doesn't exist.<BR>" .
- "Click the <b>Back</b> button and try again.");
- PutFooter();
- exit;
- }
- SendSQL("SELECT name,description " .
- "FROM groups " .
- "WHERE bit = " . SqlQuote($bit));
-
- my ($name, $desc) = FetchSQLData();
- print "<table border=1>\n";
- print "<tr>";
- print "<th>Bit</th>";
- print "<th>Name</th>";
- print "<th>Description</th>";
- print "</tr>\n";
- print "<tr>\n";
- print "<td>$bit</td>\n";
- print "<td>$name</td>\n";
- print "<td>$desc</td>\n";
- print "</tr>\n";
- print "</table>\n";
-
- print "<H2>Confirmation</H2>\n";
- print "<P>Do you really want to delete this group?<P>\n";
-
- print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
- print "<INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n";
- print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n";
- print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$bit\">\n";
- print "</FORM>";
-
- PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>");
- exit;
-}
-
-#
-# action='delete' -> really delete the group
-#
-
-if ($action eq 'delete') {
- PutHeader("Deleting user");
- ShowError("This function has not been implemented yet! (Sorry)<br>" .
- "Try again later");
-
- print "
-Deleting a group is not as easy as it sounds:<p>
-<OL>
-<LI>All users have to be checked to ensure anyone who is a member of this group is first removed from membership.
-<LI>All bugs have to be checked to ensure no bugs are set to use this group.
-</OL>
-If the above is not done, conflicts may occur if a new group is created that uses a bit number that has already been used in the past.<p>
-Deleting a group will be implemented very shortly, stay tuned!
-I just figured most people would be more interested in adding and editing
-groups for the time being, so I would get that done first, so I could get this out here for people to use. :)<p>
-Watch <a href=\"http://bugzilla.mozilla.org/show_bug.cgi?id=25010\">Bug 25010</a> on Mozilla's bugzilla for details.
-<p>
-";
-
- PutTrailer("<a href=editgroups.cgi>Back to group list</a>");
- exit;
-}
-
-#
-# action='update' -> update the groups
-#
-
-if ($action eq 'update') {
- PutHeader("Updating groups");
-
- my $chgs = 0;
-
- foreach my $b (grep(/^name-\d*$/, keys %::FORM)) {
- if ($::FORM{$b}) {
- my $v = substr($b, 5);
-
-# print "Old: '" . $::FORM{"oldname-$v"} . "', '" . $::FORM{"olddesc-$v"} .
-# "', '" . $::FORM{"oldregexp-$v"} . "'<br>";
-# print "New: '" . $::FORM{"name-$v"} . "', '" . $::FORM{"desc-$v"} .
-# "', '" . $::FORM{"regexp-$v"} . "'<br>";
-
- if ($::FORM{"oldname-$v"} ne $::FORM{"name-$v"}) {
- $chgs = 1;
- SendSQL("SELECT name FROM groups WHERE name=" .
- SqlQuote($::FORM{"name-$v"}));
- if (!FetchOneColumn()) {
- SendSQL("UPDATE groups SET name=" .
- SqlQuote($::FORM{"name-$v"}) .
- " WHERE bit=" . SqlQuote($v));
- print "Group $v name updated.<br>\n";
- } else {
- ShowError("Duplicate name '" . $::FORM{"name-$v"} .
- "' specified for group $v.<BR>" .
- "Update of group $v name skipped.");
- }
- }
- if ($::FORM{"olddesc-$v"} ne $::FORM{"desc-$v"}) {
- $chgs = 1;
- SendSQL("SELECT description FROM groups WHERE description=" .
- SqlQuote($::FORM{"desc-$v"}));
- if (!FetchOneColumn()) {
- SendSQL("UPDATE groups SET description=" .
- SqlQuote($::FORM{"desc-$v"}) .
- " WHERE bit=" . SqlQuote($v));
- print "Group $v description updated.<br>\n";
- } else {
- ShowError("Duplicate description '" . $::FORM{"desc-$v"} .
- "' specified for group $v.<BR>" .
- "Update of group $v description skipped.");
- }
- }
- if ($::FORM{"oldregexp-$v"} ne $::FORM{"regexp-$v"}) {
- $chgs = 1;
- SendSQL("UPDATE groups SET userregexp=" .
- SqlQuote($::FORM{"regexp-$v"}) .
- " WHERE bit=" . SqlQuote($v));
- print "Group $v user regexp updated.<br>\n";
- }
- }
- }
- if (!$chgs) {
- print "You didn't change anything!<BR>\n";
- print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n";
- } else {
- print "Done.<p>\n";
- }
- PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
- exit;
-}
-
-#
-# No valid action found
-#
-
-PutHeader("Error");
-print "I don't have a clue what you want.<BR>\n";
-
-foreach ( sort keys %::FORM) {
- print "$_: $::FORM{$_}<BR>\n";
-}
-
-PutTrailer("<a href=editgroups.cgi>Try the group list</a>");
diff --git a/enter_bug.cgi b/enter_bug.cgi
index 086372d23..f89f2f436 100755
--- a/enter_bug.cgi
+++ b/enter_bug.cgi
@@ -250,17 +250,15 @@ PutHeader ("Enter Bug","Enter Bug","This page lets you enter a new bug into Bugz
