diff options
author | David Lawrence <dkl@mozilla.com> | 2015-07-17 15:34:05 +0200 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-07-17 15:34:05 +0200 |
commit | 5af060abe8347ccac35038d40577fd09c07f64c9 (patch) | |
tree | 4abbadde3716d0bd9ac6a049f74943f720715f51 /docs/en | |
parent | d988cb64c5fe8eb37750d568c2da1b8bdec583da (diff) | |
download | bugzilla-5af060abe8347ccac35038d40577fd09c07f64c9.tar.gz bugzilla-5af060abe8347ccac35038d40577fd09c07f64c9.tar.xz |
Bug 1177497: Backport upstreams 5.0 rST docs to BMO and make publicly available at https://bmo.readthedocs.org
Diffstat (limited to 'docs/en')
74 files changed, 9061 insertions, 13803 deletions
diff --git a/docs/en/Makefile b/docs/en/Makefile new file mode 100644 index 000000000..fc9af11e0 --- /dev/null +++ b/docs/en/Makefile @@ -0,0 +1,158 @@ +# Makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +PAPER = +BUILDDIR = . + +# Internal variables. +PAPEROPT_a4 = -D latex_paper_size=a4 +PAPEROPT_letter = -D latex_paper_size=letter +ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) rst +# the i18n builder cannot share the environment and doctrees with the others +I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) rst + +.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext + +help: + @echo "Please use \`make <target>' where <target> is one of" + @echo " html to make standalone HTML files" + @echo " dirhtml to make HTML files named index.html in directories" + @echo " singlehtml to make a single large HTML file" + @echo " pickle to make pickle files" + @echo " json to make JSON files" + @echo " htmlhelp to make HTML files and a HTML help project" + @echo " qthelp to make HTML files and a qthelp project" + @echo " devhelp to make HTML files and a Devhelp project" + @echo " epub to make an epub" + @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" + @echo " latexpdf to make LaTeX files and run them through pdflatex" + @echo " text to make text files" + @echo " man to make manual pages" + @echo " texinfo to make Texinfo files" + @echo " info to make Texinfo files and run them through makeinfo" + @echo " gettext to make PO message catalogs" + @echo " changes to make an overview of all changed/added/deprecated items" + @echo " linkcheck to check all external links for integrity" + @echo " doctest to run all doctests embedded in the documentation (if enabled)" + +clean: + -rm -rf $(BUILDDIR)/* + +html: + $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." + +dirhtml: + $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." + +singlehtml: + $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml + @echo + @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." + +pickle: + $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle + @echo + @echo "Build finished; now you can process the pickle files." + +json: + $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json + @echo + @echo "Build finished; now you can process the JSON files." + +htmlhelp: + $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp + @echo + @echo "Build finished; now you can run HTML Help Workshop with the" \ + ".hhp project file in $(BUILDDIR)/htmlhelp." + +qthelp: + $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp + @echo + @echo "Build finished; now you can run "qcollectiongenerator" with the" \ + ".qhcp project file in $(BUILDDIR)/qthelp, like this:" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/Bugzilla.qhcp" + @echo "To view the help file:" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/Bugzilla.qhc" + +devhelp: + $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp + @echo + @echo "Build finished." + @echo "To view the help file:" + @echo "# mkdir -p $$HOME/.local/share/devhelp/Bugzilla" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/Bugzilla" + @echo "# devhelp" + +epub: + $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub + @echo + @echo "Build finished. The epub file is in $(BUILDDIR)/epub." + +latex: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo + @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." + @echo "Run \`make' in that directory to run these through (pdf)latex" \ + "(use \`make latexpdf' to have that step done automatically)." + +latexpdf: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/pdf + @echo "Running LaTeX files through pdflatex..." + $(MAKE) -C $(BUILDDIR)/pdf all-pdf + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/pdf." + +pdf: + $(SPHINXBUILD) -b pdf -t enable_rst2pdf $(ALLSPHINXOPTS) $(BUILDDIR)/pdf + @echo + @echo "Build finished. The PDF file is in $(BUILDDIR)/pdf." + +text: + $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/txt + @echo + @echo "Build finished. The text files are in $(BUILDDIR)/txt." + +man: + $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man + @echo + @echo "Build finished. The manual pages are in $(BUILDDIR)/man." + +texinfo: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo + @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." + @echo "Run \`make' in that directory to run these through makeinfo" \ + "(use \`make info' here to do that automatically)." + +info: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo "Running Texinfo files through makeinfo..." + make -C $(BUILDDIR)/texinfo info + @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." + +gettext: + $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale + @echo + @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." + +changes: + $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes + @echo + @echo "The overview file is in $(BUILDDIR)/changes." + +linkcheck: + $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck + @echo + @echo "Link check complete; look for any errors in the above output " \ + "or in $(BUILDDIR)/linkcheck/output.txt." + +doctest: + $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest + @echo "Testing of doctests in the sources finished, look at the " \ + "results in $(BUILDDIR)/doctest/output.txt." diff --git a/docs/en/README.docs b/docs/en/README.docs deleted file mode 100644 index ae7324672..000000000 --- a/docs/en/README.docs +++ /dev/null @@ -1,155 +0,0 @@ -Welcome to the Bugzilla documentation project! -You'll find these directories and files here: - -README.docs # This README file -html/ # The compiled HTML docs from XML sources (do not edit) -txt/ # The compiled text docs from XML sources (do not edit) -xml/ # The original XML doc sources (edit these) - -A note about the XML: - The documentation is written in DocBook 4.1.2, and attempts to adhere -to the LinuxDoc standards where applicable (http://www.tldp.org). -Please consult "The LDP Author Guide" at tldp.org for details on how -to set up your personal environment for compiling XML files. - If you need to make corrections to typographical errors, or other minor -editing duties, feel free to use any text editor to make the changes. XML -is not rocket science -- simply make sure your text appears between -appropriate tags (like <para>This is a paragraph</para>) and we'll be fine. -If you are making more extensive changes, please ensure you at least validate -your XML before checking it in with something like: - nsgmls -s $JADE_PUB/xml.dcl Bugzilla-Guide.xml - - When you validate, please validate the master document (Bugzilla-Guide.xml) -as well as the document you edited to ensure there are no critical errors. -The following errors are considered "normal" when validating with nsgmls: - - DTDDECL catalog entries are not supported - "DOCTYPE" declaration not allowed in instance - - The reason these occur is that free sgml/xml validators do not yet support -the DTDDECL catalog entries, and I've included DOCTYPE declarations in -entities referenced from Bugzilla-Guide.xml so these entities can compile -individually, if necessary. I suppose I ought to comment them out at some -point, but for now they are convenient and don't hurt anything. - - Thanks for taking the time to read these notes and consulting the -documentation. Please address comments and questions to the newsgroup: -news://news.mozilla.org/netscape/public/mozilla/webtools . - -========== -HOW TO SET UP YOUR OWN XML EDITING ENVIRONMENT: -========== - -Trying to set up an XML Docbook editing environment the -first time can be a daunting task. -I use Mandriva Linux, in part, because it has a fully-functional -XML Docbook editing environment included as part of the -distribution CD's. If you have easier instructions for how to -do this for a particular Linux distribution or platform, please -let the team know at the mailing list: mozilla-webtools@mozilla.org. - -The following text is taken nearly verbatim from -http://bugzilla.mozilla.org/show_bug.cgi?id=95970, where I gave -these instructions to someone who wanted the greater manageability -maintaining a document in Docbook brings: - -This is just off the top of my head, but here goes. Note some of these may -NOT be necessary, but I don't think they hurt anything by being installed. - -rpms: - -openjade -jadetex -docbook-dtds -docbook-style-dsssl -docbook-style-dsssl-doc -docbook-utils -xemacs -psgml -sgml-tools -sgml-common - - -If you're getting these from Red Hat, make sure you get the ones in the -rawhide area. The ones in the 7.2 distribution are too old and don't -include the XML stuff. The packages distrubuted with Red Hat Linux 8.0 and 9 -and known to work. - -Download "ldp.dsl" from the Resources page on tldp.org. This is the -stylesheet I use to get the HTML and text output. It works well, and has a -nice, consistent look with the rest of the linuxdoc documents. You'll have to -adjust the paths in ldp.dsl at the top of the file to reflect the actual -locations of your docbook catalog files. I created a directory, -/usr/share/sgml/docbook/ldp, and put the ldp.dsl file there. I then edited -ldp.dsl and changed two lines near the top: -<!ENTITY docbook.dsl SYSTEM "../dsssl-stylesheets/html/docbook.dsl" CDATA -dsssl> -...and... -<!ENTITY docbook.dsl SYSTEM "../dsssl-stylesheets/print/docbook.dsl" CDATA -dsssl> - -Note the difference is the top one points to the HTML docbook stylesheet, -and the next one points to the PRINT docbook stylesheet. - -Also note that modifying ldp.dsl doesn't seem to be needed on Red Hat Linux 9. - - You know, this sure looks awful involved. Anyway, once you have this in -place, add to your .bashrc: -export SGML_CATALOG_FILES=/etc/sgml/catalog -export LDP_HOME=/usr/share/sgml/docbook/ldp -export JADE_PUB=/usr/share/doc/openjade-1.3.1/pubtext - -or in .tcshrc: -setenv SGML_CATALOG_FILES /etc/sgml/catalog -setenv LDP_HOME /usr/share/sgml/docbook/ldp -setenv JADE_PUB /usr/share/doc/openjade-1.3.1/pubtext - - If you have root access and want to set this up for anyone on your box, -you can add those lines to /etc/profile for bash users and /etc/csh.login -for tcsh users. - - Make sure you edit the paths in the above environment variables if those -folders are anywhere else on your system (for example, the openjade version -might change if you get a new version at some point). - - I suggest xemacs for editing your XML Docbook documents. The darn -thing just works, and generally includes PSGML mode by default. Not to -mention you can validate the SGML from right within it without having to -remember the command-line syntax for nsgml (not that it's that hard -anyway). If not, you can download psgml at -http://www.sourceforge.net/projects/psgml. - - Another good editor is the latest releases of vim and gvim. Vim will -recognize DocBook tags and give them a different color than unreconized tags. - -========== -NOTES: -========== - - Here are the commands I use to maintain this documentation. - You MUST have DocBook 4.1.2 set up correctly in order for this to work. - - These commands can be run all at once using the ./makedocs.pl script. - -To create HTML documentation: -bash$ cd html -bash$ jade -t sgml -i html -d $LDP_HOME/ldp.dsl\#html \ -$JADE_PUB/xml.dcl ../xml/Bugzilla-Guide.xml - -To create HTML documentation as a single big HTML file: -bash$ cd html -bash$ jade -V nochunks -t sgml -i html -d $LDP_HOME/ldp.dsl\#html \ -$JADE_PUB/xml.dcl ../xml/Bugzilla-Guide.xml >Bugzilla-Guide.html - -To create TXT documentation as a single big TXT file: -bash$ cd txt -bash$ lynx -dump -nolist ../html/Bugzilla-Guide.html >Bugzilla-Guide.txt - - -Sincerely, - Matthew P. Barnson - The Bugzilla "Doc Knight" - mbarnson@sisna.com - - with major edits by Dave Miller <justdave@syndicomm.com> based on - experience setting this up on the Landfill test server. diff --git a/docs/en/images/callouts/1.gif b/docs/en/images/callouts/1.gif Binary files differdeleted file mode 100644 index 79fd388a8..000000000 --- a/docs/en/images/callouts/1.gif +++ /dev/null diff --git a/docs/en/images/callouts/2.gif b/docs/en/images/callouts/2.gif Binary files differdeleted file mode 100644 index b9be050e4..000000000 --- a/docs/en/images/callouts/2.gif +++ /dev/null diff --git a/docs/en/images/callouts/3.gif b/docs/en/images/callouts/3.gif Binary files differdeleted file mode 100644 index 73635e3f7..000000000 --- a/docs/en/images/callouts/3.gif +++ /dev/null diff --git a/docs/en/images/caution.gif b/docs/en/images/caution.gif Binary files differdeleted file mode 100644 index a48223013..000000000 --- a/docs/en/images/caution.gif +++ /dev/null diff --git a/docs/en/images/note.gif b/docs/en/images/note.gif Binary files differdeleted file mode 100644 index 613bc7f70..000000000 --- a/docs/en/images/note.gif +++ /dev/null diff --git a/docs/en/images/tip.gif b/docs/en/images/tip.gif Binary files differdeleted file mode 100644 index c8d5ae9bd..000000000 --- a/docs/en/images/tip.gif +++ /dev/null diff --git a/docs/en/images/warning.gif b/docs/en/images/warning.gif Binary files differdeleted file mode 100644 index 693ffc3e8..000000000 --- a/docs/en/images/warning.gif +++ /dev/null diff --git a/docs/en/rel_notes.txt b/docs/en/rel_notes.txt deleted file mode 100644 index 4014951f0..000000000 --- a/docs/en/rel_notes.txt +++ /dev/null @@ -1,3028 +0,0 @@ -Release Notes for Bugzilla version 3.0 and higher are available in HTML -format, either on the bugzilla.org website, or in your current installation, -linked from the index page. - -bugzilla.org links for release notes ------------------------------------- -3.0.2: http://www.bugzilla.org/releases/3.0.2/release-notes.html - -*************************************** -*** The Bugzilla 2.22 Release Notes *** -*************************************** - -Table of Contents -***************** - -- Introduction -- Important Updates In This Point Release -- Minimum Requirements - * Perl - * For MySQL Users - * For PostgreSQL Users - * Required Perl Modules - * Optional Perl Modules -- What's New? - * Complete PostgreSQL Support - * Parameters In Sections - * One Codebase, Multiple Databases - * UTF-8 for New Installations - * Admins Can Impersonate Users - * Bug Import and Moving Improvements - * Adding Individual Bugs to Saved Searches - * Attach URLs - * Optional "Strict Isolation" for Groups - * "editcomponents" Change - * "shutdownhtml" Change - * Miscellaneous Improvements - * All Changes -- Deprecated Features -- Outstanding Issues (<======================== IMPORTANT, PLEASE READ) -- How to Upgrade From An Older Bugzilla - * Steps for Upgrading -- Code Changes Which May Affect Customizations - * CGI.pl is Gone - * Other Changes -- Security Fixes In 2.22 Releases -- Release Notes for Previous Versions - -Introduction -************ -Bugzilla 2.22 is one of our most polished releases. We did a lot of -small cleanups to make Bugzilla easier to use and more useful in -many, many small ways, in addition to adding some major new features. - -This document contains the release notes for Bugzilla 2.22. -In this document, recently added, changed, and removed features -of Bugzilla are described. If you are upgrading from an older version, -you will definitely want to read these release notes in detail, so that -you have an idea of what has changed. - -If you are upgrading from a version before 2.20, also read the 2.20 -release notes (lower in this file) and any previous release notes. - -If you are installing a new Bugzilla, you will still want to look over -the release notes to see if there is any particularly important -information that affects your installation. - -If you would like to contribute code to Bugzilla, read our -Contributor's Guide at: - -http://www.bugzilla.org/docs/contributor.html - - -Important Updates In This Point Release -*************************************** - -This section describes bugs fixed in releases after the original 2.22 -release. - -Version 2.22.2 --------------- - -+ Make Bugzilla compatible with Template Toolkit 2.15 (bug 357374) - -+ Make Bugzilla compatible with versions of MySQL higher than 5.0.25 - (bug 321645) - -+ Sanity Check can now only be run by people with the "admin" privilege. - (bug 91761) - -Version 2.22.1 --------------- - -+ When sending mail, Bugzilla could throw the error "Insecure dependency in - exec while running with -T switch" (bug 340538). - -+ Using the public webdot server (for dependency graphs) should work - again (bug 351243). - -+ The "I'm added to or removed from this capacity" email preference - wasn't working for new bugs (bug 349852). - -+ The original release of 2.22 incorrectly said it required Template-Toolkit - version 2.08. In actual fact, Bugzilla requires version 2.10 (bug 351478). - -+ votes.cgi would crash if your bug was the one confirming a bug (bug 351300). - -+ checksetup.pl now correctly reports if your Template::Plugin::GD module - is missing. If missing, it could lead to charts and graphs not working - (bug 345389). - -+ The "Keyword" field on buglist.cgi was not sorted alphabetically, so - it wasn't very useful for sorting (bug 342828). - -+ Sendmail will no longer complain about there being a newline in the - email address, when Bugzilla sends mail (bug 331365). - -+ contrib/bzdbcopy.pl would try to insert an invalid value into the - database, unnecessarily (bug 335572). - -+ Deleting a bug now correctly deletes its attachments from the database - (bug 339667). - - -Minimum Requirements -******************** - -Perl ----- - - Perl v5.6.1 (Non-Windows platforms) - ActiveState Perl v5.8.1 (Windows only) - - Note that this is the last release of Bugzilla to support perl 5.6.x-- - future versions will require perl 5.8. - -For MySQL Users ---------------- - - MySQL v4.0.14 (changed from 2.20) - perl module: DBD::mysql v2.9003 (changed from 2.18) - -For PostgreSQL Users --------------------- - - PostgreSQL 7.3.x - perl module: DBD::Pg 1.31 (1.41 required for PostgreSQL 8+) - - WARNING: DBD::Pg 1.43 has a bug which causes checksetup.pl to fail - and corrupt the database. If you are using DBD::Pg 1.43, either downgrade - to 1.41 or upgrade to 1.45 (1.42 and 1.44 seem broken somehow too). - - Note that this is the last release of Bugzilla to support PostgreSQL 7.x. - Future versions will require PostgreSQL 8.0 and DBD::Pg 1.45. - -Required Perl Modules ---------------------- - - AppConfig v1.52 - CGI v2.93 - Data::Dumper (any) - Date::Format v2.21 - DBI v1.38 - File::Spec v0.84 - File::Temp (any) - Template Toolkit v2.10 (changed from 2.20) - Text::Wrap v2001.0131 - Mail::Mailer v1.67 (changed from 2.20) - MIME::Base64 v3.01 (new in 2.22) - MIME::Parser v5.406 (new in 2.22) - Storable (any) - - Note: The SMTP support in Mail::Mailer 1.73 (the most recent version) - is broken. The last known working version is 1.67. - -Optional Perl Modules ---------------------- - - Chart::Base v1.0 - GD v1.20 - GD::Graph (any) - GD::Text::Align (any) - Net::LDAP (any) - PatchReader v0.9.4 - XML::Twig (any) (new in 2.22) - Image::Magick (new in 2.22) - - -What's New? -*********** - -Complete PostgreSQL Support ---------------------------- -Bugzilla 2.20 contained experimental support for PostgreSQL. -In Bugzilla 2.22, PostgreSQL support is fully complete and stable. Using -PostgreSQL with Bugzilla should be as stable as using MySQL, and if -you experience any problems they will be taken as seriously as if you -were running MySQL. - -There are no known remaining major problems with Bugzilla on PostgreSQL. -All features of Bugzilla have been tested and work. - - -Parameters In Sections ----------------------- -Long-time users of Bugzilla know that over time the parameter list has -grown quite large. It has now been split into sections to make it easier -to use. - - -One Codebase, Multiple Databases --------------------------------- -There is now limited support for having multiple projects use the -same Bugzilla codebase, but all have separate databases. - -The different projects can have their own templates and their own -bug database, but all use the same set of Bugzilla code in the same -directory. - -To enable this, set an environment variable called PROJECT when -calling the Bugzilla CGIs. Then for each project, you can have -a localconfig.PROJECT (where "PROJECT" is the value of the PROJECT -environment variable) file for the database parameters, and a -template/en/PROJECT directory (where "PROJECT" is the value of the -PROJECT environment variable) - -This feature isn't documented yet, but we hope to have documentation for -it soon. - - -UTF-8 For New Installations ---------------------------- -If this is the first time you're installing Bugzilla, it will now use -UTF-8 encoding for all pages, automatically. It will also send emails -in UTF-8. This eliminates most of the internationalization problems -users have experienced, as one Bugzilla page may now contain any number -of languages simultaneously. - -If you are upgrading and you want to use UTF-8, just turn on the "utf8" -Parameter. However, realize that if you have non-UTF-8 data in your -Bugzilla, it will appear unreadable. (If you just have ASCII in your -database, you're safe to turn on the "utf8" parameter, definitely.) - - -Admins Can Impersonate Users ----------------------------- -User impersonation (think of the su/sudo command on Unix) allows you -to view pages and perform actions as if you are logged in as someone else, -without having to know their password. - -A user in the new "bz_sudoers" group has the option of "becoming" -any user in Bugzilla. Once they "become" that user, they *are* that user -for the rest of the session, until they decide to switch back to being -themselves. - -However, they cannot "become" any user in the "bz_sudo_protect" group. -This group includes everybody in the "admin" and "bz_sudoers" groups by -default. - -Any time a user is impersonated, they will get an email notifying them -who has impersonated them. - - -Bug Import and Moving Improvements ----------------------------------- -The XML Import script, importxml.pl, has been completely re-written. - -It now: - - * Correctly imports the "priority" field - * Understands when the "Reporter" or "CC List" security boxes - are unchecked on the bug. - * Places bugs in the appropriate groups - * Allows attachments to be imported - * Is much more forgiving about small problems in the XML - - -Adding Individual Bugs to Saved Searches (Tagging) --------------------------------------------------- -Users now have the option of adding an individual bug to any -particular Saved Search. Individual users that disagree with the site -default can add or remove this feature (which appears as an entry box -visible in the footer) by changing the General Preferences setting -called "Enable tags for bugs". - - -Attach URLs ------------ -Instead of attaching a file, you can now also attach a URL to a bug. -This will show up just like an attachment on show_bug.cgi, but when -you click on it, it will take you to the URL. - -To enable this, turn on the "allow_attach_url" parameter. - - -Optional "Strict Isolation" for Groups --------------------------------------- -If you turn on the "strict_isolation" parameter in Bugzilla, you -will *not* be able to add any user to the CC field (or set them -as an Assignee or QA Contact) unless that user could normally see -the bug. That is, you will no longer be able to "accidentally" -(or intentionally) give somebody access to a bug that they -otherwise couldn't see. - - -"editcomponents" Change ------------------------ -Previously, all users who had "editcomponents" could see every Product, -using the editcomponents.cgi script. Now, users with "editcomponents" -can only see Products that they normally have access to. - -This restriction also affects editversions.cgi, editmilestones.cgi and -editproducts.cgi. - - -"shutdownhtml" Change ---------------------- -All of Bugzilla is now affected by the "shutdownhtml" parameter, -including command-line scripts. checksetup.pl is exempt. Many scripts -(such as collectstats.pl and whine.pl) will just exit silently when -"shutdownhtml" is turned on. - - -Miscellaneous Improvements --------------------------- - -- Added a frequently-requested user preference for whether or not to go - to the next bug in your list after submitting changes to a bug. - -- The ability to do relative date searches (like "1d" for "1 day" or "1w" - for "1 week") by hour now, in addition to days and other units of time. - -- "Alias" added to the New Bug form, for users with editbugs. - -- Users can now actually see the descriptions of flags that you enter - in editflagtypes.cgi. The description will appear as a tooltip - when a user places their mouse over the flag name on show_bug.cgi. - -- Bugzilla will optionally convert BMP attachments into PNGs for you. - See the "convert_uncompressed_images" in the "Attachments" section - of the Parameters. - -- You can now edit the Status Whiteboard when you are changing multiple - bugs at once. - -- The way that groups work in the database has changed, and large-scale - Bugzilla use with many concurrent users should be much faster, as a - result. (Technical Details: The need for Bugzilla to "derive groups" - has gone away pretty much entirely.) - -- Performance improvements on searching attachment information that's not - the actual content of the attachment (such as searching the Attachment - Description or the Attachment MIME Type) - -- You can now specify multiple email addresses, comma-separated, when - setting the requestee of a flag, and it will set the flag once for each - of those email addresses - -- "Bug Creation Time" is now searchable in the Boolean Charts. - -- When you mark a comment on a bug as private, the background color - of the comment will change immediately. However, in order for - Bugzilla to register that the comment is now private, you still - have to "submit" the changes. - -- Emails sent from Bugzilla now have "X-Bugzilla-Keywords" and - "X-Bugzilla-Severity" by default, containing the information - from the related Bugzilla fields. - -- You can now change the assignee and QA contact on multiple bugs at - once even when those bugs are in different products. - -- contrib/merge-users.pl allows you to merge two user accounts. This is - particulary useful when a user opened several accounts and only one should - be kept. It also lets you merge a deleted account with an existing one. - -All Changes ------------ - -If you'd like to see all the changes between Bugzilla 2.20 and Bugzilla -2.22, see: - -http://tinyurl.com/9p2tm - - -Deprecated Features -******************* - -- This is the last release of Bugzilla to support perl 5.6.x. All future - versions of Bugzilla will require at least perl 5.8. - - This is the last release of Bugzilla to support PostgreSQL 7.x. Future - releases using PostgreSQL will require PostgreSQL 8.0 and DBD::Pg 1.45. - -Outstanding Issues -****************** - -- bug 305836: PostgreSQL users: do not use DBD::Pg version 1.43 with - Bugzilla. It has a bug which can corrupt the database. Version 1.41 - is fine. Version 1.45 or higher is fine too. - -- (No Bug Number) VERY IMPORTANT: If you have customized the values in - your Status/Resolution field, you must edit checksetup.pl BEFORE YOU - RUN IT. Find the line that starts like this: - - bug_status => ["UNCONFIRMED", - - That's where you set the values for the Status field. - - resolution => ["","FIXED", - - And that's where you set values for the Resolution field. - - Those are both near line 1826 in checksetup.pl. - - If you forget to do this, you will have to manually edit the "bug_status" - and "resolution" tables in the database to contain the correct values. - -- bug 276230: The support for restricting access to particular Categories of - New Charts is not complete. You should treat the 'chartgroup' Param as the - only access mechanism available. However, additionally, charts migrated from - Old Charts will be restricted to the groups that are marked MANDATORY for - the corresponding Product. There is currently no way to change this - restriction, and the groupings will not be updated if the group configuration - for the Product changes. - -- bug 37765: If you use the "sendmail" support of Bugzilla, - and you use an MTA which is *not* Sendmail (such as Postfix, Exim, etc.) - make sure the "sendmailnow" parameter is ON or Bugzilla will not send - e-mail correctly. - -- bug 69621: If you rename or remove a keyword that is in use on bugs, you will - need to rebuild the "keyword cache" by running sanitycheck.cgi and choosing - the option to rebuild the cache when it asks. Otherwise keywords may not show - up properly in search results. - -- (No Bug Number) If you have a lot of non-ASCII data in your Bugzilla (for - example, if you use a translation of Bugzilla), don't enable the XS::Stash - option when you install the Template Toolkit, or your Bugzilla installation - may become slow. This problem is fixed in a not-yet-released version of the - Template Toolkit (after 2.14). - -- Bug 99215: Flags are not protected by "mid-air collision" detection. - Nor are any attachment changes. - -- Bug 89822: When changing multiple bugs at the same time, there is no - "mid-air collision" protection. - -- bug 322955: The email interface (bug_mail.pl) in the contrib/ directory - has not been maintained (as it has no maintainer), and does not work - properly. We hope to have this fixed in our next major release of - Bugzilla; however, any help or contributions in this area are very - welcome. - - -How to Upgrade From An Older Bugzilla -************************************* - -NOTE: Upgrading from a large installation (over 10,000 bugs) running 2.18 - or before may take a significant amount of time. checksetup will - try to let you know how long it will take, but expect downtime - of an hour or more if you have many bugs, many attachments, - or many users. - -Steps for Upgrading -------------------- - -1) Read these entire Release Notes, particularly the "Outstanding Issues" - and "Security Fixes" sections. - -2) View