diff options
author | Dave Lawrence <dlawrence@mozilla.com> | 2013-05-04 00:23:50 +0200 |
---|---|---|
committer | Dave Lawrence <dlawrence@mozilla.com> | 2013-05-04 00:23:50 +0200 |
commit | 928154771796d8045f2a9fdf712a1305d6d63055 (patch) | |
tree | ff942d7c3c3002a8d4a1c284177d909a9624fe2e /Bugzilla/WebService/Bug.pm | |
parent | 23a53530d7432b6689efdcb4cc79ecc304b082e0 (diff) | |
download | bugzilla-928154771796d8045f2a9fdf712a1305d6d63055.tar.gz bugzilla-928154771796d8045f2a9fdf712a1305d6d63055.tar.xz |
Bug 859118 - Bug.search called with no arguments returns all visible bugs, ignoring max_search_results and search_allow_no_criteria
r/a=LpSolit
Diffstat (limited to 'Bugzilla/WebService/Bug.pm')
-rw-r--r-- | Bugzilla/WebService/Bug.pm | 56 |
1 files changed, 45 insertions, 11 deletions
diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm index 578c06ec5..8c59be2a9 100644 --- a/Bugzilla/WebService/Bug.pm +++ b/Bugzilla/WebService/Bug.pm @@ -399,12 +399,23 @@ sub history { sub search { my ($self, $params) = @_; - + if ( defined($params->{offset}) and !defined($params->{limit}) ) { ThrowCodeError('param_required', { param => 'limit', function => 'Bug.search()' }); } - + + my $max_results = Bugzilla->params->{max_search_results}; + unless (defined $params->{limit} && $params->{limit} == 0) { + if (!defined $params->{limit} || $params->{limit} > $max_results) { + $params->{limit} = $max_results; + } + } + else { + delete $params->{limit}; + delete $params->{offset}; + } + $params = Bugzilla::Bug::map_fields($params); delete $params->{WHERE}; @@ -431,7 +442,17 @@ sub search { my $clause = join(' OR ', @likes); $params->{WHERE}->{"($clause)"} = [map { "\%$_\%" } @strings]; } - + + # If no other parameters have been passed other than limit and offset + # and a WHERE parameter was not created earlier, then we throw error + # if system is configured to do so. + if (!$params->{WHERE} + && !grep(!/(limit|offset)/i, keys %$params) + && !Bugzilla->params->{search_allow_no_criteria}) + { + ThrowUserError('buglist_parameters_required'); + } + # We want include_fields and exclude_fields to be passed to # _bug_to_hash but not to Bugzilla::Bug->match so we copy the # params and delete those before passing to Bugzilla::Bug->match. @@ -2074,13 +2095,16 @@ May not be an array. =item C<limit> -C<int> Limit the number of results returned to C<int> records. +C<int> Limit the number of results returned to C<int> records. If the limit +is more than zero and higher than the maximum limit set by the administrator, +then the maximum limit will be used instead. If you set the limit equal to zero, +then all matching results will be returned instead. =item C<offset> -C<int> Used in conjunction with the C<limit> argument, C<offset> defines -the starting position for the search. For example, given a search that -would return 100 bugs, setting C<limit> to 10 and C<offset> to 10 would return +C<int> Used in conjunction with the C<limit> argument, C<offset> defines +the starting position for the search. For example, given a search that +would return 100 bugs, setting C<limit> to 10 and C<offset> to 10 would return bugs 11 through 20 from the set of 100. =item C<op_sys> @@ -2166,10 +2190,16 @@ log in and I<then> call this method. =item B<Errors> -Currently, this function doesn't throw any special errors (other than -the ones that all webservice functions can throw). If you specify -an invalid value for a particular field, you just won't get any results -for that value. +If you specify an invalid value for a particular field, you just won't +get any results for that value. + +=over + +=item 1000 (Parameters Required) + +You may not search without any search terms. + +=back =item B<History> @@ -2182,6 +2212,10 @@ for that value. =item The C<reporter> input parameter was renamed to C<creator> in Bugzilla B<4.0>. +=item In B<4.2.6> and newer, added the ability to return all results if +C<limit> is set equal to zero. Otherwise maximum results returned are limited +by system configuration. + =back =back |