# Modified, -JMR, 2/24,00
# If the usebuggroupsentry parameter is set, we need to check and make sure
# that the user has permission to enter a bug against this product.
-# Modified, -DDM, 3/11/00
-# added GroupExists check so we don't choke on a groupless product
-if(Param("usebuggroupsentry")
- && GroupExists($product)
- && !UserInGroup($product)) {
- print "<H1>Permission denied.</H1>\n";
- print "Sorry; you do not have the permissions necessary to enter\n";
- print "a bug against this product.\n";
- print "<P>\n";
- PutFooter();
- exit;
+if(Param("usebuggroupsentry")) {
+ if(!UserInGroup($product)) {
+ print "<H1>Permission denied.</H1>\n";
+ print "Sorry; you do not have the permissions necessary to enter\n";
+ print "a bug against this product.\n";
+ print "<P>\n";
+ PutFooter();
+ exit;
+ }
}
# Modified, -JMR, 2/18/00
@@ -273,17 +271,14 @@ if(Param("usebuggroupsentry")
# the database, (2) insert the select box in the giant print statements below,
# and (3) update post_bug.cgi to process the additional input field.
-# Modified, -DDM, 3/11/00
-# Only need the bit here, and not the description. Description is gotten
-# when the select boxes for all the groups this user has access to are read
-# in later on.
# First we get the bit and description for the group.
my $group_bit=0;
+my $group_desc;
if(Param("usebuggroups") && GroupExists($product)) {
- SendSQL("select bit from groups ".
+ SendSQL("select bit, description from groups ".
"where name = ".SqlQuote($product)." ".
"and isbuggroup != 0");
- ($group_bit) = FetchSQLData();
+ ($group_bit, $group_desc) = FetchSQLData();
}
print "
@@ -393,6 +388,33 @@ print "
value_quote(formvalue('comment')) .
"</TEXTAREA><BR></td>
</tr>";
+# In between the Description field and the Submit buttons, we'll put in the
+# select box for the bug group, if necessary.
+# Rather than waste time with another Param check and another database access,
+# $group_bit will only have a non-zero value if we're using bug groups and have
+# one for this product, so I'll check on that instead here. -JMR, 2/18/00
+if($group_bit) {
+ # In addition, we need to handle the possibility that we're coming from
+ # a bookmark template. We'll simply check if we've got a parameter called
+ # groupset passed with a value other than the current bit. If so, then we're
+ # coming from a template, and we don't have group_bit set, so turn it off.
+ my $check0 = (formvalue("groupset",$group_bit) == $group_bit) ? "" : " SELECTED";
+ my $check1 = ($check0 eq "") ? " SELECTED" : "";
+ print "
+ <tr>
+ <td align=right><B>Access:</td>
+ <td colspan=5>
+ <select name=\"groupset\">
+ <option value=0$check0>
+ People not in the \"$group_desc\" group can see this bug
+ </option>
+ <option value=$group_bit$check1>
+ Only people in the \"$group_desc\" group can see this bug
+ </option>
+ </select>
+ </td>
+ </tr>"
+}
print "
<tr>
@@ -402,31 +424,15 @@ print "
if ($::usergroupset ne '0') {
SendSQL("SELECT bit, description FROM groups " .
"WHERE bit & $::usergroupset != 0 " .
- " AND isbuggroup != 0 ORDER BY description");
+ " AND isbuggroup != 0 ORDER BY bit");
while (MoreSQLData()) {
my ($bit, $description) = (FetchSQLData());
- # Rather than waste time with another Param check and another database
- # access, $group_bit will only have a non-zero value if we're using
- # bug groups and have one for this product, so I'll check on that
- # instead here. -JMR, 2/18/00
- # Moved this check to this location to fix conflict with existing
- # select-box patch. Also, if $group_bit is 0, it won't match the
- # current group, either, so I'll compare it to the current bit
- # instead of checking for non-zero. -DDM, 3/11/00
- my $check = 0; # default selection
- if($group_bit == $bit) {
- # In addition, we need to handle the possibility that we're coming
- # from a bookmark template. We'll simply check if we've got a
- # parameter called bit-# passed. If so, then we're coming from a
- # template, and we'll use the template value.
- $check = formvalue("bit-$bit","1");
- }
print BuildPulldown("bit-$bit",
[["0",
"People not in the \"$description\" group can see this bug"],
["1",
"Only people in the \"$description\" group can see this bug"]],
- $check);
+ 0);
print "<BR>\n";
}
}
diff --git a/post_bug.cgi b/post_bug.cgi
index 5695e5f0c..236213559 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -121,6 +121,12 @@ if (Param("useqacontact")) {
}
}
+# If we're using bug groups, we need to include the groupset in the list of
+# fields. -JMR, 2/18/00
+if(Param("usebuggroups")) {
+ push(@bug_fields, "groupset");
+}
+
if (exists $::FORM{'bug_status'}) {
if (!UserInGroup("canedit") && !UserInGroup("canconfirm")) {
delete $::FORM{'bug_status'};