the Sanity Check (sanitycheck.cgi) page on your installation before - upgrading. Attempt to fix all warnings that the page produces before - you go any further, or you may experience problems during your upgrade. - -3) Make a backup of the Bugzilla database before you upgrade, perhaps - by using mysqldump. THIS IS VERY IMPORTANT. If anything goes wrong - during the upgrade, your installation can be corrupted beyond - recovery. Having a backup keeps you safe. - - Example: - - mysqldump -u root -p bugs > bugs-db.sql - -4) Replace the files in your installation with the new version of Bugzilla, - or you can try to use CVS to upgrade. The bugzilla.org website has - instructions on how to do the actual installation. - - You can also use a brand-new Bugzilla directory, as long as you - copy over the old data/ directory and the "localconfig" file to the - new installation. - -5) Run checksetup.pl after you install the new version. - -7) View the Sanity Check page again after you run checksetup.pl. - -8) It is recommended that, if possible, you fix any problems you find - immediately. Failure to do this may mean that Bugzilla will not work - correctly. Be aware that if the sanity check page contains more errors after - an upgrade, it doesn't necessarily mean there are more errors in your - database, as additional tests are added to the sanity check over time, and - it is possible that those errors weren't being checked for in the old - version. - -9) This version of Bugzilla contains improvements to the email that - Bugzilla sends when a bug is changed. The template for that email - is contained in the "newchangedmail" parameter. If you would like - to take advantage of the email enhancements in this version of - Bugzilla, reset that parameter to its default. (You can customize - it after that again, if you want.) - - -Code Changes Which May Affect Customizations -******************************************** - -CGI.pl is Gone --------------- -The CGI.pl file, which used to contain many global functions, and which -also contained initialization code for every CGI, is gone. The functions -have been moved to various places and sometimes renamed. - -The initialization code that used to happen inside CGI.pl is now inside -of Bugzilla.pm. All CGIs must "use Bugzilla" in one way or another. (Some -CGIs "use Bugzilla" by doing "require globals.pl".) - - -Deriving Groups No Longer Happens ---------------------------------- -Bugzilla no longer needs to "derive groups" in advance. That is, previously -Bugzilla used to flatten the group heirarchy into the user_group_map -table. (That is, show that a user was in every group they were in, -even if they were only in that group because they belonged to *another* -group.) Now the table only contains groups that the user is in directly, -and groups that they are in because of a regexp. - -Instead, The Bugzilla::User->group function determines the groups a user -is in when called. - -We did this because the group derivation was causing a lot of complexity -in the code, and also deriving the groups was a slow process that -frequently had to happen inside of a database lock while sending mail -or viewing a bug list. - -See https://bugzilla.mozilla.org/show_bug.cgi?id=304583 for details. - - -Other Changes -------------- - -- The move.pl script's functionality has been merged into process_bug.cgi. - -- $::template and $::vars are gone from globals.pl. Instead of $::template, - use Bugzilla->template. Every script creates the $vars variable by itself - instead of using a global $::vars variable. - -- $::userid is gone. Instead use Bugzilla->user->id. - -- QuickSearch is now in perl instead of in JavaScript. The code is in - Bugzilla/Search/QuickSearch.pm. This makes it much easier to customize, - and it also fixes some long-standing issues that QuickSearch had. - -- Attachment data is now in the attach_data table. Other information - about attachments is still in the "attachments" table. - -- Much like the 2.20 release, many functions have been removed from - globals.pl and CGI.pl. They were moved elsewhere and renamed. - Search RESOLVED bugs in bugzilla.mozilla.org for the old - version of the function name, and that will usually show you - the bug where we moved the function, allowing you to find out - what the new name and location is. - -- This is the last release that contains the deprecated - SendSQL, SqlQuote, FetchSqlData, MoreSqlData, and FetchOneColumn - functions. Instead, you should use DBI functions. For a very brief - example, see: - - http://www.bugzilla.org/docs/developer.html#sql-sendreceive - - -Security Fixes in 2.22 Releases -******************************* - -A long-standing, well-known security issue is finally resolved in Bugzilla -2.22: Previously, the "Session ID" of each user could be easily guessed, -given enough time. This could have allowed an attacker to take over a -user's account, in certain circumstances. Now, the "Session ID" is totally -random, resolving this issue. See bug 119524 in bugzilla.mozilla.org for -details. - -If you are very concerned about the security of your Bugzilla installation, -it would be a very good idea to run the following command on your -database immediately after upgrading: - -TRUNCATE TABLE logincookies; - -This is actually safe to do at any time--it just forces a logout of -every single user, even those with saved sessions. (It invalidates -every login cookie Bugzilla has ever given out.) - -Version 2.22.2 --------------- - -A Cross-Site Scripting vulnerability is fixed in Bugzilla 2.22.2. You can -read the details of the fix at: - -http://www.bugzilla.org/security/2.20.3/ - -Version 2.22.1 --------------- - -The Bugzilla team fixed two Information Leaks and three Cross-Site -Scripting vulnerabilities that existed in versions of Bugzilla -prior to 2.22.1. We strongly recommend that you update any 2.22 -installation to 2.22.1, to be protected from these vulnerabilities. - -In addition, we have made an enhancement to security in this version -of Bugzilla. In previous versions, it was possible for malicious -users to exploit administrators in certain ways. Although this has -never happened (to our knowledge) in the real world, we thought it -was important that we protect administrators from this sort of attack. - -You can see details on all the vulnerabilities and enhancements at: - -http://www.bugzilla.org/security/2.18.5/ - - -Release Notes For Previous Versions -************************************ - -*************************************** -*** The Bugzilla 2.20 Release Notes *** -*************************************** - -Table of Contents -***************** - -- Introduction -- Important Updates in this Point Release - * Version 2.20.1 - * Version 2.20.2 -- Minimum Requirements - * Perl - * For MySQL Users - * For PostgreSQL Users - * Required Perl Modules - * Optional Perl Modules -- What's New? - * Experimental PostgreSQL Support - * New User-Interface Color/Style - * Higher-Level Categorization of Bugs (above "Product") - * Regular Reports by Email of Complex Queries ("Whining") - * "Environment Variable" Authentication Method - * User-List Drop-Down Menus - * Server-Side Comment Wrapping - * UI for Editing Priority, OS, Platform, and Severity - * Bugzilla Queries as RSS - * Choice of E-Mail Sending Methods - * "User Preferences" - * "Large Attachment" Storage - * "User Visibility" Controls - * Miscellaneous Improvements - * All Changes -- Deprecated Features -- Outstanding Issues (<======================== IMPORTANT, PLEASE READ) -- How to Upgrade From An Older Bugzilla - * Steps for Upgrading -- Code Changes Which May Affect Customizations - * The New Database-Compatibility Layer - * If You Customize Your Database... - * Many Functions Renamed - * User Preferences - * Other Changes -- Security Fixes In 2.20 Releases -- Release Notes for Previous Versions - - -Introduction -************ - -This document contains the release notes for Bugzilla 2.20. -In this document, recently added, changed, and removed features -of Bugzilla are described. If you are upgrading from an older version, -you will definitely want to read these release notes in detail, so that -you have an idea of what has changed. - -If you are upgrading from a version before 2.18, also read the 2.18 release -notes (lower in this file) and any previous release notes. - -If you are installing a new Bugzilla, you will still want to look over -the release notes to see if there is any particularly important information -that affects your installation. - -The 2.20 release has had about nine months of development since 2.18, but -they were nearly the most active nine months in Bugzilla's history. We hope -that users will appreciate our many external changes, and that Bugzilla -administators will find that our internal changes make their lives easier. - -If you would like to contribute code to Bugzilla, read our -Contributor's Guide at: - -http://www.bugzilla.org/docs/contributor.html - - -Important Updates In This Point Release -*************************************** - -Version 2.20.1 --------------- - -+ Many PostgreSQL fixes, including fixing whine.pl on Pg 8 - (bug 301062) and fixing the --regenerate option of collectstats.pl - for all versions of Pg (bug 316971). However, users who want full - PostgreSQL support are encouraged to use the 2.22 series, as - certain PostgreSQL bugs were discovered that will not be fixed - in 2.20 (their fixes were too complex). - -+ In Bugzilla 2.20, the "administrator" user created by checksetup.pl - would not ever be sent email, because their email preferences were - left blank. This has been fixed for 2.20.1. However, if you created - this administrative user with Bugzilla 2.20, make sure to go back - and enable their Email Preferences. (bug 317489) - -+ The bzdbcopy.pl script mentioned in these release notes - has now actually been checked-in to the 2.20 branch, and so - it's included in this release. (bug 291776) - -+ When there's only one Classification, you now won't be required - to pick a Classification on bug entry. (bug 311489) - -+ You can no longer add dependencies on bugs you can't see. - (bug 141593) - -+ The CC list is included in "New" bug emails, again. (bug 313661) - -+ In the original 2.20, certain scripts were not correctly using - the "shadow database," if it was specified. This has been fixed - in 2.20.1. (bug 313695) - -+ "Saved Searches" that were saved before Bugzilla 2.20, would throw - an error if they contained "Days Since Bug Changed." as part of their - criteria. This has been fixed in Bugzilla 2.20.1. (bug 302599) - -+ You can now successfully delete a product even when Target Milestones - are turned off. (bug 317025) - -+ checksetup.pl now correctly pre-compiles templates for languages other - than English. (bug 304417) - -+ The "All Closed" chart that is created by default in New Charts - now actually represents all closed bugs, and not all bugs in the - product. (bug 300473) - -+ CSV bug lists with more than 1000 dates now work properly. (bug 257813) - -+ Various bugs with upgrading from previous versions of Bugzilla - have been fixed. (bug 307662, bug 311047, bug 310108) - -+ Many, many other bug fixes. See http://www.bugzilla.org/status/changes.html - for details on what was fixed between 2.20 and 2.20.1. - - -Version 2.20.2 --------------- - -+ Adding a new attachment and taking the bug at the same time does not - create a referential integrity problem anymore if the bug was marked as - a duplicate (bug 332705). - -+ Some additional admin links have been added to the sidebar (bug 282613). - -+ A new test has been added to our test suite, named 012throwables.t. - It will now make sure that all tags used in ThrowUserError() and - ThrowCodeError() are defined, and that there are no unused tags (bug 312042). - -+ whine.pl now works correctly on MySQL 4.0. MySQL 4.1 is not affected - (bug 327348). - -+ contrib/merge-users.pl allows you to merge two user accounts. This is - especially useful when a user opened several accounts and only one - should be kept (bug 188264). - -+ The login form on index.cgi again works correctly on a fresh installation - (bug 328108). - -+ Email preferences are now set correctly when creating a new user account - using the ENV method (bug 327355). - - -Minimum Requirements -******************** - -Perl ----- - - Perl v5.6.1 (changed from 2.18) (Non-Windows platforms) - ActiveState Perl v5.8.1 (Windows only) - -For MySQL Users ---------------- - - MySQL v3.23.41 (Note: 2.22 will require MySQL 4.x) - perl module: DBD::mysql v2.9003 (changed from 2.18) - -For PostgreSQL Users (new in 2.20) --------------------- - - PostgreSQL 7.3.x (8.x has received less testing) - perl module: DBD::Pg 1.31 (1.41 required for PostgreSQL 8+) - -Required Perl Modules ---------------------- - - AppConfig v1.52 - CGI v2.93 - Data::Dumper (any) - Date::Format v2.21 - DBI v1.38 (changed from 2.18) - File::Spec v0.84 (changed from 2.18) - File::Temp (any) - Template Toolkit v2.08 - Text::Wrap v2001.0131 - Mail::Mailer 1.65 (new in 2.20) - Storable (any) (new in 2.20) - -Optional Perl Modules ---------------------- - - Chart::Base v1.0 - GD v1.20 - GD::Graph (any) - GD::Text::Align (any) - Net::LDAP (any) - PatchReader v0.9.4 - XML::Parser (any) - - -What's New? -*********** - -Experimental PostgreSQL Support -------------------------------- - -In addition to MySQL, Bugzilla now also supports PostgreSQL. PostgreSQL -support is still somewhat experimental. Although most major features of -Bugzilla work on PostgreSQL in 2.20, there are probably still a few bugs -that need to be worked out. - -PostgreSQL support in 2.20 is acceptable for smaller production -environments that don't mind running into a bug or two now and then. - - -New User-Interface Color/Style ------------------------------- - -You'll notice that Bugzilla looks a bit nicer, now! We've made a few -color and style changes to update the overall "feel" of Bugzilla's -User Inteface. We plan to do even more work on the UI for 2.22. - - -Higher-Level Categorization of Bugs (above "Product") ------------------------------------------------------ - -Previous Bugzillas had "Products" that you could file bugs in, -and "Components" for those products. Now, "Products" can be grouped -into "Classifications." - -To enable this, a Bugzilla administrator can turn on the -"useclassification" parameter, using editparams.cgi. - - -Regular Reports by Email of Complex Queries ("Whining") -------------------------------------------------------- - -You can now tell Bugzilla to do a specific query (or set of queries) -every X minutes/hours/days, and send you the results by email. This is -great for keeping track on a daily basis of what's going on in -your Bugzilla. - - -"Environment Variable" Authentication Method --------------------------------------------- - -You can now tell Bugzilla to accept a certain value passed in from -Apache as authentication for Bugzilla users. This means that Bugzilla -now "supports" any type of authentication that Apache supports. - -To use this, set the "user_info_class" parameter to "ENV" and, at a -minimum, set the "auth_env_email" parameter to the name of the -Environment variable that passes the authenticated user (usually -"REMOTE_USER"). If your webserver knows users' real names as well, also -set the "auth_env_realname" parameter. If you are using a true -single-signon system that assigns an identifier uniquely to an -individual, even across changes of email address, then set -"auth_env_id" to the name of that variable. - - -User-List Drop-Down Menus -------------------------- - -Now, anywhere in Bugzilla where you previously had to type in an -email address by hand, you have the choice of having Bugzilla instead -display a drop-down menu of users to pick from. - -This feature is best for small installations with few users, because -on large installations the list grows too large to be useful. - -To enable the feature, turn on the "usemenuforusers" parameter in -editparams.cgi. - - -Server-Side Comment Wrapping ----------------------------- - -In older Bugzillas, comments were wrapped to 80 characters by the -user's web browser, and then stored in the database that way. This caused -problems because some browsers did not wrap comments properly. - -Now, Bugzilla stores comments unwrapped and wraps them at display time, so -all new comments should be properly wrapped. Also, when you upgrade, Bugzilla -will look for old "mis-wrapped" comments and attempt to wrap them properly. - -Lines beginning with the ">" character are assumed to be quotes, and are -*not* wrapped. - - -UI for Editing Priority, OS, Platform, and Severity ---------------------------------------------------- - -Bugzilla now has a User Interface for adding and removing values -from the OS, Platform, Priority, and Severity fields. You can also -rename values. Any user in the "editcomponents" group can click -on the "Field Values" link in their page footer to edit these fields. - -Also, the default list of choices for OS and Platform for new -installations is now much smaller. Old installations will keep -the same list they have now. - - -Bugzilla Queries as RSS ------------------------ - -You can now view a Bugzilla query as valid RSS 1.0. This means that you -could add a particular query to your RSS aggregator, if you wanted, to -keep track of changes in Bugzilla. - -To see a query as RSS, just click on the "RSS" link on the bottom of -your query results. Your query must return at least 1 result in order -for you to see the link. - - -Choice of E-Mail Sending Methods --------------------------------- - -Bugzilla now uses perl's Mail::Mailer to send e-mail. This means that -you have several choices of how Bugzilla can send email. By default, it -still uses sendmail, but it can also use SMTP, qmail, or send all email -to a file instead of out to users. - -A Bugzilla administrator can change which method is used by setting the -"mail_delivery_method" parameter in editparams.cgi. - - -"User Preferences" ------------------- - -Bugzilla users will now notice a section in their Preferences called -"General Preferences." Administrators will notice a new link called -"User Preferences." - -The Preferences system allows Bugzilla developers to specify arbitrary -"user preferences" that change the behavior of certain parts of Bugzilla. -Administrators can control whether or not users are allowed to use these -preferences, and what the default settings are for a user who is not -logged in. - -The first two preferences that we have implemented are: - + "Show a quip at the top of each bug list" - + "When viewing a bug, show comments in this order..." - -We plan to implement more preferences in the future. - - -"Large Attachment" Storage --------------------------- - -Bugzilla can now store very large attachments on disk instead of in the -database. These attachments can't be searched with Boolean Charts, but -they also don't take up database space, and they can be deleted individually -by the admin. - -When uploading an attachment, a user chooses if it's a "Big File." If so, -it's stored on the disk instead of in the database. - -To enable this feature, set the "maxlocalattachmentsize" parameter to -a non-zero value, in editparams.cgi. - - -"User Visibility" Controls --------------------------- - -It is now possible to prevent users from encountering all other users when -using user-matching or drop-down userlists. To enable this restriction, -enable the "usevisibilitygroups" parameter. Once this is enabled, each -group's permissions will include a new column for "visible." The members -of any group for which the group being edited is visible will be -able to user-match this groups's users or see them in dropdown lists. - -This does not control who a user can CC on a bug, only who they can -see in the user-matching lists or drop-downs. - -Miscellaneous Improvements --------------------------- - -- Marking an attachment as obsolete will now cancel all pending flag - requests for that attachment. That is, any flag that was set to "?" - on that attachment will be cleared. - -- You can now see which users are "watching" you, on the email - preferences page. - -- You can tell Bugzilla to mark certain comments in a different - color by adding "&mark=1,2,3,5-7" to the end of the show_bug.cgi URL, - where "1,2,3,5-7" means "highlight comment 1, comment 2, comment 3, and - comments 5 through 7." - -- "QA Contact" now also appears on the New Bug page, if QA Contacts are - enabled on your installation. - -- Bugzilla email now has the "In-Reply-To" header added to it, so if - you use an email client that supports threads, you can view your - Bugzilla email in threads. If you are upgrading to a new version of - Bugzilla, and you want this support, please see the instructions at: - https://bugzilla.mozilla.org/attachment.cgi?id=172267 - -- The email preferences system has been slightly updated. You will notice - the changes on your Email Preferences page. - -- You can now negate individual "boolean charts" (in the - "Advanced Searching" section at the bottom of the "Advanced - Search" page). That is, you can add "NOT" to the front of them. - -- You can add the words %assignee%, %reporter%, %user% (yourself), or - %qacontact% on the right-hand side of a Boolean Chart. For example, you - could make a Boolean Chart which said "Reporter" "does not equal" - "%assignee%". That would give you all bugs where the Reporter was not - the same as the Assignee. - -- You can now search Boolean Charts by "commenter." - -- If you have a group with no name, it will be re-named to "group_#" where - "#" is the numeric Bugzilla Group ID for that group. - -- If you are using time-tracking, you can now see a report of time spent - on bugs using summarize_time.cgi. - -- If you are using time-tracking, bugzilla will now set "hours remaining" - to "0" automatically if you RESOLVE a bug, whether you are in the - time-tracking group or not. - - -Deprecated Features -******************* - -- Bugzilla 2.20 is the last Bugzilla version to support MySQL 3.23.x. - Starting with Bugzilla 2.22, Bugzilla will require MySQL 4.0.x. This will - allow Bugzilla to take advantage of the advanced features of MySQL 4. - - -Outstanding Issues -****************** - -- (No Bug Number) VERY IMPORTANT: If you have customized the values in - your Status/Resolution field, you must edit checksetup.pl BEFORE YOU - RUN IT. Find the line that starts like this: - - bug_status => ["UNCONFIRMED", - - That's where you set the values for the Status field. - - resolution => ["","FIXED", - - And that's where you set values for the Resolution field. - - Those are both near line 1826 in checksetup.pl. - - If you forget to do this, you will have to manually edit the "bug_status" - and "resolution" tables in the database to contain the correct values. - -- bug 37765: VERY IMPORTANT: If you use the "sendmail" support of Bugzilla, - and you use an MTA which is *not* Sendmail (such as Postfix, Exim, etc.) - you MUST turn on the "sendmailnow" parameter or Bugzilla will not send - e-mail correctly. - -- (No Bug Number) If you close your web browser while the process_bug.cgi - or post_bug.cgi screen is running, not all emails will be sent, and - the next time that that bug is updated, there will be two updates. This - is because of a behavior of Apache that is beyond our control. - -- bug 276230: The support for restricting access to particular Categories of - New Charts is not complete. You should treat the 'chartgroup' Param as the - only access mechanism available. However, additionally, charts migrated from - Old Charts will be restricted to the groups that are marked MANDATORY for - the corresponding Product. There is currently no way to change this - restriction, and the groupings will not be updated if the group configuration - for the Product changes. This will not be fixed in the 2.20 branch. - -- bug 69621: If you rename or remove a keyword that is in use on bugs, you will - need to rebuild the "keyword cache" by running sanitycheck.cgi and choosing - the option to rebuild the cache when it asks. Otherwise keywords may not show - up properly in search results. - -- (No Bug Number) If you have a lot of non-ASCII data in your Bugzilla (for - example, if you use a translation of Bugzilla), don't enable the XS::Stash - option when you install the Template Toolkit, or your Bugzilla installation - may become slow. This problem is fixed in a not-yet-released version of the - Template Toolkit (after 2.14). - -- If at any time you upgraded from a version of Bugzilla between 2.17.4 - - 2.17.7 to either 2.18rc3 or 2.19.1, you must manually fix your New Charts in - order for them to work. See the following link for instructions on how to do - this: https://bugzilla.mozilla.org/show_bug.cgi?id=276237#c18 - If you are using 2.18rc3, but did not upgrade from version 2.17.4 or newer, - then you don't need to do this. - -- (No Bug Number) If your DBI is really, really old, Bugzilla might fail - with a strange error message when you try to run checksetup.pl. Try - upgrading your DBI using: perl -MCPAN -e'install DBI' - -- Bug 126266: Bugzilla does not use UTF-8 to display pages. This means - that if you enter non-ASCII characters into Bugzilla, they may - display strangely, or Bugzilla may have other problems. For a workaround, - see: http://www.bugzilla.org/docs/tip/html/security-bugzilla.html - This has been fixed in the 2.22 series. - -- Bug 99215: Flags are not protected by "mid-air collision" detection. - Nor are any attachment changes. - -- Bug 89822: When changing multiple bugs at the same time, there is no - "mid-air collision" protection. - -- Bug 285614: importxml.pl may be broken in many different ways. - It has been fixed and completely re-written in the 2.22 series. - -- (No Bug Number) Note that the email interface (bug_mail.pl) in the - contrib/ directory has not been maintained (as it has no maintainer), - and so may not be working properly. Contributions are welcome, if - anybody would like to work on it. - - -Upgrading From An Older Bugzilla -************************************ - -NOTE: Running checksetup.pl to upgrade a large installation (over 10,000 bugs) - may take a significant amount of time. checksetup will try to let - you know how long it will take, but expect downtime of an hour or - more if you have many bugs, many attachments, or many users. - -Steps for Upgrading -------------------- - -1) View the Sanity Check (sanitycheck.cgi) page on your installation before - upgrading. Attempt to fix all warnings that the page produces before - you go any further, or you may experience problems during your upgrade. - -2) Make a backup of the Bugzilla database before you upgrade, perhaps - by using mysqldump. - - Example: - - mysqldump -u root -p --databases bugs > bugs.db.backup - -3) Replace the files in your installation with the new version of Bugzilla, - or you can try to use CVS to upgrade. The Bugzilla.org website has - instructions on how to do the actual installation. - -4) Make sure that you run checksetup.pl after you install the new version. - -5) View the Sanity Check page again after you run checksetup.pl. - -6) It is recommended that, if possible, you fix any problems you find - immediately. Failure to do this may mean that Bugzilla will not work - correctly. Be aware that if the sanity check page contains more errors after - an upgrade, it doesn't necessarily mean there are more errors in your - database, as additional tests are added to the sanity check over time, and - it is possible that those errors weren't being checked for in the old - version. - -7) If you want threading support on your Bugzilla email (see the - "Miscellaneous Improvements" section above for a description), - you need to follow the instructions at: - https://bugzilla.mozilla.org/attachment.cgi?id=172267 - - -Code Changes Which May Affect Customizations -******************************************** - -The New Database-Compatibility Layer ------------------------------------- - -For most customizations, this should have no effect. However, you should -be aware that Bugzilla->dbh is now an instance of "Bugzilla::DB" instead -of being a DBI object directly. In fact, it's actually a -Bugzilla::DB::Mysql for MySQL users, and a Bugzilla::DB::Pg for -PostgreSQL users. - -Anything called from $dbh (like $dbh->bz_last_key) that starts with -"bz_" or "sql_" is a custom Bugzilla function. Anything *not* starting -with those two prefixes is a normal DBI function. - -Methods whose names start with "sql_" generate a piece of a SQL statement. -They generate the correct version of the statement for whichever database -you are using. - -Methods whose names start with "bz_" do something directly. - -You can see more documentation about this at: - -http://www.bugzilla.org/docs/2.20/pod/Bugzilla/DB.pm - - -If You Customize Your Database... ---------------------------------- - -In order to support multiple databases, we had to do something sort of -tricky. Bugzilla now stores what it *thinks* the current database schema -is, in a table called bz_schema. - -This means that when checksetup changes the database, it updates the -bz_schema table. When *you* update the database, without using -checksetup to do it, the bz_schema table is *not* updated. - -So, if you're going to add/remove a new column/table to Bugzilla, or if you're -going to change the definition of a column, try to do it by adding code to -checksetup in the correct place. (It's one of the places where you find -the word "--TABLE--".) - -You can see the documentation on the $dbh functions used to do this at: - -http://www.bugzilla.org/docs/2.20/pod/Bugzilla/DB.pm#schema_modification_methods - - -Many Functions Renamed ----------------------- - -We are reorganizing the Bugzilla code so that it can support mod_perl. As -part of this, we are moving all functions out of globals.pl and CGI.pl, and -into modules in the Bugzilla/ directory. - -Sometimes when we moved them, we also renamed them. The new Bugzilla standard -is to have functions_named_like_this, instead of FunctionsNamedLikeThis. - -So if you were using a FunctionNamedLikeThis that no longer works, try just -using it as function_named_like_this. If that doesn't work, you may have to -search for where we put it, and what we renamed it to. Most of the functions -moved to logical places. - -If you really can't find it, search bugzilla.mozilla.org using the name -of the old function. We usually moved one function per bug, so the new -name will be somewhere in a bug report. - - -User Preferences ----------------- - -Bugzilla now has a "User Preferences" system! These preferences are stored -in the database, and specified by a Bugzilla developer. The Bugzilla -developers actually call these "settings," but we called them "User -Preferences" in the UI to make things clearer. - -You access a user's settings differently depending on if you are in a -.cgi file or in a template file: - -CGI: Bugzilla->user->settings->{'setting_name'}->value -Template: Bugzilla.user.settings.setting_name.value - -Where "setting_name" is the name of the setting. You can see the current -setting names in the "setting" table in the database. - -Remember that sometimes you may want to check a user's settings when -making a customization. - -To see how to add new settings, search for "add_setting" in checksetup.pl. -Also see the template: template/en/default/global/setting-descs.none.tmpl. - -Other Changes -------------- - -- The $::unconfirmedstate variable has been replaced by the actual string - "UNCONFIRMED" everywhere in Bugzilla code. - -- The %::FORM and %::MFORM variables are no longer used to access form - data. Instead, use $cgi->param(). There are many examples of how to do - this, all over the Bugzilla code. - -- SendSQL() and related calls are deprecated, and the various $dbh methods - should be used instead, such as $dbh->prepare() and $dbh->execute(). - Bugzilla->dbh is the $dbh handle to use. For more information on how - to use the $dbh methods, see: http://search.cpan.org/dist/DBI/DBI.pm - -- The $::userid variable will be going away. Use Bugzilla->user->id instead. - -- All global variables (any that start with $::, @::, or %::) will - be entirely gone by Bugzilla 2.24. - - -Security Fixes in 2.20 Releases -******************************* - -2.20.1 ------- - -There were three security issues discovered after the release of -Bugzilla 2.20 that we resolved for Bugzilla 2.20.1. One SQL Injection -(from an administrator only), one Cross-Site Scripting vulnerability -(that mostly affects only the user who can exploit it), and one minor, -extremely specific information leak. - -To see details on the vulnerabilities that were fixed, see the -Security Advisory at: - -http://www.bugzilla.org/security/2.16.10/ - - -Release Notes for Previous Versions -*********************************** - -***************************************** -*** The Bugzilla 2.18.x Release Notes *** -***************************************** - -Table of Contents -***************** - -- Introduction -- Important Updates In This Point Release - * Version 2.18.1 - * Version 2.18.2 -- Requirements - * Dependency Requirements -- What's New? - * Generic Reporting - * Generic Charting - * Request System - * Enterprise Group Support - * User Wildcard Matching - * Support for "Insiders" - * Time Tracking - * Authentication module/LDAP improvements - * Improved localization support - * Patch Viewer - * Comment Reply Links - * Full-Text Search - * Email Address Munging - * Simple Search - * Miscellaneous Improvements - * All Changes -- What's Changed? - * Flag Names - * New Saved Search User Interface - * Rules for changing fields -- Removed Features -- Code Changes Which May Affect Customizations -- Recommended Practice for the Upgrade - * Note About Upgrading From MySQL With ISAM Tables - * Steps for Upgrading -- Outstanding Issues (<======================== IMPORTANT, PLEASE READ) -- Security Fixes In 2.18 Releases -- Detailed Version-To-Version Release Notes - - -Introduction -************ - -This document contains the release notes for Bugzilla 2.18 and -the bugfix releases after 2.18. In this document, recently added, -changed, and removed features of Bugzilla are described. - -The 2.18 release is our current stable series, containing the results -of over two years of hard and dedicated work by volunteers all over -the world under the lead of Dave Miller. - - -Important Updates In This Point Release -*************************************** - -There are usually many other bug fixes than those listed below, -but the below fixes are the ones that we thought System Administrators -would like to specifically know about. - -To see a listing of all changes in this release, you can use the -table available at: - -http://www.bugzilla.org/status/changes.html - -Version 2.18.1 --------------- - -+ You can now enter a negative time for "Hours Worked" - in the time-tracking area. (Bug 271276) - -+ The BugMail.pm customization required for Windows (as - described in the Bugzilla Guide) now actually works. (Bug 280911) - -+ Users who were using Bugzilla 2.8 can now successfully upgrade - to 2.18.1 (they couldn't upgrade to 2.18). (Bug 283403) - -+ Dependency mails are now properly sent during a mass-change of bugs. - (Bug 178157) - - -Version 2.18.2 --------------- - -+ You can now create accounts with createaccount.cgi even - when the "requirelogin" parameter is turned on. (Bug 294778) - -+ Bugs that are in disabled groups may not show a padlock - on the bug list, or may otherwise behave strangely. You - can now fix this using sanitycheck.cgi. (Bug 277454) - -+ If sendmail dies while you are marking a bug - as a duplicate, the duplicates table will no longer become - corrupted. (Bug 225042) - - -Requirements -************ - -Dependency Requirements ------------------------ - -Minimum software requirements: - - MySQL v3.23.41 (changed from 2.16) - Perl v5.6.0 (changed from 2.16) (Non-Windows platforms) - ActiveState Perl v5.8.1 (Windows only) - -Required Perl modules: - - AppConfig v1.52 - CGI v2.93 (new since 2.16) (changed from 2.17.7) - Data::Dumper (any) - Date::Format v2.21 (changed from 2.16) - DBI v1.36 (changed from 2.16) (changed from 2.17.7) - DBD::mysql v2.1010 (changed from 2.16) - File::Spec v0.82 - File::Temp (any) - Template Toolkit v2.08 (changed from 2.16) - Text::Wrap v2001.0131 - -Optional Perl modules: - - Chart::Base v1.0 (changed from 2.16) (changed from 2.17.7) - GD v1.20 (changed from 2.16) - GD::Graph (any) (new since 2.16) - GD::Text::Align (any) (new since 2.16) - Net::LDAP (any) (new since 2.16) - PatchReader v0.9.4 (new since 2.16) (changed from 2.17.7) - XML::Parser (any) - - -What's New? -*********** - -Generic Reporting ------------------ - -Bugzilla has a new mechanism for generating reports of the current state of -the bug database. It has two related parts: a table-based view, and several -graphical views. - -The table-based view allows you to specify an x, y and z (multiple tables of -data) axis to plot, and then restrict the bugs plotted using the standard -query form. You can view the resulting data as an HTML or CSV export (e.g.: -for importing into a spreadsheet). - -There are also bar, line and pie charts, which are defined in a very similar -way. These views may be more appropriate for particular data types, and are -suitable for saving and then putting into presentations or web pages. - - -Generic Charting ----------------- - -Bugzilla has a new mechanism for generating charts (graphs over time) of any -arbitrary search. This is known as "New Charts." Legacy data from the previous -charting mechanism ("Old Charts") is migrated into the "New Charts" when you -upgrade. The Old Charts mechanism remains, but is deprecated and will be -removed in a future version of Bugzilla. - -Individual users can see/create charts as long as they are a member of the -group specified in the Param 'chartgroup'. Data can be collected for -personal charts every seven days (or a longer period, as set by the user). -Charts created by an administrator can be made public (visible to all). Data -is collected for administrator charts every day (or a longer period, as set -by the admin). - -The data is collected by the collectstats.pl script, which an administrator -will need to arrange to be run once every day (see the manual). Chart data can -be plotted in a number of different ways, and different data sets can be -plotted on the same graph for comparison. - -Please see the Known Bugs section for some important limitations relating to -access controls on charts. - - -Request System ---------------- - -The Request System (RS) is a set of enhancements that adds powerful flag -(superset of the old attachment status) features to the bugs. - -RS allows for four states: off, granted, denied, and (optionally) requested, -where "granted" is the equivalent of "on". These additions mean it is no -longer necessary to define a status to negate another status (e.g. -"needs-work" to negate "has-review") because negation is built into each -status via the status' "denied" state. Bug statuses: Previously only -attachments could have these kinds of statuses. RS enables them for bugs as -well. This feature can be used to request and grant/deny certain properties -for a bug, such as inclusion for a specific milestone or approval for checkin. -This way, Bugzilla supports the natural decision-making process in your -organization. - -- Requests: Flags can now optionally be made requestable, which means users - can ask other users to set them. When a user requests a flag, Bugzilla - emails the requestee and adds the request to a browsable queue so both the - requester and the requestee can keep track of its status. Once the - requestee fulfills the request by setting the flag to either granted or - denied, Bugzilla emails the requestee and removes the request from the - queue. This feature supports workflow like the mozilla.org code review - and milestone approval processes, whereby code is peer reviewed before - being committed and patches get approved by product release managers for - inclusion in specific product releases. - -- Product/component specificity: Previously flags were product-specific, and - if you wanted the same flag for multiple products you had to define - multiple flags with the same name. Flags are now - product/component-specific, and a single flag can be enabled or disabled - for multiple product/component combinations via inclusions and exclusions - lists. Flags are enabled for all combinations on their inclusions list - except those that appear on their exclusions list. - - -Enterprise Group Support ------------------------- - -Bugzilla is no longer limited to 55 access control groups. Administrators can -define an arbitrary number of access groups composed of individual users or -other groups. The groups can be configured via the web interface to achieve a -wide variety of access control policies. See the documentation section on -'Groups And Group Controls' for details. - - -User Wildcard Matching ----------------------- - -Sites can now enable the use of wildcards and substrings in bug entry and -editing forms. If the user enters an incomplete username, he'll get a list of -users that matched the given username. - - -Support for "Insiders" ----------------------- - -If the 'insidergroup' parameter is defined, a specific group of users can be -designated insiders who can designate comments and attachments as private to -other insiders. These comments and attachments will be invisible to other -users who are not members of the insiders group even if the bugs to which they -apply are visible. Other insiders will see the comments and attachments with a -visual tinting indicating that they are private. - - -Time Tracking -------------- - -Controls for tracking time spent fixing bugs are included in the bug form for -members of the group specified by the 'timetrackinggroup' parameter. Any time -comments are added to the bug, members of the time tracking group can add an -amount of time they spent, and it's figured into the total and displayed at -the top of the bug. Shown in the bug are your original estimate, the amount of -time spent so far, the revised estimate of how much time is remaining, and -your gain/loss on the original estimate. - - -Authentication module/LDAP improvements ---------------------------------------- - -Bugzilla's authentication mechanisms have been modularized, making pluggable -authentication schemes for Bugzilla a reality. Both the existing database and -LDAP systems were ported as part of modularization process. Additionally, the -CGI portion of the backend was redesigned to allow for authentication from -other sources, including (theoretically) email, which will help Bug 94850. - -As part of this conversion, LDAP logins now use Perl's standard Net::LDAP -module, which has no external library dependencies. - - -Improved localization support ------------------------------ - -Bugzilla administrators can now configure which languages are supported by -their installations and automatically serve correct, localized content to -users based on the HTTP 'Accept-Language' header sent from users' browsers. - -There are currently localized templates available for: Arabic, Belarusian, -Chinese, French, German, Italian, Korean, Portuguese (Brazil) Spanish (Spain -or Mexico) and Russian. These localized template packs are third-party -contributions, may only be available for specific versions, and may not be -supported in the future. (http://www.bugzilla.org/download/#localizations) - - -Patch Viewer ------------- - -Viewing and reviewing patches in Bugzilla is often difficult due to lack of -context, improper format and the inherent readability issues that raw patches -present. Patch Viewer is an enhancement to Bugzilla designed to fix that by -offering increased context, linking to sections, and integrating with Bonsai, -LXR and CVS. - - -Comment Reply Links -------------------- - -In Edit Bug, each bug comment now includes a convenient (reply) link that -quotes the comment text into the textarea. This feature is only enabled in -Javascript-capable browsers, but causes no inconvenience to other user agents. - - -Full-Text Search ----------------- - -It is now possible to query the Bugzilla database using full-text searching, -which spans comments and summaries, and which searches for substrings and stem -variations of the search term. Basically, it's like using Google. - - -Email Address Munging ---------------------- - -The fact that raw email addresses are displayed in Bugzilla makes it trivial -for bots that spamharvest to spider through Bugzilla, in particular, through -Bugzilla's buglists. This change adds HTML obfuscation of email addresses as -they appear in the Bugzilla web pages. - - -Google-like Bug Search ----------------------- - -Bugzilla now includes a very simple, Google-like "Find a Specific Bug" page, -in addition to its advanced search page. - - -Miscellaneous Improvements --------------------------- - -- The "Assigned To" field on the new bug page is now prefilled with the default - component owner. - -- A bug alias column is now available in the buglist page. - -- Lists of bugs containing errors in the sanity check page now have a "view as - buglist" link in addition to the individual bug links. - -- Autolinkification Page - It's now possible to apply Bugzilla's comment - hyperlinking algorithm to any text you like. This should be useful for status - updates and other web pages which give lists of bugs. The bug links created - include the subject, status and resolution of the bug as a tooltip. - -- There are more <link> tags on the links toolbar for navigating quickly between - different areas. - -- Buglists are now available as comma-separated value files (CSV) and JavaScript - (JS) as well as HTML and RDF. - -- Keywords and dependencies can now be entered during initial bug entry. - -- A CSS id signature unique to each Bugzilla installation is now added to the - <body> tag on Bugzilla pages to allow custom end-user CSS to explicitly affect - Bugzilla. - -- Perl's path has been changed to a normal /usr/bin/perl from the original - legacy "bonsaitools" path specifier. - -- A new "always-require-login" parameter allows administrators to require a - login before being able to view any page, except the front page. - -- A developer may add an attachment, and also reassign a bug to himself as part - of that single action. - -- Bugzilla is now able to use the replication facilities provided by the - MySQL database to handle updates from the main database to the secondaries. - -- Mail handling is now between 125% to 175% faster. - -- Guided Bug Entry: You can see a sample enter_bug.cgi template at - enter_bug.cgi?format=guided that "guides" users through the process of - filing a "good" bug. It needs to be modified before use in your organization. - -- There is now a "Give me some help" link on the Advanced Search page that will - enable pop-up help for every field on the page. - -- The Bugzilla administrator can now forbid users from marking bugs RESOLVED - when there are unresolved dependencies. - - -All Changes ------------ - -To see a list of EVERY bug that was fixed between 2.16 and 2.18 (over 1000), -see: http://tinyurl.com/6m3e4 - - -What's Changed? -*************** - - -Flag names ----------- - -Prerelease versions of Bugzilla 2.17 and 2.18 inadvertantly allowed -commas and spaces in the names of flags, which due to the way they're -processed, caused lots of internal havoc if you named flags to have -any commas or spaces in them. Having commas or spaces in the names -can cause errors in the notification emails and in the bug activity -log. The ability to create new flags with these characters has been -removed. If you have any existing flags that you named that way, -running checksetup will attempt to automatically rename them by -replacing commas and spaces with underscores. - - -New Saved Search User Interface -------------------------------- - -In previous Bugzilla versions, you could specify on the search page that you -wanted to save a search and store it as a link in your footer. This option has -now moved to the search results page (buglist.cgi), where you will see a -"Remember search" button with a box next to it to enter the name of the search. - -You can manage your saved searches on the Preferences page. - - -Rules for changing fields -------------------------- - -There have been some changes to the rules governing who can change which fields -of a bug report. The rules for Bugzilla version 2.16 and 2.18, along with -differences between them, are listed below. Bear in mind that there are other -restrictions on bug manipulation besides the ones listed below. In particular, -the groups system enforces restrictions on who can create, edit, or even see -any given bug. - -Bugzilla 2.16 rules: - -- anyone can make a null change; -- anyone can add a comment; -- anyone in the editbugs group can make any change; -- the reporter can make any change to the status; -- anyone in the canconfirm group can change the status - to any opened state (NEW, REOPENED, ASSIGNED). -- anyone can change the status to any opened state - if the everconfirmed flag is set; -- the owner, QA contact, or reporter can make any change - *except* changing the status to an opened state; -- No other changes are permitted. - -[Note that these rules combine to allow the reporter to make any change -to the bug.] - -Bugzilla 2.18 rules: - -- anyone can make a null change; -- anyone can add a comment; -- anyone in the editbugs group can make any change; -- anyone in the canconfirm group can change the status - from UNCONFIRMED to any opened state; -- the owner or QA contact can make any change; -- the reporter can make any change *except*: - - changing the status from UNCONFIRMED to any opened state; or - - changing the target milestone; or - - changing the priority (unless the letsubmitterchoosepriority - parameter is set). -- No other changes are permitted. - -The effective differences in the rules: - -- In 2.16, the reporter could always change anything about a bug. - - In 2.18, the reporter can't: - - - confirm the bug unless he is in the canconfirm group; - - change the target milestone; - - change the priority (unless the 'letsubmitterchoosepriority' - parameter is set; - - (unless he is also the owner, the QA contact, or in the editbugs - group, in which case he can do all these things). - -- In 2.16, the owner or QA contact (if the 'useqacontact' parameter - is set) can't change the bug status to an opened status unless they - are also the reporter, or have editbugs or canconfirm, or the - everconfirmed flag is set on the bug). - - In 2.18 the owner or QA contact can make any change to a bug. - -- In 2.16, a member of the canconfirm group can set the status - to any opened status. - - In 2.18 this is only possible if the status was previously - the unconfirmed status. - -- In 2.16, the status can be set to anything by anybody - if the 'everconfirmed' flag is set. - - In 2.18, this authorization code does not pay any attention - to the 'everconfirmed' flag. - - -Removed Features -**************** - -- Please note that Bugzilla no longer supports MySQL 3.22. The minimum required - version is now 3.23.41. - -- The "shadow database" mechanism is no longer used. Instead, use MySQL's - built-in replication feature. - -- If you have placed any comments in the localconfig file, they may be removed - by checksetup.pl. - - -Code Changes Which May Affect Customizations -******************************************** - -- A mechanism (called "Template Hooks") for third party extensions to plug into - existing templates without having to patch or replace distributed templates - has been added. More information on this can be found in the documentation. - -- Header output now uses CGI.pm, in a step towards enabling mod_perl - compatibility. This change will affect users that had customized charsets in - their CGI files: previously the charset had to be added everywhere that - printed the Content-Type header; now it only needs changing in one spot, in - Bugzilla/CGI.pm. - -- $::FORM{} and $::COOKIE{} are deprecated. Use the $cgi methods to access - them. - -- $::userid is gone in favor of Bugzilla->user->id - -- ConnectToDatabase() is gone (it's done automatically when you initialize the - Bugzilla object) - -- quietly_check_login() and confirm_login() are gone, use Bugzilla->login() - with parameters for whether the login is required or not. - -- Use Bugzilla->user->login in place of $::COOKIE{Bugzilla_login} - -- You can tell if there's a user logged in or not by using - Bugzilla->user rather than looking for $::userid==0. - In new 2.18 code, use defined(Bugzilla->user) && (Bugzilla->user->id) - In 2.20, this will become just (Bugzilla->user->id) - In templates, always test [% IF user.id %] rather than [% IF user %] - -- SendSQL() and related calls are deprecated, and the various $dbh methods - should be used instead, such as $dbh->prepare() and $dbh->execute(). - Bugzilla->dbh is the $dbh handle to use. - - -Recommended Practice for the Upgrade -************************************ - -Note About Upgrading From MySQL With ISAM Tables ------------------------------------------------- -As previously noted in the Dependency Requirements MySQL is now required -to be at least version 3.23.41. This implies that all tables of type ISAM will -be converted by the checksetup.pl script to MyISAM. - - -Steps for Upgrading -------------------- - -1) View the Sanity Check (sanitycheck.cgi) page on your installation before - upgrading. - -2) As with any upgrade it is recommended that you make a backup of the - Bugzilla database before you upgrade, perhaps by using mysqldump. - - Example: - - mysqldump -u root -p --databases bugs > bugs.db.backup - -3) Replace the files in your installation, or you can try to use CVS to upgrade. - The Bugzilla.org website has instructions on how to do the actual - installation. - -4) Make sure that you run checksetup.pl after you install the new version. - -5) View the Sanity Check page again after you run checksetup.pl. - -6) It is recommended that, if possible, you fix any problems you find - immediately. Failure to do this may mean that Bugzilla will not work - correctly. Be aware that if the sanity check page contains more errors after - an upgrade, it doesn't necessarily mean there are more errors in your - database, as additional tests are added to the sanity check over time, and - it is possible that those errors weren't being checked for in the old - version. - - -Outstanding Issues -****************** - -These are known problems with the release that we think you should know about. -They each have a bug number for http://bugzilla.mozilla.org/ - -- If at any time you upgraded from a version of Bugzilla between 2.17.4 - - 2.17.7 to either 2.18rc3 or 2.19.1, you must manually fix your New Charts in - order for them to work. See the following link for instructions on how to do - this: https://bugzilla.mozilla.org/show_bug.cgi?id=276237#c18 - If you are using 2.18rc3, but did not upgrade from version 2.17.4 or newer, - then you don't need to do this. - -- bug 37765: If you use an MTA other than sendmail (such as Postfix, Exim, - etc.) you MUST turn on the "sendmailnow" parameter or Bugzilla will not send - e-mail correctly. - -- bug 276230: The support for restricting access to particular Categories of - New Charts is not complete. You should treat the 'chartgroup' Param as the - only access mechanism available. However, additionally, charts migrated from - Old Charts will be restricted to the groups that are marked MANDATORY for - the corresponding Product. There is currently no way to change this - restriction, and the groupings will not be updated if the group configuration - for the Product changes. - -- bug 69621: If you rename or remove a keyword that is in use on bugs, you will - need to rebuild the "keyword cache" by running sanitycheck.cgi and choosing - the option to rebuild the cache when it asks. Otherwise keywords may not show - up properly in search results. - -- (No Bug Number) If you have a lot of non-ASCII data in your Bugzilla (for - example, if you use a translation of Bugzilla), don't enable the XS::Stash - option when you install the Template Toolkit, or your Bugzilla installation - may become slow. This problem is fixed in a not-yet-released version of the - Template Toolkit (after 2.14). - -- bug 266579: Users may be able to circumvent not having "canconfirm" privileges - in some circumstances. This is fixed starting with 2.19.3, but will not - be fixed in any 2.18 release, as the changes required to fix it are quite - large. - -- bug 99215: Attachment changes have no mid-air collision detection, unlike bug - changes. - -- bug 57350: Searching using the "commenter is" option may be VERY slow. Note - that searching for "field: comment, changed by: user@domain.com" is fast, - though. - -- bug 151509: Using the boolean chart option "contains the string" with the - "flag name" field or certain other fields will cause Bugzilla to emit an - error. This is fixed in 2.20rc1, but will not be fixed in the 2.18 series. - -- bug 234159: Bugzilla may sometimes send multiple notices in one email. - -- bug 237107: If you search for attachment information using the Boolean Charts - at the bottom of the Advanced Query page, bugs without attachments will not - show up in the result list. - - -Security Fixes In 2.18 Releases -******************************* - -Version 2.18 ------------- - -Summary: XSS in Internal Error messages in Bugzilla 2.16.7 and 2.18rc3 -CVE Name: CAN-2004-1061 -Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=272620 -Details: - It is possible to send a carefully crafted URL to Bugzilla designed to -trigger an error message. The Internal Error message includes javascript code -which displays the URL the user is visiting. The javascript code does not -escape the URL before displaying it, allowing scripts contained in the URL to -be executed by the browser. Many browsers do not allow unescaped URLs to be -sent to a webserver (thus complying with RFC 2616 section 2.3.1 and RFC 2396 -section 2.4.3), and are thus immune to this issue. - Browsers which are known to be immune: Firefox 1.0, Mozilla 1.7.5, -Camino 0.8.2, Netscape 7.2, Safari 1.2.4 - Browsers known to be susceptible: Internet Explorer 6 SP2, -Konqueror 3.2 - Browsers not listed here have not been tested. - - -Version 2.18.1 --------------- - -Two security issues were fixed in Bugzilla 2.18.1, neither of them -critical. - -See http://www.bugzilla.org/security/2.16.8/ for details. - - -Version 2.18.2 --------------- - -Two security issues were fixed in Bugzilla 2.18.2. One of them -is a major Information Leak/Unauthorized Bug Change. The other -is a minor Information Leak. - -See http://www.bugzilla.org/security/2.18.1/ for details. - - -Detailed Version-To-Version Release Notes -***************************************** - -********************************************************* -*** USERS UPGRADING FROM ALL VERSIONS PRIOR TO 2.16.7 *** -********************************************************* - -*** Security fixes *** - -- It is possible to send a carefully crafted HTTP POST message to - process_bug.cgi which will remove keywords from a bug even if you don't have - permissions to edit all bug fields (the "editbugs" permission). Such changes - are reported in "bug changed" email notifications, so they are easily - detected and reversed if someone abuses it. Users are now prevented from - making changes to keywords if they do not have editbugs privileges. (bug - 252638) - -*** Bug fixes of note *** - -- Enforce a minimum of 10 minutes between attempts to reset a password, so - we don't mailbomb the user if someone submits the form many times in a - row. (bug 250897) - -- Put products in alphabetical order on the create attachment status page. - (bug 251427) - -- Specify MyISAM as the table type when creating new tables. MySQL 4.1 and - up default to InnoDB, which doesn't support some of the indexing methods - that we use. (bug 263165) - -********************************************************* -*** USERS UPGRADING FROM ALL VERSIONS PRIOR TO 2.16.6 *** -********************************************************* - -*** Security fixes *** - -- If Bugzilla is configured to hide entire products from some users, both - duplicates.cgi and the form for mass-editing a list of bugs in buglist.cgi - can disclose the names of those hidden products to such users. - (bugs 234825 and 234855) - -- Several administration CGIs echo invalid data back to the user without - escaping it. (bug 235265) - -- A user with privileges to grant membership to any group (i.e. usually an - administrator) can trick editusers.cgi into executing arbitrary SQL. - (bug 244272) - -*** Bug fixes of note *** - -- Allow XML import to function when there are regexp metacharacters in product - names (bug 237591) - -- Allow the bug_email.pl contrib script to work with useqacontact (bug 239912) - -- Improve the error message used by checksetup.pl when the MySQL requirements - are not met (bug 240228) - -- Elimnate the warning in checksetup.pl about the minimum sendmail version (bug - 240060) - -- $webservergroup now defaults to group 'apache' in new installations (bug - 224477) - -- Correct a situation where a bugmail message could be sent twice to a user - being added to the CC list if the address was entered in a different case - than the user registered with. (bug 117297) - -- Various documentation updates - -********************************************************* -*** USERS UPGRADING FROM ALL VERSIONS PRIOR TO 2.16.4 *** -********************************************************* - -*** Bug fixes of note *** - -- Fix a "used only once" warning that ocurred only in perl 5.00503 - (bug 2321691) - -- When a user is creating a new account and enters an invalid email - address, the error page sent the "Content-type" header twice, causing - the second one to be visible at the top of the page. - (bug 137121) - -- An HTML encoding issue which only affected Internet Explorer was - corrected in the "Change several bugs at once" page. - (bug 181106) - -- During initial setup, using invalid characters in the administrator - password would present an error message stating your password was - too long or too short instead of telling you it had invalid - characters. - (bug 166755) - -- When a user reset their own password via an emailed token, the new - password in the first field would be accepted if the second password - field was left blank. - (bug 123077) - -- Reopening bugs from the "change several bugs at once" page now works. - (bug 95430) - -- Fix a regression in xml.cgi caused by the previous bugfix for MySQL - SUM() changes. The original fix didn't work properly either. - (bug 225474) - -- No longer use server push with the "Safari" browser, which claims to - use the Mozilla layout engine but doesn't. - (bug 188712) - -- Creating a shadow database no longer fails with taint mode errors. - (bug 227510) - -- If you change your cookiepath setting at some stage (because you have - moved the directory Bugzilla resides on your webserver), users can - have login cookies with the old cookiepath, and their browsers will - send multiple logincookies. Bugzilla now uses the first rather than - the last in order to get the most specific cookie which will be the - correct one. - (bug 121419) - -- Fixed a regression caused by the previous DBD::mysql fixes, that - caused older versions of DBD::mysql to break due to not supporting - the new DBI syntax. - (bug 224815) - -- Bugzilla no longer sends out invalid dates for cookie expiry. This - bug had no known user visible ramifications. - (bug 228706) - -- Update the shadow database parameters description to tell the user - about permissions requirements for creating a shadow database. - (bug 227513) - -- Various documentation updates. - -********************************************************* -*** USERS UPGRADING FROM ALL VERSIONS PRIOR TO 2.16.3 *** -********************************************************* - -*** SECURITY ISSUES RESOLVED *** - -- A user with 'editproducts' privileges (i.e. usually an administrator) - can select arbitrary SQL to be run by the nightly statistics cron job - (collectstats.pl), by giving a product a special name. - (bug 214290) - -- A user with 'editkeywords' privileges (i.e. usually an administrator) - can inject arbitrary SQL via the URL used to edit an existing keyword. - (bug 219044) - -- When deleting products and the 'usebuggroups' parameter is on, the - privilege which allows someone to add people to the group which is - being deleted does not get removed, allowing people with that - privilege to get that privilege for the next group that is created - which reuses that group ID. Note that this only allows someone who - had been granted privileges in the past to retain them. - (bug 219690) - -- If you know the email address of someone who has voted on a secure - bug, you can access the summary of that bug even if you do not have - sufficient permissions to view the bug itself. - (bug 209376) - -*** Bug fixes of note *** - -Perl 5.8.0 Compatibility fixes: - -- Two taint errors were fixed, one in process_bug.cgi, and - another in post_bug.cgi. - (bugs 220332 and 177828) - -MySQL 4.0 Compatibility fixes: - -- A cosmetic fix was applied to votes.cgi (if there were no - votes, the "0" was not displayed) due to a change in semantics - in SUM() in MySQL 4.0. - (bug 217422) - -DBD::mysql > 2.1026 Compatibility fixes: - -- DBD::mysql versions after 2.1026 return the table list quoted, which - broke the existing "table exists" check in checksetup.pl, which caused - the second and subsequent attempts to run checksetup.pl to fail. - (bug 212095) - -Miscellaneous bug fixes: - -- A Mozilla-specific reference was removed from one of the report - templates. - (bug 221626) - -- It was possible to enter a situation where you were unable to get to - editparams.cgi to turn the shutdownhtml param back off after you - turned it on when Apache was configured to run Bugzilla in suexec - mode. - (bug 213384) - -- The processmail rescanall task would not send e-mails about more than - one bug to the same address. - (bug 219508) - -- If Bugzilla hadn't been accessed in the last hour when the - collectstats.pl or whineatnews.pl cron jobs ran, the versioncache - would get recreated with the file owner being the user the cron job - was running as (usually not the webserver user), causing subsequent - access to Bugzilla by the webserver to fail until the permissions were - fixed. Now if versioncache isn't readable when accessing from the - webserver, we pretend it doesn't exist and recreate it again. - (bug 160422) - -- The 'sendmailnow' param is now on by default in new installations - (this does not affect existing installations). - (bug 146087) - -- The 008filter.t test would fail if you had multiple language packs - installed. It now properly tests all of the installed language packs. - (bug 203318) - -- A few minor documentation changes were committed. - -********************************************************* -*** USERS UPGRADING FROM ALL VERSIONS PRIOR TO 2.16.2 *** -********************************************************* - -*** SECURITY ISSUES RESOLVED *** - -- A cross site scripting (XSS) vulnerability was fixed in which bug - summaries were not properly filtered when a user viewed a dependency graph - allowing JavaScript to be embedded on that page. - (bug 192661) - -- Several XSS vulnerabilities were fixed in which user - input was not escaped when being displayed. A new - test has been added to warn about unfiltered data in template - files (t/008filter.t). - (bug 192677) - -- An issue was fixed in which the QA contact was still treated as the QA - contact even after the 'useqacontact' setting was turned off. This also - allowed the QA contact to edit the security groups and view secured bugs that - he/she was allowed to access prior to the 'useqacontact' setting being - deactivated. - (bug 194394) - -- Fixed a situation where an attacker (with local access to the webserver) - could overwrite any file on the webserver to which the webserver user - has write access by creating appropriately named symbolic links in the - data and webdot directories (world-writable in many configurations). - Bugzilla now uses File::Temp to create secure temporary files. File::Temp - is part of the Perl distribution for Perl 5.6.1 and later, but if you're - using an older version of Perl you'll need to install it with CPAN. - (bug 197153) - -** IMPORTANT CHANGES *** - -- New module requirement: File::Temp, as mentioned above. - -*** Bug fixes of note *** - -- An issue was fixed in which administrator rights could be removed from an - administrator who deleted a product while the 'usebuggroups' setting is - activated. - (bug 157704) - -- Fixed an issue in which importxml.pl would fail the test suite when running - under perl 5.8.0 with the optional XML::Parse module. - (bug 172331) - -- There was previously a bug in CGI.pl in which the following warning - would be given under certain conditions: - "Character in "c" format wrapped at CGI.pl..." - This is now fixed. In some cases the warning was filling up web server log - files. - (bug 194125) - -- Fixed a bug in which long component names (in excess of 50 characters) would - be accepted when creating the component but would cause problems when trying - to use that component on a bug because it would get truncated. It is now no - longer possible to create components with names in excess of 50 characters. - (bug 197180) - -- Fixed a bug in checksetup.pl in which permissions were not being fixed - on the 'data/comments' file, the quip file. - (bug 160279) - -***************************************************************** -*** USERS UPGRADING FROM 2.16.1 OR EARLIER, 2.14.4 OR EARLIER *** -***************************************************************** - -*** SECURITY ISSUES RESOLVED *** - -- Fixed a cross site scriptability issue in quips. This is only a problem - if quips with HTML could have been inserted into your quips files. Bugzilla - has not allowed this since 2.12. - (bug 179329) -- checksetup.pl will now attempt to prevent access to "editor backups" of - localconfig. - (bug 186383) -- collectstats.pl no longer makes data/mining (which contains graphing - information) world writeable. - (bug 183188) - -*********************************************** -*** USERS UPGRADING FROM 2.16.0 OR EARLIER *** -*********************************************** - -*** SECURITY ISSUES RESOLVED *** - -- Apostrophes were not properly handled in email addresses. This was a - regression introduced in 2.16. It is not known whether this was - exploitable. - (bug 165221) - -See also next major section. - -*** Bug fixes of note *** - -- The VERSION cookie which allowed the previously entered version of a product - to be remembered was not correctly set. It was only set as a session - cookie, and under some circumstances could interfere with other cookies - (such as the login information) send at the same time. - (bug 160227) - -- importxml.pl would fail if the versioncache needed to be updated. - (bug 164464) - -- Bug changes going through intermediate pages would munge fields with - multiple fields, such as CCs. - (bug 161203) - -- On failure in template->new, Bugzilla will now die rather than futilely - attempt to use an error template. - (bug 166023) - -- Fixed a problem where checksetup had problems converting old installations - that didn't have a duplicates table. - (bug 151619) - -- Fixed a problem that caused taint errors when viewing or editing user - preferences with Perl 5.005 and Template 2.08. - (bug 160710) - -See also next section. - -****************************************************** -*** USERS UPGRADING FROM 2.16.0, 2.14.3 OR EARLIER *** -****************************************************** - -*** SECURITY ISSUES RESOLVED *** - -- When a new product is added to an installation with 47 groups or more and - "usebuggroups" is enabled, the new group will be assigned a groupset bit - using Perl math that is not exact beyond 2^48. This results in the new - group being defined with a "bit" that has several bits set. As users are - given access to the new group, those users will also gain access to - spurious lower group privileges. Also, group bits were not always reused - when groups were deleted. - (bug 167485) - -- The email interface had another insecure single parameter system call. This - could potentially allow arbitrary shell commands to be run. This file is - not supported at this time, but as long as we knew about the problem, we - couldn't overlook it. - (bug 163024) - -*** Bug fixes of note *** - -- The email interface was broken. This was a 2.14.3 regression. This file - is not supported at this time, but as long as we knew about the problem, we - couldn't overlook it. - (bug 160631) - -*********************************************** -*** USERS UPGRADING FROM 2.14.5 OR EARLIER *** -*********************************************** - -*** SECURITY ISSUES RESOLVED *** - -- The bug reporter could set the priority even when - 'letsubmitterchoosepriority' was off. - (bug 63018) - -- Most CGIs are now templatized. This helps to make it - easier to remember to HTML filter values and easier to spot - when they are not, preventing cross site scripting attacks. - (bug 86168) - -- Most CGIs now run in taint mode. This helps to prevent - failure to validate errors. - (bug 108982) - -*** IMPORTANT CHANGES *** - -- 2.16 introduces "templatization", a new feature that allows - administrators to easily customize the HTML output (the "look and feel") - of Bugzilla without altering Perl code. Bugzilla uses the - "Template Toolkit" for this. Please see the "Template Customization" - section of the Bugzilla Guide for more details. - - Administrators who ran the 2.15 development version with custom - templates should check the templates are still valid, as file names - and file paths have changed. - - Most output is now templatized. This process will be complete next - milestone. - - For speed, compiled templates are cached on disk. If you modify the - templates, the toolkit will normally detect the changes, and recompile the - changed templates. - - Adding new directories anywhere inside the template directory may cause - permission errors if you don't have a webservergroup specified in - localconfig. If you see these, rerun checksetup.pl as root. If you do not - have root access, or cannot get someone who does to do this for you, you can - rename the data/template directory to data/template.old (or any other name - Bugzilla doesn't use). Then rerun checksetup.pl to regenerate the compiled - templates. - (bug 86168, 97832) - -- Administrators can now configure maximum attachment sizes. These - should remain below the maximum size for your MySQL server, or you - will get obscure MySQL errors if you attach a bigger attachment. - - To find out the current size attachment that MySQL can accept, type - the command 'mysqladmin variables' and find out the value of the - 'max_allowed_packet' varible in bytes. - - To change the maximum size that MySQL can accept you can alter this - variable in your 'my.cnf' file. - (bug 91664) - -- Perl 5.004 is no longer supported because the Template Toolkit - requires 5.005. - (bug 97721) - -- New module requirements: Text::Wrap, Template [requires AppConfig], - File::Spec. - (bugs 97784, 84338, 103778) - -- The index page is now a CGI instead of an HTML page. You should remove - any existing index.html file and make sure your web server allows index.cgi - to be the default page in a directory. If you are not able to do that you - can instead set index_html in the 'localconfig' file to 1 and checksetup.pl - will create a redirect page for you. - (bug 80183) - -- It is now recommended that administrators run "processmail rescanall" - after upgrading to 2.16 or beyond. - - This will send out notification emails for changes that were - made but not emailed, due to Bugzilla bugs. All known - causes of this have been fixed in this version (bug 104589 and 99519). - - It is also recommended that this be run nightly to avoid - lengthy delays in future if this problem reoccurs. - (bug 106377) - -- In parallel with templatization, a lot of changes have been made to the HTML - output of the Bugzilla CGIs. This could break code that attempts to parse - such code. For example, this breaks mozbot. - (no bug number) - -- The "HTML template" parameters (headerhtml, bodyhtml, footerhtml, - errorhtml, bannerhtml, blurbhtml, mostfreqhtml, entryheaderhtml) have now - been moved to Template Toolkit templates. If you have modified these - parameters you will need to make corresponding changes to the corresponding - templates. Your old parameter values will be moved to a file called - old-params.txt by checksetup.pl. - - The old parameters correspond to files in template/en/default as follows: - - headerhtml: global/header.html.tmpl - footerhtml: global/footer.html.tmpl - bannerhtml: global/banner.html.tmpl - blurbhtml: global/banner.html.tmpl - mostfreqhtml: reports/duplicates*.html.tmpl - entryheaderhtml: bug/create/user-message.html.tmpl - - (bug 140437) - -*** Other changes of note *** - -- The query page has been redesigned for better user friendliness. - (bug 98707) -- Users can now change their email account. - (bug 23067) -- "Dependent Bug Changed" notification emails now contain the - dependent bug's summary and URL. - (bug 28736, 113383) -- Bugs with severity "critical", "blocker", and "enhancement" are - visually differentiated on bug lists for browsers with sufficient - CSS support. - (bug 28884) -- Bugzilla now has a sidebar for the Mozilla browser. - (bug 37339) -- A link to just created attachments now appears in notification - email. - (bug 66651) -- Comments now have numbers and can be referenced with - autohyperlinkifying similar to bugs. - (bug 71840) -- The attachment system has been rewritten, supporting new - "attachment statuses" (like keywords, but for attachments), - the ability to obsolete attachments, edit attachment MIME type, - and edit whether the attachment is a patch. - (bugs 84338, 75176) -- syncshadowdb now supports a configurable temp file location, - and properly shuts down Bugzilla while running. - (bug 75840) -- Dependency tree now lets you exclude resolved bugs and bugs - below a specified depth. - (bugs 83058) -- The "strictvaluechecks" parameter has gone away. These checks - are now always done. - (bug 119715) -- The midair collision page now shows all changes since the bug - page was loaded, not just the last one. - (bug 108312) -- Added support for making dependency graphs with 'dot', which - is better at creating complex graphs than 'webdot'. - (bug 120537) - -*** Bug fixes of note *** - -- Bugzilla scripts are now usually not terminated when the browser - window they are running in is closed. This caused hard to - reproduce bugs. - (bug 104589) -- On browsers that "reflow" the page, large component / milestone / - version fields were extremely slow to reflow when you altered - the product field. - (bug 96534) -- The selection in the component / milestone / version fields is - no longer lost when you change the selection in the product - field or use the back/forward buttons in your browser to return - to the page. - (bug 97966) -- You could not reverse dependencies in one step. - (bug 82143) -- Mass reassignment of non-open bugs will no longer reopen them. - (bug 30731) -- Attempting to bulk change no bugs will now give a user-friendly - error message. - (bug 90333) -- If you make a change to a bug where you only add yourself to CC, - email notifications are now properly sent out for MySQL 3.23. - (bug 99519) -- Bug entry now properly validates the data it has been sent. - (bug 107743) -- Midair collision checks will now properly work in all situations - where dependencies have changed. - (bug 73502) -- Browsers can no longer corrupt the params file if they use the "wrong" - end-of-line markers. - (bug 92500) -- The MySQL port defined in localconfig is now properly honoured. - (bug 98368) -- Apostrophes in component/milestone/version names no longer cause - a problem on the query page. - (bug 30689/42810) -- File attachment comments will now wrap. - (bug 52060) -- Saved queries are no longer mangled if you need to log in again, - for example if you had cookies off. - (bug 38835) -- Bug counts (on reports.cgi) were very slow if you had to - count a lot of bugs. - (bug 63249) -- 2.14 introduced options to let people see a bug when their name - is on it but who aren't in the groups the bug is restricted - to. These only allowed the people to view the bugs directly, - and not see them on buglists and receive email about them. - (bugs 95024, 97469) -- A new 'cookiepath' parameter on editparams.cgi allows multiple - Bugzilla installations to exist on one host without problems. - (bug 19910) -- whineatnews.pl now respects the 'sendmailnow' parameter. - (bug 52782) -- The query page came up even when Bugzilla was shut down. - (bug 121747) -- Quicksearch gave a weird error message when Bugzilla was - shut down. - (bug 121741) -- Operating system detection fixes. - (bugs 92763, 135666) -- QA contacts now receive emails when a new bug is created and - their only email preference was being added or removed from QA. - (bug 143091) - -*********************************************** -*** USERS UPGRADING FROM 2.14.4 OR EARLIER *** -*********************************************** - -See section above about users upgrading from 2.16.1 or earlier, -2.14.4 or earlier. - -*********************************************** -*** USERS UPGRADING FROM 2.14.3 OR EARLIER *** -*********************************************** - -See section above about users upgrading from 2.16.0 or earlier. - -*********************************************** -*** USERS UPGRADING FROM 2.14.2 OR EARLIER *** -*********************************************** - -*** SECURITY ISSUES RESOLVED *** - -- Basic maintenance on contrib/bug_email.pl and - contrib/bugzilla_email_append.pl which also fixes a - possible security hole with a misuse of a system() call. - These files are not supported at this time, but as long - as we knew about the problem, we couldn't overlook it. - (bug 154008) - -*** Bug fixes of note *** - -- The fix for bug 130821 in 2.14.2 broke being able to sort - bug lists on more than one field. buglist.cgi now allows - you to sort on more than one field again. - (bug 152138) - -*********************************************** -*** USERS UPGRADING FROM 2.14.1 OR EARLIER *** -*********************************************** - -*** SECURITY ISSUES RESOLVED *** - -- queryhelp.cgi no longer shows confidential products to - people it shouldn't. - (bug 126801) - -- It was possible for a user to bypass the IP check by - setting up a fake reverse DNS, if the Bugzilla web server - was configured to do reverse DNS lookups. Apache is not - configured as such by default. This is not a complete - exploit, as the user's login cookie would also need to - be divulged for this to be a problem. - (bug 129466) - -- In some situations the data directory became world writeable. - (bug 134575) - -- Any user with access to editusers.cgi could delete a user - regardless of whether 'allowuserdeletion' is on. - (bug 141557) - -- Real names were not HTML filtered, causing possible cross - site scripting attacks. - (bug 146447, 147486) - -- Mass change would set the groupset of every bug to be the - groupset of the first bug. - (bug 107718) - -- Some browsers (eg NetPositive) interacted with Bugzilla - badly and could have various form problems, including - removing group restrictions on bugs. - (bug 148674) - -- It was possible for random confidential information to be - divulged, if the shadow database was in use and became - corrupted. - (bug 92263) - -- The bug list sort order is now stricter about the SQL it will accept, - ensuring you use correct column name syntax. Before this, there were - some syntax checks, so it is not known whether this problem was - exploitable. - (bug 130821) - -******************************************** -*** USERS UPGRADING FROM 2.14 OR EARLIER *** -******************************************** - -The 2.14.1 release fixes several security issues that became -known to us after the Bugzilla 2.14 release. - -*** SECURITY ISSUES RESOLVED *** - -- If LDAP Authentication was being used, Bugzilla would allow - you to log in as anyone if you left the password blank. - (bug 54901) - -- It was possible to add comments or file a bug as someone else - by editing the HTML on the appropriate submission page before - submitting the form. User identity is checked now, and the - form values suggesting the user are now ignored. - (bug 108385, 108516) - -- The Product popup menu on the show_bug form listed all - products, even if the user didn't have access to all of them. - It now only shows products the user has access to (and the - product the bug is in, if the user is viewing it because of - some other override). - (bug 102141) - -- If a user had any blessgroupset privileges (the ability to - change only specific privileges for other users), it was - possible to change your own groupset (privileges) by - altering the page HTML before submitting on editusers.cgi. - (bug 108821) - -- An untrusted variable was echoed back to user in the HTML - output if there was a login error while editing votes. - (bug 98146) - -- buglist.cgi had an undocumented parameter that allowed you - to pass arbitrary SQL for the "WHERE" part of a query. - This has been disabled. - (bug 108812) - -- It was possible for a user to send arbitrary SQL by inserting - single quotes in the "mybugslink" field in the user - preferences. - (bug 108822) - -- buglist.cgi was not validating that the field names being - passed from the "boolean chart" query form were valid field - names, thus allowing arbitrary SQL to be inserted if you - edited the HTML by hand before submitting the form. - (bug 109679) - -- long_list.cgi was not validating that the bug ID parameter - was actually a number, allowing arbitrary SQL to be inserted - if you edited the HTML by hand. - (bug 109690) - -******************************************** -*** USERS UPGRADING FROM 2.12 OR EARLIER *** -******************************************** - -*** SECURITY ISSUES RESOLVED *** - -- Multiple instances of unauthorized access to confidential - bugs have been fixed. - (bug 39524, 39526, 39527, 39531, 39533, 70189, 82781) - -- Multiple instances of untrusted parameters not being - checked/escaped was fixed. These included definite security - holes. - (bug 38854, 38855, 38859, 39536, 87701, 95235) - -- After logging in passwords no longer appear in the URL. - (bug 15980) - -- Procedures to prevent unauthorized access to confidential - files are now simpler. In particular the shadow directory - no longer exists and the data/comments file no longer needs - to be directly accessible, so the entire data directory can - be blocked. However, no changes are required here if you - have a properly secured 2.12 installation as no new files - must be protected. - (bug 71552, 73191) - -- If they do not already exist, checksetup.pl will attempt to - write Apache .htaccess files by default, to prevent - unauthorized access to confidential files. You can turn this - off in the localconfig file. - (bug 76154) - -- Sanity check can now only be run by people in the 'editbugs' - group. Although it would be better to have a separate - group, this is not possible until the limitation on the - number of groups allowed has been removed. - (bug 54556) - -- The password is no longer stored in plaintext form. It will - be eradicated next time you run checksetup.pl. A user must - now change their password via a password change request that - gets validated at their e-mail account, rather than have it - mailed to them. - (bug 74032) - -- When you are using product groups and you move a bug between - products (single or mass change), the bug will no longer be - restricted to the old product's group (if it was) and will - be restricted to the new product's group. - (bug 66235) - -- There are now options on a bug to choose whether the - reporter, and CCs can access a bug even if they aren't in - groups the bug it is restricted to. - (bug 39816) - -- You can no longer mark a bug as a duplicate of a bug you - can't see, and if you mark a bug a duplicate of a bug - the reporter cannot see you will be given options as to - what to do regarding adding the reporter of the resolved - bug to the CC of the open bug. - (bug 96085) - -*** IMPORTANT CHANGES *** - -- Bugzilla 2.14 no longer supports old email tech. Upon - upgrading, all users will be moved over to new email tech. - This should speed up upgrading for installations with - a large number of bugs. - (bug 71552) - -- There is new functionality for people to see why they are - receiving notification mails. - - Previously, some people filtered old email tech - notifications depending on whether they were in the To or the - CC header, in order to get a limited way of determining why - they were receiving the notification for filtering purposes. - - Existing installations will need to make changes to support - this feature. The receive reasons can be added to the - notifications as a header and/or in the body. To add these - you will need to modify your newchangedmail parameter on - editparams.cgi, either by resetting it or appropriately - modifying it. The header value is specified by - %reasonsheader% and the body by %reasonsbody%. For example, - the new default parameter is: - - -------------------------------------------------- - From: bugzilla-daemon - To: %to% - Subject: [Bug %bugid%] %neworchanged%%summary% - X-Bugzilla-Reason: %reasonsheader% - - %urlbase%show_bug.cgi?id=%bugid% - - %diffs% - - - - %reasonsbody% - -------------------------------------------------- - - (bug 26194) - -- Very long fields (especially multi-valued fields like keywords, - CCs, dependencies) on bug activity and notifications previously - could get truncated, resulting in useless notifications and data - loss on bug activity. Now the multi-valued fields only show - changes, and very big changes are split into multiple lines. - Where data loss has already occurred on bug activity, it is - indicated using question marks. - (bug 55161, 92266) - -- Previously, when a product's voting preferences changed all - votes were removed from all the bugs in the product. Also, - when a bug was moved to another product, all of its votes - were removed. This no longer occurs. - - Instead, if the action would leave one or more bugs with - greater than the maximum number of votes per person per bug, - the number of votes will be reduced to the maximum. The - person will still be notified of this as before. - - If the action would leave a user with more votes in a product - than is allowed, the limit will be breached so as to not lose - votes. However the user will not be able to update their - votes except to fix this situation. No further action is taken - in this version to make sure that the user does this. - (bug 28882, 92593) - -*** Other changes of note *** - -- Groups can now be marked inactive, so you can't add a new - restriction on that group to a bug, while leaving bugs that - were previously restricted on that group alone. - (bug 75482) -- backdoor.cgi has been removed from the installation. It was - old code that was Netscape-specific and its name was scaring - people. - (bug 87983) -- You can now add or remove from CC on the bulk change page. - (bug 12819) -- New users created by administrators are now automatically - inserted into groups according to the group's regular - expression. Administrators must edit the user in a second - step to override these choices. Previously the - administrator specified these explicitly which could lead - to incorrect settings. - (bug 45164) -- The userregexp of system groups can now be edited without - resorting to direct database access. - (bug 65290) - -*** Bug fixes of note *** - -- The bug list page was sometimes bringing up a not logged in - footer when the user was logged in and the installation was - using a shadow database. - (bug 47914) -- You can now view the bug summary in your browser title for - a group-restricted bug if you have proper permissions. - (bug 71767) -- Quick search for search terms did not work in IE5. - This has been worked around. - (bug 77699) -- Quick search for search terms crashed NN4.76/4.77 for Unix. - This has been worked around. - (bug 83619) -- Queries on bugs you have commented on using the "added - comment" feature should be a lot faster and not time out - on large installations due to the addition of an index. - (bug 57350) -- You can now alter group settings on bulk change for groups - that aren't on for all bugs or off for all bugs. - (bug 84714) -- New bug notifications now include the CC and QA fields. - (bug 28458) -- Bugzilla is now more Windows friendly, although it is still - not an official platform. - (bug 88179, 29064) -- Passwords are now encrypted using Perl's encrypt function. - This makes Bugzilla more portable to more operating systems. - (bug 77473) -- Bugzilla didn't properly shut down when told to - some - queries could still be sent to the database. - (bug 95082) - -******************************************** -*** USERS UPGRADING FROM 2.10 OR EARLIER *** -******************************************** - -*** SECURITY ISSUES RESOLVED *** - -- Some security holes have been fixed where shell escape characters - could be passed to Bugzilla, allowing remote users to execute - system commands on the web server. - -*** IMPORTANT CHANGES *** - -- There is now a facility for users to choose the sort of - notifications they wish to receive. This facility will - probably be improved in future versions. - (bug 17464) - -- "Changed" will no longer appear on the subject line of - change notification emails. Because of this, you should - change the subject line in your 'changedmail' and - 'newchangedmail' params on editparams.cgi. The subject - line needs to be changed from - - Subject: [Bug %bugid%] %neworchanged% - %summary% - - to: - - Subject: [Bug %bugid%] %neworchanged%%summary% - - or whatever is appropriate for the subject you are using - on your system. Note the removal of the " - " in the - middle. - (bug 29820) - -*** Other changes of note *** - -- Bug titles now appear in the page title, and will hence - display in the user's browser's bookmarks and history. - (bug 22041) -- Edit groups functionality (editgroups.cgi). - (bug 25010) -- Support for moving bugs to other Bugzilla databases. - (bug 36133) -- Bugzilla now can generate a frequently reported bugs list - based on what duplicates you receive. - (bug 25693) -- When installing Bugzilla fresh, the administrator account is - now created in checksetup.pl. - (bug 17773) -- Stored queries now show their name above the bug list, which - helps the user when they have multiple bug lists in multiple - browser windows. It also appears in the page title, and will - hence display in the user's browser's bookmarks and history. - (bug 52228) -- All states and resolutions can now be collected for charting. - (bug 6682) -- A new search-engine-like "quick search" feature appears on - the front page to try and making searching easier. - (bug 69793) -- Querying on dependencies now works in the advanced query - section of the query page. - (bug 30823) -- When a bug is marked as a duplicate, the reporter of the - resolved bug is automatically added to the CC list of the - open bug. - (bug 28676) - -*** Bug fixes of note *** - -- Notification emails will now always be sent to QA contacts. - Previously they wouldn't if you were using new email tech. - (bug 30826) -- When marking a bug as a duplicate, the duplicate stamp marked - on the open bug will no longer be written too early (such as - on mid-air collisions). - (bug 7873) -- Various bug fixes were made to the initial assignee and QA - of a component. It is no longer possible to enter an - invalid address. They will also now properly update when - a user's email address is changed. Sanity check will now - check these. - (bug 66876) -- Administrators can no longer create an email accounts that do - not match the global email regular expression parameter. - Previously this could occur and would cause sanity check - errors. - (bug 32971) -- The resolution field can no longer become empty when the - bug is resolved. This occurred because of midair collisions. - (bug 49306) - -******************************************* -*** USERS UPGRADING FROM 2.8 OR EARLIER *** -******************************************* - -This version of Bugzilla cannot upgrade from version 2.8 (released -November 19, 1999). You will first have to upgrade to Bugzilla 3.6 and -then upgrade to the latest release. - -If you are upgrading from a version earlier than 2.8, See the -PGRADING-pre-2.8 file in Bugzilla 3.0 for information -on upgrading from a version that is earlier than 2.8. diff --git a/docs/en/rst/_static/bugzilla.css b/docs/en/rst/_static/bugzilla.css new file mode 100644 index 000000000..06f5c8375 --- /dev/null +++ b/docs/en/rst/_static/bugzilla.css @@ -0,0 +1,21 @@ +@import 'default.css'; + +dt { font-weight: bold; } + +/* Custom roles */ +.param { font-weight: bold; } +.paramval { font-family: monospace; } +.group { font-family: monospace; } +.field { font-weight: bold; } +.command { font-family: monospace; font-size: 130% } + +.admonition-todo { + background-color: lightpink; + border: 2px darkred solid; +} + +/* Make Buggie's antenna not take up so much space */ +.logo { + display: block; + margin-top: -20px; +} diff --git a/docs/en/rst/about/index.rst b/docs/en/rst/about/index.rst new file mode 100644 index 000000000..239c6ecea --- /dev/null +++ b/docs/en/rst/about/index.rst @@ -0,0 +1,128 @@ +.. _about: + +======================== +About This Documentation +======================== + +This is the documentation for version |version| of Bugzilla, a bug-tracking +system from Mozilla. Bugzilla is an enterprise-class piece of software +that tracks millions of bugs and issues for thousands of organizations around +the world. + +The most current version of this document can always be found on the +`Bugzilla website <http://www.bugzilla.org/docs/>`_. + +.. _evaluating: + +Evaluating Bugzilla +################### + +If you want to try out Bugzilla to see if it meets your needs, you can do so +on `Landfill <https://landfill.bugzilla.org/bugzilla-4.4-branch/>`_, our test +server. The `Bugzilla FAQ <https://wiki.mozilla.org/Bugzilla:FAQ>`_ may also +be helpful, as it answers a number of questions people sometimes have about +whether Bugzilla is for them. + +.. _getting-help: + +Getting More Help +################# + +If this document does not answer your questions, we run a +`Mozilla forum <https://www.mozilla.org/about/forums/#support-bugzilla>`_ +which can be accessed as a newsgroup, mailing list, or over the web as a +Google Group. Please +`search it <https://groups.google.com/forum/#!forum/mozilla.support.bugzilla>`_ +first, and then ask your question there. + +If you need a guaranteed response, commercial support is +`available <http://www.bugzilla.org/support/consulting.html>`_ for Bugzilla +from a number of people and organizations. + +.. _conventions: + +Document Conventions +#################### + +This document uses the following conventions: + +.. warning:: This is a warning—something you should be aware of. + +.. note:: This is just a note, for your information. + +A filename or a path to a filename is displayed like this: +:file:`/path/to/filename.ext` + +A command to type in the shell is displayed like this: +:command:`command --arguments` + +A sample of code is illustrated like this: + +:: + + First Line of Code + Second Line of Code + ... + +This documentation is maintained in +`reStructured Text +<http://docutils.sourceforge.net/docs/user/rst/quickstart.html>`_ format using +the `Sphinx <http://www.sphinx-doc.org/>`_ documentation system. It has +recently been rewritten, so it undoubtedly has bugs. Please file any you find, in +the `Bugzilla Documentation +<https://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla;component=Documentation>`_ +component in Mozilla's installation of Bugzilla. If you also want to make a +patch, that would be wonderful. Changes are best submitted as diffs, attached +to a bug. There is a :ref:`Style Guide <style-guide>` to help you write any +new text and markup. + +.. _license: + +License +####### + +Bugzilla is `free <http://www.gnu.org/philosophy/free-sw.html>`_ and +`open source <http://opensource.org/osd>`_ software, which means (among other +things) that you can download it, install it, and run it for any purpose +whatsoever without the need for license or payment. Isn't that refreshing? + +Bugzilla's code is made available under the +`Mozilla Public License 2.0 <http://www.mozilla.org/MPL/2.0/>`_ (MPL), +specifically the variant which is Incompatible with Secondary Licenses. +However, again, if you only want to install and run Bugzilla, you don't need +to worry about that; it's only relevant if you redistribute the code or any +changes you make. + +Bugzilla's documentation is made available under the +`Creative Commons CC-BY-SA International License 4.0 +<https://creativecommons.org/licenses/by-sa/4.0/>`_, +or any later version. + +.. _credits: + +Credits +####### + +The people listed below have made significant contributions to the +creation of this documentation: + +Andrew Pearson, +Ben FrantzDale, +Byron Jones, +Dave Lawrence, +Dave Miller, +Dawn Endico, +Eric Hanson, +Gervase Markham, +Jacob Steenhagen, +Joe Robins, +Kevin Brannen, +Martin Wulffeld, +Matthew P. Barnson, +Ron Teitelbaum, +Shane Travis, +Spencer Smith, +Tara Hernandez, +Terry Weissman, +Vlad Dascalu, +Zach Lipton. diff --git a/docs/en/rst/administering/categorization.rst b/docs/en/rst/administering/categorization.rst new file mode 100644 index 000000000..383b9341d --- /dev/null +++ b/docs/en/rst/administering/categorization.rst @@ -0,0 +1,416 @@ +.. _categorization: + +=============================================================== +Classifications, Products, Components, Versions, and Milestones +=============================================================== + +Bugs in Bugzilla are classified into one of a set of admin-defined Components. +Components are themselves each part of a single Product. Optionally, Products +can be part of a single Classification, adding a third level to the hierarchy. + +.. _classifications: + +Classifications +############### + +Classifications are used to group several related products into one +distinct entity. + +For example, if a company makes computer games, +they could have a classification of "Games", and a separate +product for each game. This company might also have a +``Common`` classification, containing products representing units of +technology used in multiple games, and perhaps an ``Other`` classification +containing a few special products that represent items that are not actually +shipping products (for example, "Website", or "Administration"). + +The classifications layer is disabled by default; it can be turned +on or off using the :param:`useclassification` parameter +in the *Bug Fields* section of :ref:`parameters`. + +Access to the administration of classifications is controlled using +the *editclassifications* system group, which defines +a privilege for creating, destroying, and editing classifications. + +When activated, classifications will introduce an additional +step when filling bugs (dedicated to classification selection), and they +will also appear in the advanced search form. + +.. _products: + +Products +######## + +Products usually represent real-world shipping products. +Many of Bugzilla's settings are configurable on a per-product basis. + +When creating or editing products the following options are +available: + +Product + The name of the product + +Description + A brief description of the product + +Open for bug entry + Deselect this box to prevent new bugs from being + entered against this product. + +Enable the UNCONFIRMED status in this product + Select this option if you want to use the UNCONFIRMED status + (see :ref:`workflow`) + +Default milestone + Select the default milestone for this product. + +Version + Specify the default version for this product. + +Create chart datasets for this product + Select to make chart datasets available for this product. + +It is compulsory to create at least one :ref:`component <components>` in a product, and +so you will be asked for the details of that too. + +When editing a product you can change all of the above, and there is also a +link to edit Group Access Controls; see :ref:`product-group-controls`. + +.. _create-product: + +Creating New Products +===================== + +To create a new product: + +#. Select ``Administration`` from the footer and then + choose ``Products`` from the main administration page. + +#. Select the ``Add`` link in the bottom right. + +#. Enter the details as outlined above. + +.. _edit-products: + +Editing Products +================ + +To edit an existing product, click the "Products" link from the +"Administration" page. If the :param:`useclassification` parameter is +turned on, a table of existing classifications is displayed, +including an "Unclassified" category. The table indicates how many products +are in each classification. Click on the classification name to see its +products. If the :param:`useclassification` parameter is not in use, the table +lists all products directly. The product table summarizes the information +defined when the product was created. Click on the product name to edit these +properties, and to access links to other product attributes such as the +product's components, versions, milestones, and group access controls. + +.. _comps-vers-miles-products: + +Adding or Editing Components, Versions and Target Milestones +============================================================ + +To add new or edit existing Components, Versions, or Target Milestones +to a Product, select the "Edit Components", "Edit Versions", or "Edit +Milestones" links from the "Edit Product" page. A table of existing +Components, Versions, or Milestones is displayed. Click on an item name +to edit the properties of that item. Below the table is a link to add +a new Component, Version, or Milestone. + +For more information on components, see :ref:`components`. + +For more information on versions, see :ref:`versions`. + +For more information on milestones, see :ref:`milestones`. + +.. _product-group-controls: + +Assigning Group Controls to Products +==================================== + +On the ``Edit Product`` page, there is a link called +``Edit Group Access Controls``. The settings on this page +control the relationship of the groups to the product being edited. + +Group Access Controls are an important aspect of using groups for +isolating products and restricting access to bugs filed against those +products. For more information on groups, including how to create, edit, +add users to, and alter permission of, see :ref:`groups`. + +After selecting the "Edit Group Access Controls" link from the "Edit +Product" page, a table containing all user-defined groups for this +Bugzilla installation is displayed. The system groups that are created +when Bugzilla is installed are not applicable to Group Access Controls. +Below is description of what each of these fields means. + +Groups may be applicable (i.e. bugs in this product can be associated +with this group), default (i.e. bugs in this product are in this group +by default), and mandatory (i.e. bugs in this product must be associated +with this group) for each product. Groups can also control access +to bugs for a given product, or be used to make bugs for a product +totally read-only unless the group restrictions are met. The best way to +understand these relationships is by example. See +:ref:`group-control-examples` for examples of +product and group relationships. + +.. note:: Products and Groups are not limited to a one-to-one relationship. + Multiple groups can be associated with the same product, and groups + can be associated with more than one product. + +If any group has *Entry* selected, then the +product will restrict bug entry to only those users +who are members of *all* the groups with +*Entry* selected. + +If any group has *Canedit* selected, +then the product will be read-only for any users +who are not members of *all* of the groups with +*Canedit* selected. *Only* users who +are members of all the *Canedit* groups +will be able to edit bugs for this product. This is an additional +restriction that enables finer-grained control over products rather +than just all-or-nothing access levels. + +The following settings let you +choose privileges on a *per-product basis*. +This is a convenient way to give privileges to +some users for some products only, without having +to give them global privileges which would affect +all products. + +Any group having *editcomponents* +selected allows users who are in this group to edit all +aspects of this product, including components, milestones, +and versions. + +Any group having *canconfirm* selected +allows users who are in this group to confirm bugs +in this product. + +Any group having *editbugs* selected allows +users who are in this group to edit all fields of +bugs in this product. + +The *MemberControl* and +*OtherControl* are used in tandem to determine which +bugs will be placed in this group. The only allowable combinations of +these two parameters are listed in a table on the "Edit Group Access Controls" +page. Consult this table for details on how these fields can be used. +Examples of different uses are described below. + +.. _group-control-examples: + +Common Applications of Group Controls +===================================== + +The use of groups is best explained by providing examples that illustrate +configurations for common use cases. The examples follow a common syntax: +*Group: Entry, MemberControl, OtherControl, CanEdit, +EditComponents, CanConfirm, EditBugs*, where "Group" is the name +of the group being edited for this product. The other fields all +correspond to the table on the "Edit Group Access Controls" page. If any +of these options are not listed, it means they are not checked. + +Basic Product/Group Restriction +------------------------------- + +Suppose there is a product called "Bar". You would like to make it so that only +users in the group "Foo" can enter bugs in the "Bar" product. Additionally, +bugs filed in product "Bar" must be visible only to users in "Foo" (plus, by +default, the reporter, assignee, and CC list of each bug) at all times. +Furthermore, only members of group "Foo" should be able to edit bugs filed +against product "Bar", even if other users could see the bug. This arrangement +would achieved by the following: + +:: + + Product Bar: + foo: ENTRY, MANDATORY/MANDATORY, CANEDIT + +Perhaps such strict restrictions are not needed for product "Bar". Instead, +you would like to make it so that only members of group "Foo" can +enter bugs in product "Bar", but bugs in "Bar" are not required to be +restricted in visibility to people in "Foo". Anyone with permission +to edit a particular bug in product "Bar" can put the bug in group "Foo", even +if they themselves are not in "Foo". + +Furthermore, anyone in group "Foo" can edit all aspects of the components of +product "Bar", can confirm bugs in product "Bar", and can edit all fields of +any bug in product "Bar". That would be done like this: + +:: + + Product Bar: + foo: ENTRY, SHOWN/SHOWN, EDITCOMPONENTS, CANCONFIRM, EDITBUGS + +General User Access With Security Group +--------------------------------------- + +To permit any user to file bugs against "Product A", +and to permit any user to submit those bugs into a +group called "Security": + +:: + + Product A: + security: SHOWN/SHOWN + +General User Access With A Security Product +------------------------------------------- + +To permit any user to file bugs against product called "Security" +while keeping those bugs from becoming visible to anyone +outside the group "SecurityWorkers" (unless a member of the +"SecurityWorkers" group removes that restriction): + +:: + + Product Security: + securityworkers: DEFAULT/MANDATORY + +Product Isolation With a Common Group +------------------------------------- + +To permit users of "Product A" to access the bugs for +"Product A", users of "Product B" to access the bugs for +"Product B", and support staff, who are members of the "Support +Group" to access both, three groups are needed: + +#. Support Group: Contains members of the support staff. + +#. AccessA Group: Contains users of product A and the Support group. + +#. AccessB Group: Contains users of product B and the Support group. + +Once these three groups are defined, the product group controls +can be set to: + +:: + + Product A: + AccessA: ENTRY, MANDATORY/MANDATORY + Product B: + AccessB: ENTRY, MANDATORY/MANDATORY + +Perhaps the "Support Group" wants more control. For example, +the "Support Group" could be permitted to make bugs inaccessible to +users of both groups "AccessA" and "AccessB". +Then, the "Support Group" could be permitted to publish +bugs relevant to all users in a third product (let's call it +"Product Common") that is read-only +to anyone outside the "Support Group". In this way the "Support Group" +could control bugs that should be seen by both groups. +That configuration would be: + +:: + + Product A: + AccessA: ENTRY, MANDATORY/MANDATORY + Support: SHOWN/NA + Product B: + AccessB: ENTRY, MANDATORY/MANDATORY + Support: SHOWN/NA + Product Common: + Support: ENTRY, DEFAULT/MANDATORY, CANEDIT + +Make a Product Read Only +------------------------ + +Sometimes a product is retired and should no longer have +new bugs filed against it (for example, an older version of a software +product that is no longer supported). A product can be made read-only +by creating a group called "readonly" and adding products to the +group as needed: + +:: + + Product A: + ReadOnly: ENTRY, NA/NA, CANEDIT + +.. note:: For more information on Groups outside of how they relate to products + see :ref:`groups`. + +.. _components: + +Components +########## + +Components are subsections of a Product. E.g. the computer game +you are designing may have a "UI" +component, an "API" component, a "Sound System" component, and a +"Plugins" component, each overseen by a different programmer. It +often makes sense to divide Components in Bugzilla according to the +natural divisions of responsibility within your Product or +company. + +Each component has a default assignee and, if you turned it on in the :ref:`parameters`, +a QA Contact. The default assignee should be the primary person who fixes bugs in +that component. The QA Contact should be the person who will ensure +these bugs are completely fixed. The Assignee, QA Contact, and Reporter +will get email when new bugs are created in this Component and when +these bugs change. Default Assignee and Default QA Contact fields only +dictate the *default assignments*; +these can be changed on bug submission, or at any later point in +a bug's life. + +To create a new Component: + +#. Select the ``Edit components`` link + from the ``Edit product`` page. + +#. Select the ``Add`` link in the bottom right. + +#. Fill out the ``Component`` field, a + short ``Description``, the + ``Default Assignee``, ``Default CC List``, + and ``Default QA Contact`` (if enabled). + The ``Component Description`` field may contain a + limited subset of HTML tags. The ``Default Assignee`` + field must be a login name already existing in the Bugzilla database. + +.. _versions: + +Versions +######## + +Versions are the revisions of the product, such as "Flinders +3.1", "Flinders 95", and "Flinders 2000". Version is not a multi-select +field; the usual practice is to select the earliest version known to have +the bug. + +To create and edit Versions: + +#. From the "Edit product" screen, select "Edit Versions". + +#. You will notice that the product already has the default + version "undefined". Click the "Add" link in the bottom right. + +#. Enter the name of the Version. This field takes text only. + Then click the "Add" button. + +.. _milestones: + +Milestones +########## + +Milestones are "targets" that you plan to get a bug fixed by. For +example, if you have a bug that you plan to fix for your 3.0 release, it +would be assigned the milestone of 3.0. + +.. note:: Milestone options will only appear for a Product if you turned + on the :param:`usetargetmilestone` parameter in the "Bug Fields" tab of + the :ref:`parameters` page. + +To create new Milestones and set Default Milestones: + +#. Select "Edit milestones" from the "Edit product" page. + +#. Select "Add" in the bottom right corner. + +#. Enter the name of the Milestone in the "Milestone" field. You + can optionally set the "sortkey", which is a positive or negative + number (-32768 to 32767) that defines where in the list this particular + milestone appears. This is because milestones often do not + occur in alphanumeric order; for example, "Future" might be + after "Release 1.2". Select "Add". diff --git a/docs/en/rst/administering/custom-fields.rst b/docs/en/rst/administering/custom-fields.rst new file mode 100644 index 000000000..29cc72e62 --- /dev/null +++ b/docs/en/rst/administering/custom-fields.rst @@ -0,0 +1,149 @@ +.. _custom-fields: + +Custom Fields +############# + +Custom Fields are fields defined by the administrator, in addition to those +which come with Bugzilla by default. Custom Fields are treated like any other +field—they can be set in bugs and used for search queries. + +Administrators should keep in mind that +adding too many fields can make the user interface more complicated and +harder to use. Custom Fields should be added only when necessary and with +careful consideration. + +.. note:: Before adding a Custom Field, make sure that Bugzilla cannot already + do the desired behavior. Many Bugzilla options are not enabled by + default, and many times Administrators find that simply enabling + certain options that already exist is sufficient. + +Administrators can manage Custom Fields using the +``Custom Fields`` link on the Administration page. The Custom +Fields administration page displays a list of Custom Fields, if any exist, +and a link to "Add a new custom field". + +.. _add-custom-fields: + +Adding Custom Fields +==================== + +To add a new Custom Field, click the "Add a new custom field" link. This +page displays several options for the new field, described below. + +The following attributes must be set for each new custom field: + +- *Name:* + The name of the field in the database, used internally. This name + MUST begin with ``cf_`` to prevent confusion with + standard fields. If this string is omitted, it will + be automatically added to the name entered. + +- *Description:* + A brief string used as the label for this Custom Field. + That is the string that users will see, and it should be + short and explicit. + +- *Type:* + The type of field to create. There are + several types available: + + Bug ID: + A field where you can enter the ID of another bug from + the same Bugzilla installation. To point to a bug in a remote + installation, use the See Also field instead. + Large Text Box: + A multiple line box for entering free text. + Free Text: + A single line box for entering free text. + Multiple-Selection Box: + A list box where multiple options + can be selected. After creating this field, it must be edited + to add the selection options. See + :ref:`edit-values-list` for information about + editing legal values. + Drop Down: + A list box where only one option can be selected. + After creating this field, it must be edited to add the + selection options. See + :ref:`edit-values-list` for information about + editing legal values. + Date/Time: + A date field. This field appears with a + calendar widget for choosing the date. + +- *Sortkey:* + Integer that determines in which order Custom Fields are + displayed in the User Interface, especially when viewing a bug. + Fields with lower values are displayed first. + +- *Reverse Relationship Description:* + When the custom field is of type ``Bug ID``, you can + enter text here which will be used as label in the referenced + bug to list bugs which point to it. This gives you the ability + to have a mutual relationship between two bugs. + +- *Can be set on bug creation:* + Boolean that determines whether this field can be set on + bug creation. If not selected, then a bug must be created + before this field can be set. See :ref:`filing` + for information about filing bugs. + +- *Displayed in bugmail for new bugs:* + Boolean that determines whether the value set on this field + should appear in bugmail when the bug is filed. This attribute + has no effect if the field cannot be set on bug creation. + +- *Is obsolete:* + Boolean that determines whether this field should + be displayed at all. Obsolete Custom Fields are hidden. + +- *Is mandatory:* + Boolean that determines whether this field must be set. + For single and multi-select fields, this means that a (non-default) + value must be selected; for text and date fields, some text + must be entered. + +- *Field only appears when:* + A custom field can be made visible when some criteria is met. + For instance, when the bug belongs to one or more products, + or when the bug is of some given severity. If left empty, then + the custom field will always be visible, in all bugs. + +- *Field that controls the values that appear in this field:* + When the custom field is of type ``Drop Down`` or + ``Multiple-Selection Box``, you can restrict the + availability of the values of the custom field based on the + value of another field. This criteria is independent of the + criteria used in the ``Field only appears when`` + setting. For instance, you may decide that some given value + ``valueY`` is only available when the bug status + is RESOLVED while the value ``valueX`` should + always be listed. + Once you have selected the field that should control the + availability of the values of this custom field, you can + edit values of this custom field to set the criteria; see + :ref:`edit-values-list`. + +.. _edit-custom-fields: + +Editing Custom Fields +===================== + +As soon as a Custom Field is created, its name and type cannot be +changed. If this field is a drop-down menu, its legal values can +be set as described in :ref:`edit-values-list`. All +other attributes can be edited as described above. + +.. _delete-custom-fields: + +Deleting Custom Fields +====================== + +Only custom fields that are marked as obsolete, and that have never +been used, can be deleted completely (else the integrity +of the bug history would be compromised). For custom fields marked +as obsolete, a "Delete" link will appear in the ``Action`` +column. If the custom field has been used in the past, the deletion +will be rejected. Marking the field as obsolete, however, is sufficient +to hide it from the user interface entirely. + diff --git a/docs/en/rst/administering/extensions.rst b/docs/en/rst/administering/extensions.rst new file mode 100644 index 000000000..2c54b8463 --- /dev/null +++ b/docs/en/rst/administering/extensions.rst @@ -0,0 +1,18 @@ +.. _installed-extensions-admin: + +Installed Extensions +==================== + +Bugzilla can be enhanced using extensions (see :ref:`extensions`). If an +extension comes with documentation in the appropriate format, and you build +your own copy of the Bugzilla documentation using :file:`makedocs.pl`, then +the documentation for your installed extensions will show up here. + +Your Bugzilla installation has the following extensions available (as of the +last time you compiled the documentation): + +.. toctree:: + :maxdepth: 1 + :glob: + + ../extensions/*/index-admin diff --git a/docs/en/rst/administering/field-values.rst b/docs/en/rst/administering/field-values.rst new file mode 100644 index 000000000..b7380cbdf --- /dev/null +++ b/docs/en/rst/administering/field-values.rst @@ -0,0 +1,45 @@ +.. _field-values: + +Field Values +############ + +Legal values for the operating system, platform, bug priority and +severity, and custom fields of type ``Drop Down`` and +``Multiple-Selection Box`` (see :ref:`custom-fields`), +as well as the list of valid bug statuses and resolutions, can be +customized from the same interface. You can add, edit, disable, and +remove the values that can be used with these fields. + +.. _edit-values-list: + +Viewing/Editing Legal Values +============================ + +Editing legal values requires ``admin`` privileges. +Select "Field Values" from the Administration page. A list of all +fields, both system and Custom, for which legal values +can be edited appears. Click a field name to edit its legal values. + +There is no limit to how many values a field can have, but each value +must be unique to that field. The sortkey is important to display these +values in the desired order. + +When the availability of the values of a custom field is controlled +by another field, you can select from here which value of the other field +must be set for the value of the custom field to appear. + +.. _edit-values-delete: + +Deleting Legal Values +===================== + +Legal values from Custom Fields can be deleted, but only if the +following two conditions are respected: + +#. The value is not set as the default for the field. + +#. No bug is currently using this value. + +If any of these conditions is not respected, the value cannot be deleted. +The only way to delete these values is to reassign bugs to another value +and to set another value as default for the field. diff --git a/docs/en/rst/administering/flags.rst b/docs/en/rst/administering/flags.rst new file mode 100644 index 000000000..0b13690a3 --- /dev/null +++ b/docs/en/rst/administering/flags.rst @@ -0,0 +1,155 @@ +.. _flags-admin: + +Flags +##### + +If you have the :group:`editcomponents` permission, you can +edit Flag Types from the main administration page. Clicking the +:guilabel:`Flags` link will bring you to the :guilabel:`Administer +Flag Types` page. Here, you can select whether you want +to create (or edit) a Bug flag or an Attachment flag. + +The two flag types have the same administration interface, and the interface +for creating a flag and editing a flag have the same set of fields. + +.. _flags-edit: + +Flag Properties +=============== + +Name + This is the name of the flag. This will be displayed + to Bugzilla users who are looking at or setting the flag. + The name may contain any valid Unicode characters except commas + and spaces. + +Description + The description describes the flag in more detail. It is visible + in a tooltip when hovering over a flag either in the :guilabel:`Show Bug` + or :guilabel:`Edit Attachment` pages. This field can be as + long as you like and can contain any character you want. + +Category + You can set a flag to be visible or not visible on any combination of + products and components. + + Default behaviour for a newly created flag is to appear on all + products and all components, which is why ``__Any__:__Any__`` + is already entered in the :guilabel:`Inclusions` box. + If this is not your desired behaviour, you must either set some + exclusions (for products on which you don't want the flag to appear), + or you must remove ``__Any__:__Any__`` from the :guilabel:`Inclusions` box + and define products/components specifically for this flag. + + To create an Inclusion, select a Product from the top drop-down box. + You may also select a specific component from the bottom drop-down box. + (Setting ``__Any__`` for Product translates to + "all the products in this Bugzilla". + Selecting ``__Any__`` in the Component field means + "all components in the selected product.") + Selections made, press :guilabel:`Include`, and your + Product/Component pairing will show up in the :guilabel:`Inclusions` box on the right. + + To create an Exclusion, the process is the same: select a Product from the + top drop-down box, select a specific component if you want one, and press + :guilabel:`Exclude`. The Product/Component pairing will show up in the + :guilabel:`Exclusions` box on the right. + + This flag *will* appear and *can* be set for any + products/components appearing in the :guilabel:`Inclusions` box + (or which fall under the appropriate ``__Any__``). + This flag *will not* appear (and therefore *cannot* be set) on + any products appearing in the :guilabel:`Exclusions` box. + *IMPORTANT: Exclusions override inclusions.* + + You may select a Product without selecting a specific Component, + but you cannot select a Component without a Product. If you do so, + Bugzilla will display an error message, even if all your products + have a component by that name. You will also see an error if you + select a Component that does not belong to the selected Product. + + *Example:* Let's say you have a product called + ``Jet Plane`` that has thousands of components. You want + to be able to ask if a problem should be fixed in the next model of + plane you release. We'll call the flag ``fixInNext``. + However, one component in ``Jet Plane`` is + called ``Pilot``, and it doesn't make sense to release a + new pilot, so you don't want to have the flag show up in that component. + So, you include ``Jet Plane:__Any__`` and you exclude + ``Jet Plane:Pilot``. + +Sort Key + Flags normally show up in alphabetical order. If you want them to + show up in a different order, you can use this key set the order on each flag. + Flags with a lower sort key will appear before flags with a higher + sort key. Flags that have the same sort key will be sorted alphabetically. + +Active + Sometimes you might want to keep old flag information in the + Bugzilla database but stop users from setting any new flags of this type. + To do this, uncheck :guilabel:`active`. Deactivated + flags will still show up in the UI if they are ``?``, ``+``, or ``-``, but + they may only be cleared (unset) and cannot be changed to a new value. + Once a deactivated flag is cleared, it will completely disappear from a + bug/attachment and cannot be set again. + +Requestable + New flags are, by default, "requestable", meaning that they + offer users the ``?`` option, as well as ``+`` + and ``-``. + To remove the ``?`` option, uncheck "requestable". + +Specifically Requestable + By default this box is checked for new flags, meaning that users may make + flag requests of specific individuals. Unchecking this box will remove the + text box next to a flag; if it is still requestable, then requests + cannot target specific users and are open to anyone (called a + request "to the wind" in Bugzilla). Removing this after specific + requests have been made will not remove those requests; that data will + stay in the database (though it will no longer appear to the user). + +Multiplicable + Any flag with :guilabel:`Multiplicable:guilabel:` set (default for new flags + is 'on') may be set more than once. After being set once, an unset flag + of the same type will appear below it with "addl." (short for + "additional") before the name. There is no limit to the number of + times a Multiplicable flags may be set on the same bug/attachment. + +CC List + If you want certain users to be notified every time this flag is + set to ``?``, ``-``, or ``+``, or is unset, add them here. This is a comma-separated + list of email addresses that need not be restricted to Bugzilla usernames. + +Grant Group + When this field is set to some given group, only users in the group + can set the flag to ``+`` and ``-``. This + field does not affect who can request or cancel the flag. For that, + see the :guilabel:`Request Group` field below. If this field + is left blank, all users can set or delete this flag. This field is + useful for restricting which users can approve or reject requests. + +Request Group + When this field is set to some given group, only users in the group + can request or cancel this flag. Note that this field has no effect + if the :guilabel:`Grant Group` field is empty. You can set the + value of this field to a different group, but both fields have to be + set to a group for this field to have an effect. + +.. _flags-delete: + +Deleting a Flag +=============== + +When you are at the :guilabel:`Administer Flag Types` screen, +you will be presented with a list of Bug flags and a list of Attachment +Flags. + +To delete a flag, click on the :guilabel:`Delete` link next to +the flag description. + +.. warning:: Once you delete a flag, it is *gone* from + your Bugzilla. All the data for that flag will be deleted. + Everywhere that flag was set, it will disappear, + and you cannot get that data back. If you want to keep flag data, + but don't want anybody to set any new flags or change current flags, + unset :guilabel:`active` in the flag Edit form. diff --git a/docs/en/rst/administering/groups.rst b/docs/en/rst/administering/groups.rst new file mode 100644 index 000000000..a14bb689e --- /dev/null +++ b/docs/en/rst/administering/groups.rst @@ -0,0 +1,191 @@ +.. _groups: + +Groups and Security +################### + +Groups allow for separating bugs into logical divisions. +Groups are typically used +to isolate bugs that should only be seen by certain people. For +example, a company might create a different group for each one of its customers +or partners. Group permissions could be set so that each partner or customer would +only have access to their own bugs. Or, groups might be used to create +variable access controls for different departments within an organization. +Another common use of groups is to associate groups with products, +creating isolation and access control on a per-product basis. + +Groups and group behaviors are controlled in several places: + +#. The group configuration page. To view or edit existing groups, or to + create new groups, access the "Groups" link from the "Administration" + page. This section of the manual deals primarily with the aspect of + group controls accessed on this page. + +#. Global configuration parameters. Bugzilla has several parameters + that control the overall default group behavior and restriction + levels. For more information on the parameters that control + group behavior globally, see :ref:`param-group-security`. + +#. Product association with groups. Most of the functionality of groups + and group security is controlled at the product level. Some aspects + of group access controls for products are discussed in this section, + but for more detail see :ref:`product-group-controls`. + +#. Group access for users. See :ref:`users-and-groups` for + details on how users are assigned group access. + +Group permissions are such that if a bug belongs to a group, only members +of that group can see the bug. If a bug is in more than one group, only +members of *all* the groups that the bug is in can see +the bug. For information on granting read-only access to certain people and +full edit access to others, see :ref:`product-group-controls`. + +.. note:: By default, bugs can also be seen by the Assignee, the Reporter, and + everyone on the CC List, regardless of whether or not the bug would + typically be viewable by them. Visibility to the Reporter and CC List can + be overridden (on a per-bug basis) by bringing up the bug, finding the + section that starts with ``Users in the roles selected below...`` + and un-checking the box next to either 'Reporter' or 'CC List' (or both). + +.. _create-groups: + +Creating Groups +=============== + +To create a new group, follow the steps below: + +#. Select the ``Administration`` link in the page footer, + and then select the ``Groups`` link from the + Administration page. + +#. A table of all the existing groups is displayed. Below the table is a + description of all the fields. To create a new group, select the + ``Add Group`` link under the table of existing groups. + +#. There are five fields to fill out. These fields are documented below + the form. Choose a name and description for the group. Decide whether + this group should be used for bugs (in all likelihood this should be + selected). Optionally, choose a regular expression that will + automatically add any matching users to the group, and choose an + icon that will help identify user comments for the group. The regular + expression can be useful, for example, to automatically put all users + from the same company into one group (if the group is for a specific + customer or partner). + + .. note:: If ``User RegExp`` is filled out, users whose email + addresses match the regular expression will automatically be + members of the group as long as their email addresses continue + to match the regular expression. If their email address changes + and no longer matches the regular expression, they will be removed + from the group. Versions 2.16 and older of Bugzilla did not automatically + remove users whose email addresses no longer matched the RegExp. + + .. warning:: If specifying a domain in the regular expression, end + the regexp with a "$". Otherwise, when granting access to + "@mycompany\\.com", access will also be granted to + 'badperson@mycompany.com.cracker.net'. Use the syntax, + '@mycompany\\.com$' for the regular expression. + +#. After the new group is created, it can be edited for additional options. + The "Edit Group" page allows for specifying other groups that should be included + in this group and which groups should be permitted to add and delete + users from this group. For more details, see :ref:`edit-groups`. + +.. _edit-groups: + +Editing Groups and Assigning Group Permissions +============================================== + +To access the "Edit Groups" page, select the +``Administration`` link in the page footer, +and then select the ``Groups`` link from the Administration page. +A table of all the existing groups is displayed. Click on a group name +you wish to edit or control permissions for. + +The "Edit Groups" page contains the same five fields present when +creating a new group. Below that are two additional sections, "Group +Permissions" and "Mass Remove". The "Mass Remove" option simply removes +all users from the group who match the regular expression entered. The +"Group Permissions" section requires further explanation. + +The "Group Permissions" section on the "Edit Groups" page contains four sets +of permissions that control the relationship of this group to other +groups. If the :param:`usevisibilitygroups` parameter is in use (see +:ref:`parameters`) two additional sets of permissions are displayed. +Each set consists of two select boxes. On the left, a select box +with a list of all existing groups. On the right, a select box listing +all groups currently selected for this permission setting (this box will +be empty for new groups). The way these controls allow groups to relate +to one another is called *inheritance*. +Each of the six permissions is described below. + +*Groups That Are a Member of This Group* + Members of any groups selected here will automatically have + membership in this group. In other words, members of any selected + group will inherit membership in this group. + +*Groups That This Group Is a Member Of* + Members of this group will inherit membership to any group + selected here. For example, suppose the group being edited is + an Admin group. If there are two products (Product1 and Product2) + and each product has its + own group (Group1 and Group2), and the Admin group + should have access to both products, + simply select both Group1 and Group2 here. + +*Groups That Can Grant Membership in This Group* + The members of any group selected here will be able add users + to this group, even if they themselves are not in this group. + +*Groups That This Group Can Grant Membership In* + Members of this group can add users to any group selected here, + even if they themselves are not in the selected groups. + +*Groups That Can See This Group* + Members of any selected group can see the users in this group. + This setting is only visible if the :param:`usevisibilitygroups` parameter + is enabled on the Bugzilla Configuration page. See + :ref:`parameters` for information on configuring Bugzilla. + +*Groups That This Group Can See* + Members of this group can see members in any of the selected groups. + This setting is only visible if the :param:`usevisibilitygroups` parameter + is enabled on the the Bugzilla Configuration page. See + :ref:`parameters` for information on configuring Bugzilla. + +.. _users-and-groups: + +Assigning Users to Groups +========================= + +A User can become a member of a group in several ways: + +#. The user can be explicitly placed in the group by editing + the user's profile. This can be done by accessing the "Users" page + from the "Administration" page. Use the search form to find the user + you want to edit group membership for, and click on their email + address in the search results to edit their profile. The profile + page lists all the groups and indicates if the user is a member of + the group either directly or indirectly. More information on indirect + group membership is below. For more details on User Administration, + see :ref:`users`. + +#. The group can include another group of which the user is + a member. This is indicated by square brackets around the checkbox + next to the group name in the user's profile. + See :ref:`edit-groups` for details on group inheritance. + +#. The user's email address can match the regular expression + that has been specified to automatically grant membership to + the group. This is indicated by "\*" around the check box by the + group name in the user's profile. + See :ref:`create-groups` for details on + the regular expression option when creating groups. + +Assigning Group Controls to Products +==================================== + +The primary functionality of groups is derived from the relationship of +groups to products. The concepts around segregating access to bugs with +product group controls can be confusing. For details and examples on this +topic, see :ref:`product-group-controls`. + diff --git a/docs/en/rst/administering/index.rst b/docs/en/rst/administering/index.rst new file mode 100644 index 000000000..c47819323 --- /dev/null +++ b/docs/en/rst/administering/index.rst @@ -0,0 +1,26 @@ +.. _administering: + +==================== +Administration Guide +==================== + +For those with :group:`admin` privileges, Bugzilla can be administered using +the :guilabel:`Administration` link in the header. The administrative +controls are divided into several sections: + +.. toctree:: + :maxdepth: 2 + + parameters + preferences + users + categorization + flags + custom-fields + field-values + workflow + groups + keywords + whining + quips + extensions diff --git a/docs/en/rst/administering/keywords.rst b/docs/en/rst/administering/keywords.rst new file mode 100644 index 000000000..245bcbe4c --- /dev/null +++ b/docs/en/rst/administering/keywords.rst @@ -0,0 +1,16 @@ +.. _keywords: + +Keywords +######## + +The administrator can define keywords which can be used to tag and +categorise bugs. For example, the keyword "regression" is commonly used. +A company might have a policy stating all regressions +must be fixed by the next release—this keyword can make tracking those +bugs much easier. Keywords are global, rather than per product. + +Keywords can be created, edited, or deleted by clicking the "Keywords" +link in the admin page. There are two fields for each keyword—the keyword +itself and a brief description. Currently keywords cannot be marked obsolete +to prevent future usage. + diff --git a/docs/en/rst/administering/parameters.rst b/docs/en/rst/administering/parameters.rst new file mode 100644 index 000000000..7f376bbf2 --- /dev/null +++ b/docs/en/rst/administering/parameters.rst @@ -0,0 +1,794 @@ +.. _parameters: + +Parameters +########## + +Bugzilla is configured by changing various parameters, accessed +from the :guilabel:`Parameters` link, which is found on the Administration +page. The parameters are divided into several categories, +accessed via the menu on the left. + +.. _param-required-settings: + +Required Settings +================= + +The core required parameters for any Bugzilla installation are set +here. :param:`urlbase` is always required; the other parameters should be +set, or it must be explicitly decided not to +set them, before the new Bugzilla installation starts to be used. + +urlbase + Defines the fully qualified domain name and web + server path to this Bugzilla installation. + For example, if the Bugzilla query page is + :file:`http://www.foo.com/bugzilla/query.cgi`, + the :param:`urlbase` should be set + to :paramval:`http://www.foo.com/bugzilla/`. + +ssl_redirect + If enabled, Bugzilla will force HTTPS (SSL) connections, by + automatically redirecting any users who try to use a non-SSL + connection. Also, when this is enabled, Bugzilla will send out links + using :param:`sslbase` in emails instead of :param:`urlbase`. + +sslbase + Defines the fully qualified domain name and web + server path for HTTPS (SSL) connections to this Bugzilla installation. + For example, if the Bugzilla main page is + :file:`https://www.foo.com/bugzilla/index.cgi`, + the :param:`sslbase` should be set + to :paramval:`https://www.foo.com/bugzilla/`. + +cookiepath + Defines a path, relative to the web document root, that Bugzilla + cookies will be restricted to. For example, if the + :param:`urlbase` is set to + :file:`http://www.foo.com/bugzilla/`, the + :param:`cookiepath` should be set to + :paramval:`/bugzilla/`. Setting it to :paramval:`/` will allow all sites + served by this web server or virtual host to read Bugzilla cookies. + +.. _param-general: + +General +======= + +maintainer + Email address of the person + responsible for maintaining this Bugzilla installation. + The address need not be that of a valid Bugzilla account. + +utf8 + Use UTF-8 (Unicode) encoding for all text in Bugzilla. Installations where + this parameter is set to :paramval:`off` should set it to :paramval:`on` only + after the data has been converted from existing legacy character + encodings to UTF-8, using the + :file:`contrib/recode.pl` script. + + .. note:: If you turn this parameter from :paramval:`off` to :paramval:`on`, + you must re-run :file:`checksetup.pl` immediately afterward. + +shutdownhtml + If there is any text in this field, this Bugzilla installation will + be completely disabled and this text will appear instead of all + Bugzilla pages for all users, including Admins. Used in the event + of site maintenance or outage situations. + +announcehtml + Any text in this field will be displayed at the top of every HTML + page in this Bugzilla installation. The text is not wrapped in any + tags. For best results, wrap the text in a ``<div>`` + tag. Any style attributes from the CSS can be applied. For example, + to make the text green inside of a red box, add ``id=message`` + to the ``<div>`` tag. + +upgrade_notification + Enable or disable a notification on the homepage of this Bugzilla + installation when a newer version of Bugzilla is available. This + notification is only visible to administrators. Choose :paramval:`disabled` + to turn off the notification. Otherwise, choose which version of + Bugzilla you want to be notified about: :paramval:`development_snapshot` is the + latest release from the master branch, :paramval:`latest_stable_release` is the most + recent release available on the most recent stable branch, and + :paramval:`stable_branch_release` is the most recent release on the branch + this installation is based on. + +.. _param-administrative-policies: + +Administrative Policies +======================= + +This page contains parameters for basic administrative functions. +Options include whether to allow the deletion of bugs and users, +and whether to allow users to change their email address. + +allowbugdeletion + The pages to edit products and components can delete all associated bugs when you delete a product (or component). Since that is a pretty scary idea, you have to turn on this option before any such deletions will ever happen. + +allowemailchange + Users can change their own email address through the preferences. Note that the change is validated by emailing both addresses, so switching this option on will not let users use an invalid address. + +allowuserdeletion + The user editing pages are capable of letting you delete user accounts. Bugzilla will issue a warning in case you'd run into inconsistencies when you're about to do so, but such deletions still remain scary. So, you have to turn on this option before any such deletions will ever happen. + +last_visit_keep_days + This option controls how many days Bugzilla will remember that users have visited specific bugs. + +.. _param-user-authentication: + +User Authentication +=================== + +This page contains the settings that control how this Bugzilla +installation will do its authentication. Choose what authentication +mechanism to use (the Bugzilla database, or an external source such +as LDAP), and set basic behavioral parameters. For example, choose +whether to require users to login to browse bugs, the management +of authentication cookies, and the regular expression used to +validate email addresses. Some parameters are highlighted below. + +auth_env_id + Environment variable used by external authentication system to store a unique identifier for each user. Leave it blank if there isn't one or if this method of authentication is not being used. + +auth_env_email + Environment variable used by external authentication system to store each user's email address. This is a required field for environmental authentication. Leave it blank if you are not going to use this feature. + +auth_env_realname + Environment variable used by external authentication system to store the user's real name. Leave it blank if there isn't one or if this method of authentication is not being used. + +user_info_class + Mechanism(s) to be used for gathering a user's login information. More than one may be selected. If the first one returns nothing, the second is tried, and so on. The types are: + + * :paramval:`CGI`: asks for username and password via CGI form interface. + * :paramval:`Env`: info for a pre-authenticated user is passed in system environment variables. + +user_verify_class + Mechanism(s) to be used for verifying (authenticating) information gathered by user_info_class. More than one may be selected. If the first one cannot find the user, the second is tried, and so on. The types are: + + * :paramval:`DB`: Bugzilla's built-in authentication. This is the most common choice. + * :paramval:`RADIUS`: RADIUS authentication using a RADIUS server. Using this method requires additional parameters to be set. Please see :ref:`param-radius` for more information. + * :paramval:`LDAP`: LDAP authentication using an LDAP server. Using this method requires additional parameters to be set. Please see :ref:`param-ldap` for more information. + +rememberlogin + Controls management of session cookies. + + * :paramval:`on` - Session cookies never expire (the user has to login only once per browser). + * :paramval:`off` - Session cookies last until the users session ends (the user will have to login in each new browser session). + * :paramval:`defaulton`/:paramval:`defaultoff` - Default behavior as described above, but user can choose whether Bugzilla will remember their login or not. + +requirelogin + If this option is set, all access to the system beyond the front page will require a login. No anonymous users will be permitted. + +webservice_email_filter + Filter email addresses returned by the WebService API depending on if the user is logged in or not. This works similarly to how the web UI currently filters email addresses. If requirelogin is enabled, then this parameter has no effect as users must be logged in to use Bugzilla anyway. + +emailregexp + Defines the regular expression used to validate email addresses + used for login names. The default attempts to match fully + qualified email addresses (i.e. 'user\@example.com') in a slightly + more restrictive way than what is allowed in RFC 2822. + Another popular value to put here is :paramval:`^[^@]+`, which means 'local usernames, no @ allowed.' + +emailregexpdesc + This description is shown to the user to explain which email addresses are allowed by the :param:`emailregexp` param. + +emailsuffix + This is a string to append to any email addresses when actually sending mail to that address. It is useful if you have changed the :param:`emailregexp` param to only allow local usernames, but you want the mail to be delivered to username\@my.local.hostname. + +createemailregexp + This defines the (case-insensitive) regexp to use for email addresses that are permitted to self-register. The default (:paramval:`.*`) permits any account matching the emailregexp to be created. If this parameter is left blank, no users will be permitted to create their own accounts and all accounts will have to be created by an administrator. + +password_complexity + Set the complexity required for passwords. In all cases must the passwords be at least 6 characters long. + + * :paramval:`no_constraints` - No complexity required. + * :paramval:`mixed_letters` - Passwords must contain at least one UPPER and one lower case letter. + * :paramval:`letters_numbers` - Passwords must contain at least one UPPER and one lower case letter and a number. + * :paramval:`letters_numbers_specialchars` - Passwords must contain at least one letter, a number and a special character. + +password_check_on_login + If set, Bugzilla will check that the password meets the current complexity rules and minimum length requirements when the user logs into the Bugzilla web interface. If it doesn't, the user would not be able to log in, and will receive a message to reset their password. + +.. _param-attachments: + +Attachments +=========== + +This page allows for setting restrictions and other parameters +regarding attachments to bugs. For example, control size limitations +and whether to allow pointing to external files via a URI. + +allow_attachment_display + If this option is on, users will be able to view attachments from their browser, if their browser supports the attachment's MIME type. If this option is off, users are forced to download attachments, even if the browser is able to display them. + + If you do not trust your users (e.g. if your Bugzilla is public), you should either leave this option off, or configure and set the :param:`attachment_base` parameter (see below). Untrusted users may upload attachments that could be potentially damaging if viewed directly in the browser. + +attachment_base + When the :param:`allow_attachment_display` parameter is on, it is possible for a malicious attachment to steal your cookies or perform an attack on Bugzilla using your credentials. + + If you would like additional security on attachments to avoid this, set this parameter to an alternate URL for your Bugzilla that is not the same as :param:`urlbase` or :param:`sslbase`. That is, a different domain name that resolves to this exact same Bugzilla installation. + + Note that if you have set the :param:`cookiedomain` parameter, you should set :param:`attachment_base` to use a domain that would not be matched by :param:`cookiedomain`. + + For added security, you can insert ``%bugid%`` into the URL, which will be replaced with the ID of the current bug that the attachment is on, when you access an attachment. This will limit attachments to accessing only other attachments on the same bug. Remember, though, that all those possible domain names (such as 1234.your.domain.com) must point to this same Bugzilla instance. To set this up you need to investigate wildcard DNS. + +allow_attachment_deletion + If this option is on, administrators will be able to delete the contents + of attachments (i.e. replace the attached file with a 0 byte file), + leaving only the metadata. + +maxattachmentsize + The maximum size (in kilobytes) of attachments to be stored in the database. If a file larger than this size is attached to a bug, Bugzilla will look at the :param:`maxlocalattachment` parameter to determine if the file can be stored locally on the web server. If the file size exceeds both limits, then the attachment is rejected. Setting both parameters to 0 will prevent attaching files to bugs. + + Some databases have default limits which prevent storing larger attachments in the database. E.g. MySQL has a parameter called `max_allowed_packet <http://dev.mysql.com/doc/refman/5.1/en/packet-too-large.html>`_, whose default varies by distribution. Setting :param:`maxattachmentsize` higher than your current setting for this value will produce an error. + +maxlocalattachment + The maximum size (in megabytes) of attachments to be stored locally on the web server. If set to a value lower than the :param:`maxattachmentsize` parameter, attachments will never be kept on the local filesystem. + + Whether you use this feature or not depends on your environment. Reasons to store some or all attachments as files might include poor database performance for large binary blobs, ease of backup/restore/browsing, or even filesystem-level deduplication support. However, you need to be aware of any limits on how much data your webserver environment can store. If in doubt, leave the value at 0. + + Note that changing this value does not affect any already-submitted attachments. + +.. _param-bug-change-policies: + +Bug Change Policies +=================== + +Set policy on default behavior for bug change events. For example, +choose which status to set a bug to when it is marked as a duplicate, +and choose whether to allow bug reporters to set the priority or +target milestone. Also allows for configuration of what changes +should require the user to make a comment, described below. + +duplicate_or_move_bug_status + When a bug is marked as a duplicate of another one, use this bug status. + +letsubmitterchoosepriority + If this is on, then people submitting bugs can choose an initial priority for that bug. If off, then all bugs initially have the default priority selected here. + +letsubmitterchoosemilestone + If this is on, then people submitting bugs can choose the Target Milestone for that bug. If off, then all bugs initially have the default milestone for the product being filed in. + +musthavemilestoneonaccept + If you are using Target Milestone, do you want to require that the milestone be set in order for a user to set a bug's status to IN_PROGRESS? + +commenton* + All these fields allow you to dictate what changes can pass + without comment and which must have a comment from the + person who changed them. Often, administrators will allow + users to add themselves to the CC list, accept bugs, or + change the Status Whiteboard without adding a comment as to + their reasons for the change, yet require that most other + changes come with an explanation. + Set the "commenton" options according to your site policy. It + is a wise idea to require comments when users resolve, reassign, or + reopen bugs at the very least. + + .. note:: It is generally far better to require a developer comment + when resolving bugs than not. Few things are more annoying to bug + database users than having a developer mark a bug "fixed" without + any comment as to what the fix was (or even that it was truly + fixed!) + +noresolveonopenblockers + This option will prevent users from resolving bugs as FIXED if + they have unresolved dependencies. Only the FIXED resolution + is affected. Users will be still able to resolve bugs to + resolutions other than FIXED if they have unresolved dependent + bugs. + +.. _param-bugfields: + +Bug Fields +========== + +The parameters in this section determine the default settings of +several Bugzilla fields for new bugs and whether +certain fields are used. For example, choose whether to use the +:field:`Target Milestone` field or the :field:`Status Whiteboard` field. + +useclassification + If this is on, Bugzilla will associate each product with a specific + classification. But you must have :group:`editclassification` permissions + enabled in order to edit classifications. + +usetargetmilestone + Do you wish to use the :field:`Target Milestone` field? + +useqacontact + This allows you to define an email address for each component, + in addition to that of the default assignee, that will be sent + carbon copies of incoming bugs. + +usestatuswhiteboard + This defines whether you wish to have a free-form, overwritable field + associated with each bug. The advantage of the :field:`Status Whiteboard` + is that it can be deleted or modified with ease and provides an + easily searchable field for indexing bugs that have some trait in + common. + +use_see_also + Do you wish to use the :field:`See Also` field? It allows you mark bugs + in other bug tracker installations as being related. Disabling this field + prevents addition of new relationships, but existing ones will continue to + appear. + +defaultpriority + This is the priority that newly entered bugs are set to. + +defaultseverity + This is the severity that newly entered bugs are set to. + +defaultplatform + This is the platform that is preselected on the bug entry form. + You can leave this empty; Bugzilla will then use the platform that the + browser is running on as the default. + +defaultopsys + This is the operating system that is preselected on the bug entry form. + You can leave this empty; Bugzilla will then use the operating system + that the browser reports to be running on as the default. + +collapsed_comment_tags + A comma-separated list of tags which, when applied to comments, will + cause them to be collapsed by default. + +.. _param-dependency-graphs: + +Graphs +====== + +Bugzilla can draw graphs of bug-dependency relationships, using a tool called +:file:`dot` (from the `GraphViz project <http://graphviz.org/>`_) or a web +service called Web Dot. This page allows you to set the location of the binary +or service. If no Web Dot server or binary is specified, then dependency +graphs will be disabled. + +webdotbase + You may set this parameter to any of the following: + + * A complete file path to :command:`dot` (part of GraphViz), which will + generate the graphs locally. + * A URL prefix pointing to an installation of the Web Dot package, which + will generate the graphs remotely. + * A blank value, which will disable dependency graphing. + + The default value is blank. We recommend using a local install of + :file:`dot`. If you change this value to a web service, make certain that + the Web Dot server can read files from your Web Dot directory. On Apache + you do this by editing the :file:`.htaccess` file; for other systems the + needed measures may vary. You can run :command:`checksetup.pl` to + recreate the :file:`.htaccess` file if it has been lost. + +font_file + You can specify the full path to a TrueType font file which will be used + to display text (labels, legends, ...) in charts and graphical reports. + To support as many languages as possible, we recommend to specify a + TrueType font such as Unifont which supports all printable characters in + the Basic Multilingual Plane. If you leave this parameter empty, a default + font will be used, but its support is limited to English characters only + and so other characters will be displayed incorrectly. + +.. _param-group-security: + +Group Security +============== + +Bugzilla allows for the creation of different groups, with the +ability to restrict the visibility of bugs in a group to a set of +specific users. Specific products can also be associated with +groups, and users restricted to only see products in their groups. +Several parameters are described in more detail below. Most of the +configuration of groups and their relationship to products is done +on the :guilabel:`Groups` and :guilabel:`Product` pages of the +:guilabel:`Administration` area. +The options on this page control global default behavior. +For more information on Groups and Group Security, see +:ref:`groups`. + +makeproductgroups + Determines whether or not to automatically create groups + when new products are created. If this is on, the groups will be + used for querying bugs. + + .. todo:: This is spectacularly unclear. I have no idea what makeproductgroups + does - can someone explain it to me? Convert this item into a bug on checkin. + +chartgroup + The name of the group of users who can use the 'New Charts' feature. Administrators should ensure that the public categories and series definitions do not divulge confidential information before enabling this for an untrusted population. If left blank, no users will be able to use New Charts. + +insidergroup + The name of the group of users who can see/change private comments and attachments. + +timetrackinggroup + The name of the group of users who can see/change time tracking information. + +querysharegroup + The name of the group of users who are allowed to share saved + searches with one another. For more information on using + saved searches, see :ref:`saved-searches`. + +comment_taggers_group + The name of the group of users who can tag comments. Setting this to empty disables comment tagging. + +debug_group + The name of the group of users who can view the actual SQL query generated when viewing bug lists and reports. Do not expose this information to untrusted users. + +usevisibilitygroups + If selected, user visibility will be restricted to members of + groups, as selected in the group configuration settings. + Each user-defined group can be allowed to see members of selected + other groups. + For details on configuring groups (including the visibility + restrictions) see :ref:`edit-groups`. + +or_groups + Define the visibility of a bug which is in multiple groups. If + this is on (recommended), a user only needs to be a member of one + of the bug's groups in order to view it. If it is off, a user + needs to be a member of all the bug's groups. Note that in either + case, a user's role on the bug (e.g. reporter), if any, may also + affect their permissions. + +.. _param-ldap: + +LDAP +==== + +LDAP authentication is a module for Bugzilla's plugin +authentication architecture. This page contains all the parameters +necessary to configure Bugzilla for use with LDAP authentication. + +The existing authentication +scheme for Bugzilla uses email addresses as the primary user ID and a +password to authenticate that user. All places within Bugzilla that +require a user ID (e.g assigning a bug) use the email +address. The LDAP authentication builds on top of this scheme, rather +than replacing it. The initial log-in is done with a username and +password for the LDAP directory. Bugzilla tries to bind to LDAP using +those credentials and, if successful, tries to map this account to a +Bugzilla account. If an LDAP mail attribute is defined, the value of this +attribute is used; otherwise, the :param:`emailsuffix` parameter is appended to +the LDAP username to form a full email address. If an account for this address +already exists in the Bugzilla installation, it will log in to that account. +If no account for that email address exists, one is created at the time +of login. (In this case, Bugzilla will attempt to use the "displayName" +or "cn" attribute to determine the user's full name.) After +authentication, all other user-related tasks are still handled by email +address, not LDAP username. For example, bugs are still assigned by +email address and users are still queried by email address. + +.. warning:: Because the Bugzilla account is not created until the first time + a user logs in, a user who has not yet logged is unknown to Bugzilla. + This means they cannot be used as an assignee or QA contact (default or + otherwise), added to any CC list, or any other such operation. One + possible workaround is the :file:`bugzilla_ldapsync.rb` + script in the :file:`contrib` + directory. Another possible solution is fixing :bug:`201069`. + +Parameters required to use LDAP Authentication: + +user_verify_class (in the Authentication section) + If you want to list :paramval:`LDAP` here, + make sure to have set up the other parameters listed below. + Unless you have other (working) authentication methods listed as + well, you may otherwise not be able to log back in to Bugzilla once + you log out. + If this happens to you, you will need to manually edit + :file:`data/params.json` and set :param:`user_verify_class` to + :paramval:`DB`. + +LDAPserver + This parameter should be set to the name (and optionally the + port) of your LDAP server. If no port is specified, it assumes + the default LDAP port of 389. + For example: :paramval:`ldap.company.com` + or :paramval:`ldap.company.com:3268` + You can also specify a LDAP URI, so as to use other + protocols, such as LDAPS or LDAPI. If the port was not specified in + the URI, the default is either 389 or 636 for 'LDAP' and 'LDAPS' + schemes respectively. + + .. note:: In order to use SSL with LDAP, specify a URI with "ldaps://". + This will force the use of SSL over port 636. + For example, normal LDAP :paramval:`ldap://ldap.company.com`, LDAP over + SSL :paramval:`ldaps://ldap.company.com`, or LDAP over a UNIX + domain socket :paramval:`ldapi://%2fvar%2flib%2fldap_sock`. + +LDAPstarttls + Whether to require encrypted communication once a normal LDAP connection + is achieved with the server. + +LDAPbinddn [Optional] + Some LDAP servers will not allow an anonymous bind to search + the directory. If this is the case with your configuration you + should set the :param:`LDAPbinddn` parameter to the user account Bugzilla + should use instead of the anonymous bind. + Ex. :paramval:`cn=default,cn=user:password` + +LDAPBaseDN + The location in + your LDAP tree that you would like to search for email addresses. + Your uids should be unique under the DN specified here. + Ex. :paramval:`ou=People,o=Company` + +LDAPuidattribute + The attribute + which contains the unique UID of your users. The value retrieved + from this attribute will be used when attempting to bind as the + user to confirm their password. + Ex. :paramval:`uid` + +LDAPmailattribute + The name of the + attribute which contains the email address your users will enter + into the Bugzilla login boxes. + Ex. :paramval:`mail` + +LDAPfilter + LDAP filter to AND with the LDAPuidattribute for filtering the list of + valid users. + +.. _param-radius: + +RADIUS +====== + +RADIUS authentication is a module for Bugzilla's plugin +authentication architecture. This page contains all the parameters +necessary for configuring Bugzilla to use RADIUS authentication. + +.. note:: Most caveats that apply to LDAP authentication apply to RADIUS + authentication as well. See :ref:`param-ldap` for details. + +Parameters required to use RADIUS Authentication: + +user_verify_class (in the Authentication section) + If you want to list :paramval:`RADIUS` here, + make sure to have set up the other parameters listed below. + Unless you have other (working) authentication methods listed as + well, you may otherwise not be able to log back in to Bugzilla once + you log out. + If this happens to you, you will need to manually edit + :file:`data/params.json` and set :param:`user_verify_class` to + :paramval:`DB`. + +RADIUS_server + The name (and optionally the port) of your RADIUS server. + +RADIUS_secret + The RADIUS server's secret. + +RADIUS_NAS_IP + The NAS-IP-Address attribute to be used when exchanging data with your + RADIUS server. If unspecified, 127.0.0.1 will be used. + +RADIUS_email_suffix + Bugzilla needs an email address for each user account. + Therefore, it needs to determine the email address corresponding + to a RADIUS user. + Bugzilla offers only a simple way to do this: it can concatenate + a suffix to the RADIUS user name to convert it into an email + address. + You can specify this suffix in the :param:`RADIUS_email_suffix` parameter. + If this simple solution does not work for you, you'll + probably need to modify + :file:`Bugzilla/Auth/Verify/RADIUS.pm` to match your + requirements. + +.. _param-email: + +Email +===== + +This page contains all of the parameters for configuring how +Bugzilla deals with the email notifications it sends. See below +for a summary of important options. + +mail_delivery_method + This is used to specify how email is sent, or if it is sent at + all. There are several options included for different MTAs, + along with two additional options that disable email sending. + :paramval:`Test` does not send mail, but instead saves it in + :file:`data/mailer.testfile` for later review. + :paramval:`None` disables email sending entirely. + +mailfrom + This is the email address that will appear in the "From" field + of all emails sent by this Bugzilla installation. Some email + servers require mail to be from a valid email address; therefore, + it is recommended to choose a valid email address here. + +use_mailer_queue + In a large Bugzilla installation, updating bugs can be very slow because Bugzilla sends all email at once. If you enable this parameter, Bugzilla will queue all mail and then send it in the background. This requires that you have installed certain Perl modules (as listed by :file:`checksetup.pl` for this feature), and that you are running the :file:`jobqueue.pl` daemon (otherwise your mail won't get sent). This affects all mail sent by Bugzilla, not just bug updates. + +smtpserver + The SMTP server address, if the :param:`mail_delivery_method` + parameter is set to :paramval:`SMTP`. Use :paramval:`localhost` if you have a local MTA + running; otherwise, use a remote SMTP server. Append ":" and the port + number if a non-default port is needed. + +smtp_username + Username to use for SASL authentication to the SMTP server. Leave + this parameter empty if your server does not require authentication. + +smtp_password + Password to use for SASL authentication to the SMTP server. This + parameter will be ignored if the :param:`smtp_username` + parameter is left empty. + +smtp_ssl + Enable SSL support for connection to the SMTP server. + +smtp_debug + This parameter allows you to enable detailed debugging output. + Log messages are printed the web server's error log. + +whinedays + Set this to the number of days you want to let bugs go + in the CONFIRMED state before notifying people they have + untouched new bugs. If you do not plan to use this feature, simply + do not set up the :ref:`whining cron job <installation-whining>` described + in the installation instructions, or set this value to "0" (never whine). + +globalwatchers + This allows you to define specific users who will + receive notification each time any new bug in entered, or when + any existing bug changes, subject to the normal groupset + permissions. It may be useful for sending notifications to a + mailing list, for instance. + +.. _param-querydefaults: + +Query Defaults +============== + +This page controls the default behavior of Bugzilla in regards to +several aspects of querying bugs. Options include what the default +query options are, what the "My Bugs" page returns, whether users +can freely add bugs to the quip list, and how many duplicate bugs are +needed to add a bug to the "most frequently reported" list. + +quip_list_entry_control + Controls how easily users can add entries to the quip list. + + * :paramval:`open` - Users may freely add to the quip list, and their entries will immediately be available for viewing. + * :paramval:`moderated` - Quips can be entered but need to be approved by a moderator before they will be shown. + * :paramval:`closed` - No new additions to the quips list are allowed. + +mybugstemplate + This is the URL to use to bring up a simple 'all of my bugs' list + for a user. %userid% will get replaced with the login name of a + user. Special characters must be URL encoded. + +defaultquery + This is the default query that initially comes up when you access + the advanced query page. It's in URL-parameter format. + +search_allow_no_criteria + When turned off, a query must have some criteria specified to limit the number of bugs returned to the user. When turned on, a user is allowed to run a query with no criteria and get all bugs in the entire installation that they can see. Turning this parameter on is not recommended on large installations. + +default_search_limit + By default, Bugzilla limits searches done in the web interface to returning only this many results, for performance reasons. (This only affects the HTML format of search results—CSV, XML, and other formats are exempted.) Users can click a link on the search result page to see all the results. + + Usually you should not have to change this—the default value should be acceptable for most installations. + +max_search_results + The maximum number of bugs that a search can ever return. Tabular and graphical reports are exempted from this limit, however. + + + +.. _param-shadowdatabase: + +Shadow Database +=============== + +This page controls whether a shadow database is used. If your Bugzilla is +not large, you will not need these options. + +A standard large database setup involves a single master server and a pool of +read-only slaves (which Bugzilla calls the "shadowdb"). Queries which are not +updating data can be directed to the slave pool, removing the load/locking +from the master, freeing it up to handle writes. Bugzilla will switch to the +shadowdb when it knows it doesn't need to update the database (e.g. when +searching, or displaying a bug to a not-logged-in user). + +Bugzilla does not make sure the shadowdb is kept up to date, so, if you use +one, you will need to set up replication in your database server. + +If your shadowdb is on a different machine, specify :param:`shadowdbhost` +and :param:`shadowdbport`. If it's on the same machine, specify +:param:`shadowdbsock`. + +shadowdbhost + The host the shadow database is on. + +shadowdbport + The port the shadow database is on. + +shadowdbsock + The socket used to connect to the shadow database, if the host is the + local machine. + +shadowdb + The database name of the shadow database. + +.. _admin-memcached: + +Memcached +========= + +memcached_servers + If this option is set, Bugzilla will integrate with `Memcached + <http://www.memcached.org/>`_. Specify one or more servers, separated by + spaces, using hostname:port notation (for example: + :paramval:`127.0.0.1:11211`). + +memcached_namespace + Specify a string to prefix each key on Memcached. + +.. _admin-usermatching: + +User Matching +============= + +The settings on this page control how users are selected and queried +when adding a user to a bug. For example, users need to be selected +when assigning the bug, adding to the CC list, or +selecting a QA contact. With the :param:`usemenuforusers` parameter, it is +possible to configure Bugzilla to +display a list of users in the fields instead of an empty text field. +If users are selected via a text box, this page also +contains parameters for how user names can be queried and matched +when entered. + +usemenuforusers + If this option is set, Bugzilla will offer you a list to select from (instead of a text entry field) where a user needs to be selected. This option should not be enabled on sites where there are a large number of users. + +ajax_user_autocompletion + If this option is set, typing characters in a certain user fields + will display a list of matches that can be selected from. It is + recommended to only turn this on if you are using mod_perl; + otherwise, the response will be irritatingly slow. + +maxusermatches + Provide no more than this many matches when a user is searched for. + If set to '1', no users will be displayed on ambiguous + matches. This is useful for user-privacy purposes. A value of zero + means no limit. + +confirmuniqueusermatch + Whether a confirmation screen should be displayed when only one user matches a search entry. + +.. _admin-advanced: + +Advanced +======== + +cookiedomain + Defines the domain for Bugzilla cookies. This is typically left blank. + If there are multiple hostnames that point to the same webserver, which + require the same cookie, then this parameter can be utilized. For + example, If your website is at + ``https://bugzilla.example.com/``, setting this to + :paramval:`.example.com/` will also allow + ``attachments.example.com/`` to access Bugzilla cookies. + +inbound_proxies + When inbound traffic to Bugzilla goes through a proxy, Bugzilla thinks that the IP address of the proxy is the IP address of every single user. If you enter a comma-separated list of IPs in this parameter, then Bugzilla will trust any ``X-Forwarded-For`` header sent from those IPs, and use the value of that header as the end user's IP address. + +proxy_url + If this Bugzilla installation is behind a proxy, enter the proxy + information here to enable Bugzilla to access the Internet. Bugzilla + requires Internet access to utilize the + :param:`upgrade_notification` parameter. If the + proxy requires authentication, use the syntax: + :paramval:`http://user:pass@proxy_url/`. + +strict_transport_security + Enables the sending of the Strict-Transport-Security header along with HTTP responses on SSL connections. This adds greater security to your SSL connections by forcing the browser to always access your domain over SSL and never accept an invalid certificate. However, it should only be used if you have the :param:`ssl_redirect` parameter turned on, Bugzilla is the only thing running on its domain (i.e., your :param:`urlbase` is something like :paramval:`http://bugzilla.example.com/`), and you never plan to stop supporting SSL. + + * :paramval:`off` - Don't send the Strict-Transport-Security header with requests. + * :paramval:`this_domain_only` - Send the Strict-Transport-Security header with all requests, but only support it for the current domain. + * :paramval:`include_subdomains` - Send the Strict-Transport-Security header along with the includeSubDomains flag, which will apply the security change to all subdomains. This is especially useful when combined with an :param:`attachment_base` that exists as (a) subdomain(s) under the main Bugzilla domain. diff --git a/docs/en/rst/administering/preferences.rst b/docs/en/rst/administering/preferences.rst new file mode 100644 index 000000000..0b89c7b13 --- /dev/null +++ b/docs/en/rst/administering/preferences.rst @@ -0,0 +1,10 @@ +.. _default-preferences: + +Default Preferences +################### + +Each user of Bugzilla can set certain preferences about how they want +Bugzilla to behave. Here, you can say whether or not each of the possible +preferences is available to the user and, if it is, what the default value +is. + diff --git a/docs/en/rst/administering/quips.rst b/docs/en/rst/administering/quips.rst new file mode 100644 index 000000000..789304a33 --- /dev/null +++ b/docs/en/rst/administering/quips.rst @@ -0,0 +1,38 @@ +.. _quips: + +Quips +##### + +Quips are small user-defined messages (often quotes or witty sayings) that +can be configured to appear at the top of search results. Each Bugzilla +installation has its own specific quips. Whenever a quip needs to be +displayed, a random selection is made from the pool of already existing quips. + +Quip submission is controlled by :param:`quip_list_entry_control` +parameter. It has several possible values: open, moderated, or closed. +In order to enable quips approval you need to set this parameter to +"moderated". In this way, users are free to submit quips for addition, +but an administrator must explicitly approve them before they are +actually used. + +In order to see the user interface for the quips, you can +click on a quip when it is displayed together with the search +results. You can also go directly to the quips.cgi URL +(prefixed with the usual web location of the Bugzilla installation). +Once the quip interface is displayed, the "view and edit the whole +quip list" link takes you to the quips administration page, which +lists all quips available in the database. + +Next to each quip there is a checkbox, under the +"Approved" column. Quips that have this checkbox checked are +already approved and will appear next to the search results. +The ones that have it unchecked are still preserved in the +database but will not appear on search results pages. +User submitted quips have initially the checkbox unchecked. + +Also, there is a delete link next to each quip, +which can be used in order to permanently delete a quip. + +Display of quips is controlled by the *display_quips* +user preference. Possible values are "on" and "off". + diff --git a/docs/en/rst/administering/users.rst b/docs/en/rst/administering/users.rst new file mode 100644 index 000000000..b8657e5d9 --- /dev/null +++ b/docs/en/rst/administering/users.rst @@ -0,0 +1,244 @@ +.. _users: + +Users +##### + +.. _defaultuser: + +Creating Admin Users +==================== + +When you first run checksetup.pl after installing Bugzilla, it will +prompt you for the username (email address) and password for the first +admin user. If for some reason you delete all the admin users, +re-running checksetup.pl will again prompt you for a username and +password and make a new admin. + +If you wish to add more administrative users, add them to the "admin" group. + +.. _user-account-search: + +Searching For Users +=================== + +If you have ``editusers`` privileges or if you are allowed +to grant privileges for some groups, the :guilabel:`Users` link +will appear in the Administration page. + +The first screen is a search form to search for existing user +accounts. You can run searches based either on the user ID, real +name or login name (i.e. the email address, or just the first part +of the email address if the :param:`emailsuffix` parameter is set). +The search can be conducted +in different ways using the listbox to the right of the text entry +box. You can match by case-insensitive substring (the default), +regular expression, a *reverse* regular expression +match (which finds every user name which does NOT match the regular +expression), or the exact string if you know exactly who you are +looking for. The search can be restricted to users who are in a +specific group. By default, the restriction is turned off. + +The search returns a list of +users matching your criteria. User properties can be edited by clicking +the login name. The Account History of a user can be viewed by clicking +the "View" link in the Account History column. The Account History +displays changes that have been made to the user account, the time of +the change and the user who made the change. For example, the Account +History page will display details of when a user was added or removed +from a group. + +.. _modifyusers: + +Modifying Users +=============== + +Once you have found your user, you can change the following +fields: + +- *Login Name*: + This is generally the user's full email address. However, if you + have are using the :param:`emailsuffix` parameter, this may + just be the user's login name. Unless you turn off the + :param:`allowemailchange` parameter, users can change their + login names themselves (to any valid email address). + +- *Real Name*: The user's real name. Note that + Bugzilla does not require this to create an account. + +- *Password*: + You can change the user's password here. Users can automatically + request a new password, so you shouldn't need to do this often. + If you want to disable an account, see Disable Text below. + +- *Bugmail Disabled*: + Mark this checkbox to disable bugmail and whinemail completely + for this account. This checkbox replaces the data/nomail file + which existed in older versions of Bugzilla. + +- *Disable Text*: + If you type anything in this box, including just a space, the + user is prevented from logging in and from making any changes to + bugs via the web interface. + The HTML you type in this box is presented to the user when + they attempt to perform these actions and should explain + why the account was disabled. + Users with disabled accounts will continue to receive + mail from Bugzilla; furthermore, they will not be able + to log in themselves to change their own preferences and + stop it. If you want an account (disabled or active) to + stop receiving mail, simply check the + ``Bugmail Disabled`` checkbox above. + + .. note:: Even users whose accounts have been disabled can still + submit bugs via the email gateway, if one exists. + The email gateway should *not* be + enabled for secure installations of Bugzilla. + + .. warning:: Don't disable all the administrator accounts! + +- *<groupname>*: + If you have created some groups, e.g. "securitysensitive", then + checkboxes will appear here to allow you to add users to, or + remove them from, these groups. The first checkbox gives the + user the ability to add and remove other users as members of + this group. The second checkbox adds the user himself as a member + of the group. + +- *canconfirm*: + This field is only used if you have enabled the "unconfirmed" + status. If you enable this for a user, + that user can then move bugs from "Unconfirmed" to a "Confirmed" + status (e.g.: "New" status). + +- *creategroups*: + This option will allow a user to create and destroy groups in + Bugzilla. + +- *editbugs*: + Unless a user has this bit set, they can only edit those bugs + for which they are the assignee or the reporter. Even if this + option is unchecked, users can still add comments to bugs. + +- *editcomponents*: + This flag allows a user to create new products and components, + modify existing products and components, and destroy those that have + no bugs associated with them. If a product or component has bugs + associated with it, those bugs must be moved to a different product + or component before Bugzilla will allow them to be destroyed. + +- *editkeywords*: + If you use Bugzilla's keyword functionality, enabling this + feature allows a user to create and destroy keywords. A keyword + must be removed from any bugs upon which it is currently set + before it can be destroyed. + +- *editusers*: + This flag allows a user to do what you're doing right now: edit + other users. This will allow those with the right to do so to + remove administrator privileges from other users or grant them to + themselves. Enable with care. + +- *tweakparams*: + This flag allows a user to change Bugzilla's Params + (using :file:`editparams.cgi`.) + +- *<productname>*: + This allows an administrator to specify the products + in which a user can see bugs. If you turn on the + :param:`makeproductgroups` parameter in + the Group Security Panel in the Parameters page, + then Bugzilla creates one group per product (at the time you create + the product), and this group has exactly the same name as the + product itself. Note that for products that already exist when + the parameter is turned on, the corresponding group will not be + created. The user must still have the :group:`editbugs` + privilege to edit bugs in these products. + +.. _createnewusers: + +Creating New Users +================== + +.. _self-registration: + +Self-Registration +----------------- + +By default, users can create their own user accounts by clicking the +``New Account`` link at the bottom of each page (assuming +they aren't logged in as someone else already). If you want to disable +this self-registration, or if you want to restrict who can create their +own user account, you have to edit the :param:`createemailregexp` +parameter in the ``Configuration`` page; see +:ref:`parameters`. + +.. _user-account-creation: + +Administrator Registration +-------------------------- + +Users with ``editusers`` privileges, such as administrators, +can create user accounts for other users: + +#. After logging in, click the "Users" link at the footer of + the query page, and then click "Add a new user". + +#. Fill out the form presented. This page is self-explanatory. + When done, click "Submit". + + .. note:: Adding a user this way will *not* + send an email informing them of their username and password. + While useful for creating dummy accounts (watchers which + shuttle mail to another system, for instance, or email + addresses which are a mailing list), in general it is + preferable to log out and use the ``New Account`` + button to create users, as it will pre-populate all the + required fields and also notify the user of her account name + and password. + +.. _user-account-deletion: + +Deleting Users +============== + +If the :param:`allowuserdeletion` parameter is turned on (see +:ref:`parameters`) then you can also delete user accounts. +Note that, most of the time, this is not the best thing to do. If only +a warning in a yellow box is displayed, then the deletion is safe. +If a warning is also displayed in a red box, then you should NOT try +to delete the user account, else you will get referential integrity +problems in your database, which can lead to unexpected behavior, +such as bugs not appearing in bug lists anymore, or data displaying +incorrectly. You have been warned! + +.. _impersonatingusers: + +Impersonating Users +=================== + +There may be times when an administrator would like to do something as +another user. The :command:`sudo` feature may be used to do +this. + +.. note:: To use the sudo feature, you must be in the + *bz_sudoers* group. By default, all + administrators are in this group. + +If you have access to this feature, you may start a session by +going to the Edit Users page, Searching for a user and clicking on +their login. You should see a link below their login name titled +"Impersonate this user". Click on the link. This will take you +to a page where you will see a description of the feature and +instructions for using it. After reading the text, simply +enter the login of the user you would like to impersonate, provide +a short message explaining why you are doing this, and press the +button. + +As long as you are using this feature, everything you do will be done +as if you were logged in as the user you are impersonating. + +.. warning:: The user you are impersonating will not be told about what you are + doing. If you do anything that results in mail being sent, that + mail will appear to be from the user you are impersonating. You + should be extremely careful while using this feature. + diff --git a/docs/en/rst/administering/whining.rst b/docs/en/rst/administering/whining.rst new file mode 100644 index 000000000..dc101ab9b --- /dev/null +++ b/docs/en/rst/administering/whining.rst @@ -0,0 +1,145 @@ +.. _whining: + +Whining +####### + +Whining is a feature in Bugzilla that can regularly annoy users at +specified times. Using this feature, users can execute saved searches +at specific times (e.g. the 15th of the month at midnight) or at +regular intervals (e.g. every 15 minutes on Sundays). The results of the +searches are sent to the user, either as a single email or as one email +per bug, along with some descriptive text. + +.. warning:: Throughout this section it will be assumed that all users are members + of the bz_canusewhines group, membership in which is required in order + to use the Whining system. You can easily make all users members of + the bz_canusewhines group by setting the User RegExp to ".*" (without + the quotes). + + Also worth noting is the bz_canusewhineatothers group. Members of this + group can create whines for any user or group in Bugzilla using an + extended form of the whining interface. Features only available to + members of the bz_canusewhineatothers group will be noted in the + appropriate places. + +.. note:: For whining to work, a special Perl script must be executed at regular + intervals. More information on this is available in :ref:`installation-whining`. + +.. note:: This section does not cover the whineatnews.pl script. + See :ref:`installation-whining-cron` for more information on + The Whining Cron. + +.. _whining-overview: + +The Event +========= + +The whining system defines an "Event" as one or more queries being +executed at regular intervals, with the results of said queries (if +there are any) being emailed to the user. Events are created by +clicking on the "Add new event" button. + +Once a new event is created, the first thing to set is the "Email +subject line". The contents of this field will be used in the subject +line of every email generated by this event. In addition to setting a +subject, space is provided to enter some descriptive text that will be +included at the top of each message (to help you in understanding why +you received the email in the first place). + +The next step is to specify when the Event is to be run (the Schedule) +and what searches are to be performed (the Searches). + +.. _whining-schedule: + +Whining Schedule +================ + +Each whining event is associated with zero or more schedules. A +schedule is used to specify when the search (specified below) is to be +run. A new event starts out with no schedules (which means it will +never run, as it is not scheduled to run). To add a schedule, press +the "Add a new schedule" button. + +Each schedule includes an interval, which you use to tell Bugzilla +when the event should be run. An event can be run on certain days of +the week, certain days of the month, during weekdays (defined as +Monday through Friday), or every day. + +.. warning:: Be careful if you set your event to run on the 29th, 30th, or 31st of + the month, as your event may not run exactly when expected. If you + want your event to run on the last day of the month, select "Last day + of the month" as the interval. + +Once you have specified the day(s) on which the event is to be run, you +should now specify the time at which the event is to be run. You can +have the event run at a certain hour on the specified day(s), or +every hour, half-hour, or quarter-hour on the specified day(s). + +If a single schedule does not execute an event as many times as you +would want, you can create another schedule for the same event. For +example, if you want to run an event on days whose numbers are +divisible by seven, you would need to add four schedules to the event, +setting the schedules to run on the 7th, 14th, 21st, and 28th (one day +per schedule) at whatever time (or times) you choose. + +.. note:: If you are a member of the bz_canusewhineatothers group, then you + will be presented with another option: "Mail to". Using this you + can control who will receive the emails generated by this event. You + can choose to send the emails to a single user (identified by email + address) or a single group (identified by group name). To send to + multiple users or groups, create a new schedule for each additional + user/group. + +.. _whining-query: + +Whining Searches +================ + +Each whining event is associated with zero or more searches. A search +is any saved search to be run as part of the specified schedule (see +above). You start out without any searches associated with the event +(which means that the event will not run, as there will never be any +results to return). To add a search, press the "Add a search" button. + +The first field to examine in your newly added search is the Sort field. +Searches are run, and results included, in the order specified by the +Sort field. Searches with smaller Sort values will run before searches +with bigger Sort values. + +The next field to examine is the Search field. This is where you +choose the actual search that is to be run. Instead of defining search +parameters here, you are asked to choose from the list of saved +searches (the same list that appears at the bottom of every Bugzilla +page). You are only allowed to choose from searches that you have +saved yourself (the default saved search, "My Bugs", is not a valid +choice). If you do not have any saved searches, you can take this +opportunity to create one (see :ref:`list`). + +.. note:: When running searches, the whining system acts as if you are the user + executing the search. This means that the whining system will ignore + bugs that match your search but that you cannot access. + +Once you have chosen the saved search to be executed, give the search a +descriptive title. This title will appear in the email, above the +results of the search. If you choose "One message per bug", the search +title will appear at the top of each email that contains a bug matching +your search. + +Finally, decide if the results of the search should be sent in a single +email, or if each bug should appear in its own email. + +.. warning:: Think carefully before checking the "One message per bug" box. If + you create a search that matches thousands of bugs, you will receive + thousands of emails! + +Saving Your Changes +=================== + +Once you have defined at least one schedule and created at least one +search, go ahead and "Update/Commit". This will save your Event and make +it available for immediate execution. + +.. note:: If you ever feel like deleting your event, you may do so using the + "Remove Event" button in the upper-right corner of each Event. You + can also modify an existing event, so long as you "Update/Commit" + after completing your modifications. diff --git a/docs/en/rst/administering/workflow.rst b/docs/en/rst/administering/workflow.rst new file mode 100644 index 000000000..7ce5b7a87 --- /dev/null +++ b/docs/en/rst/administering/workflow.rst @@ -0,0 +1,34 @@ +.. _workflow: + +Workflow +######## + +The bug status workflow—which statuses are valid transitions from which +other statuses—can be customized. + +You need to begin by defining the statuses and resolutions you want to use +(see :ref:`field-values`). By convention, these are in all capital letters. + +Only one bug status, UNCONFIRMED, can never be renamed nor deleted. However, +it can be disabled entirely on a per-product basis (see :ref:`categorization`). +The status referred to by the :param:`duplicate_or_move_bug_status` parameter, if +set, is also undeletable. To make it deletable, +simply set the value of that parameter to a different status. + +Aside from the empty value, two resolutions, DUPLICATE and FIXED, cannot be +renamed or deleted. (FIXED could be if we fixed +`bug 1007605 <https://bugzilla.mozilla.org/show_bug.cgi?id=1007605>`_.) + +Once you have defined your statuses, you can configure the workflow of +how a bug moves between them. The workflow configuration +page displays all existing bug statuses twice: first on the left for the +starting status, and on the top for the target status in the transition. +If the checkbox is checked, then the transition from the left to the top +status is legal; if it's unchecked, that transition is forbidden. + +The status used as the :param:`duplicate_or_move_bug_status` parameter +(normally RESOLVED or its equivalent) is required to be a legal transition +from every other bug status, and so this is enforced on the page. + +The "View Comments Required on Status Transitions" link below the table +lets you set which transitions require a comment from the user. diff --git a/docs/en/rst/api/core/v1/attachment.rst b/docs/en/rst/api/core/v1/attachment.rst new file mode 100644 index 000000000..f89b6c23e --- /dev/null +++ b/docs/en/rst/api/core/v1/attachment.rst @@ -0,0 +1,351 @@ +Attachments +=========== + +The Bugzilla API for creating, changing, and getting the details of attachments. + +.. _rest_attachments: + +Get Attachment +-------------- + +This allows you to get data about attachments, given a list of bugs and/or +attachment IDs. Private attachments will only be returned if you are in the +appropriate group or if you are the submitter of the attachment. + +**Request** + +To get all current attachments for a bug: + +.. code-block:: text + + GET /rest/bug/(bug_id)/attachment + +To get a specific attachment based on attachment ID: + +.. code-block:: text + + GET /rest/bug/attachment/(attachment_id) + +One of the below must be specified. + +================= ==== ====================================================== +name type description +================= ==== ====================================================== +**bug_id** int Integer bug ID. +**attachment_id** int Integer attachment ID. +================= ==== ====================================================== + +**Response** + +.. code-block:: js + + { + "bugs" : { + "1345" : [ + { (attachment) }, + { (attachment) } + ], + "9874" : [ + { (attachment) }, + { (attachment) } + ], + }, + "attachments" : { + "234" : { (attachment) }, + "123" : { (attachment) }, + } + } + +An object containing two elements: ``bugs`` and ``attachments``. + +The attachments for the bug that you specified in the ``bug_id`` argument in +input are returned in ``bugs`` on output. ``bugs`` is a object that has integer +bug IDs for keys and the values are arrays of objects as attachments. +(Fields for attachments are described below.) + +For the attachment that you specified directly in ``attachment_id``, they +are returned in ``attachments`` on output. This is a object where the attachment +ids point directly to objects describing the individual attachment. + +The fields for each attachment (where it says ``(attachment)`` in the +sample response above) are: + +================ ======== ===================================================== +name type description +================ ======== ===================================================== +data base64 The raw data of the attachment, encoded as Base64. +size int The length (in bytes) of the attachment. +creation_time datetime The time the attachment was created. +last_change_time datetime The last time the attachment was modified. +id int The numeric ID of the attachment. +bug_id int The numeric ID of the bug that the attachment is + attached to. +file_name string The file name of the attachment. +summary string A short string describing the attachment. +content_type string The MIME type of the attachment. +is_private boolean ``true`` if the attachment is private (only visible + to a certain group called the "insidergroup", + ``false`` otherwise. +is_obsolete boolean ``true`` if the attachment is obsolete, ``false`` + otherwise. +is_patch boolean ``true`` if the attachment is a patch, ``false`` + otherwise. +creator string The login name of the user that created the + attachment. +flags array Array of objects, each containing the information + about the flag currently set for each attachment. + Each flag object contains items descibed in the + Flag object below. +================ ======== ===================================================== + +Flag object: + +================= ======== ==================================================== +name type description +================= ======== ==================================================== +id int The ID of the flag. +name string The name of the flag. +type_id int The type ID of the flag. +creation_date datetime The timestamp when this flag was originally created. +modification_date datetime The timestamp when the flag was last modified. +status string The current status of the flag such as ?, +, or -. +setter string The login name of the user who created or last + modified the flag. +requestee string The login name of the user this flag has been + requested to be granted or denied. Note, this field + is only returned if a requestee is set. +================= ======== ==================================================== + +.. _rest_add_attachment: + +Create Attachment +----------------- + +This allows you to add an attachment to a bug in Bugzilla. + +**Request** + +To create attachment on a current bug: + +.. code-block:: text + + POST /rest/bug/(bug_id)/attachment + +.. code-block:: js + + { + "ids" : [ 35 ], + "is_patch" : true, + "comment" : "This is a new attachment comment", + "summary" : "Test Attachment", + "content_type" : "text/plain", + "data" : "(Some patch content)", + "file_name" : "test_attachment.patch", + "obsoletes" : [], + "is_private" : false, + "flags" : [ + { + "name" : "review", + "status" : "?", + "requestee" : "user@bugzilla.org", + "new" : true + } + ] + } + + +The params to include in the POST body, as well as the returned +data format, are the same as below. The ``bug_id`` param will be +overridden as it it pulled from the URL path. + +================ ======= ====================================================== +name type description +================ ======= ====================================================== +**ids** array The IDs or aliases of bugs that you want to add this + attachment to. The same attachment and comment will be + added to all these bugs. +**data** string The content of the attachment. If the content of the + attachment is not ASCII text such as + ``application/octet-stream`` you must encode it in + base64 using an appropriate client library such as + ``MIME::Base64`` for Perl. +**file_name** string The "file name" that will be displayed in the UI for + this attachment and also downloaded copies will be + given. +**summary** string A short string describing the attachment. +**content_type** string The MIME type of the attachment, like ``text/plain`` + or ``image/png``. +comment string A comment to add along with this attachment. +is_patch boolean ``true`` if Bugzilla should treat this attachment as a + patch. If you specify this, you do not need to specify + a ``content_type``. The ``content_type`` of the + attachment will be forced to ``text/plain``. Defaults + to ``false`` if not specified. +is_private boolean ``true`` if the attachment should be private + (restricted to the "insidergroup"), ``false`` if the + attachment should be public. Defaults to ``false`` if + not specified. +flags array Flags objects to add to the attachment. The object + format is described in the Flag object below. +================ ======= ====================================================== + +Flag object: + +To create a flag, at least the ``status`` and the ``type_id`` or ``name`` must +be provided. An optional requestee can be passed if the flag type is requestable +to a specific user. + +========= ====== ============================================================== +name type description +========= ====== ============================================================== +name string The name of the flag type. +type_id int The internal flag type ID. +status string The flags new status (i.e. "?", "+", "-" or "X" to clear a + flag). +requestee string The login of the requestee if the flag type is requestable to + a specific user. +========= ====== ============================================================== + +**Response** + +.. code-block:: js + + { + "ids" : [ + "2797" + ] + } + +==== ===== ========================= +name type description +==== ===== ========================= +ids array Attachment IDs created. +==== ===== ========================= + +.. _rest_update_attachment: + +Update Attachment +----------------- + +This allows you to update attachment metadata in Bugzilla. + +**Request** + +To update attachment metadata on a current attachment: + +.. code-block:: text + + PUT /rest/bug/attachment/(attachment_id) + +.. code-block:: js + + { + "ids" : [ 2796 ], + "summary" : "Test XML file", + "comment" : "Changed this from a patch to a XML file", + "content_type" : "text/xml", + "is_patch" : 0 + } + +================= ===== ======================================================= +name type description +================= ===== ======================================================= +**attachment_id** int Integer attachment ID. +**ids** array The IDs of the attachments you want to update. +================= ===== ======================================================= + +============ ======= ========================================================== +name type description +============ ======= ========================================================== +file_name string The "file name" that will be displayed in the UI for this + attachment. +summary string A short string describing the attachment. +comment string An optional comment to add to the attachment's bug. +content_type string The MIME type of the attachment, like ``text/plain`` + or ``image/png``. +is_patch boolean ``true`` if Bugzilla should treat this attachment as a + patch. If you specify this, you do not need to specify a + ``content_type``. The ``content_type`` of the attachment + will be forced to ``text/plain``. +is_private boolean ``true`` if the attachment should be private (restricted + to the "insidergroup"), ``false`` if the attachment + should be public. +is_obsolete boolean ``true`` if the attachment is obsolete, ``false`` + otherwise. +flags array An array of Flag objects with changes to the flags. The + object format is described in the Flag object below. +============ ======= ========================================================== + +Flag object: + +The following values can be specified. At least the ``status`` and one of +``type_id``, ``id``, or ``name`` must be specified. If a type_id or name matches +a single currently set flag, the flag will be updated unless ``new`` is specified. + +========= ======= ============================================================= +name type description +========= ======= ============================================================= +name string The name of the flag that will be created or updated. +type_id int The internal flag type ID that will be created or updated. + You will need to specify the ``type_id`` if more than one + flag type of the same name exists. +status string The flags new status (i.e. "?", "+", "-" or "X" to clear a + flag). +requestee string The login of the requestee if the flag type is requestable + to a specific user. +id int Use ID to specify the flag to be updated. You will need to + specify the ``id`` if more than one flag is set of the same + name. +new boolean Set to true if you specifically want a new flag to be + created. +========= ======= ============================================================= + +**Response** + +.. code-block:: js + + { + "attachments" : [ + { + "changes" : { + "content_type" : { + "added" : "text/xml", + "removed" : "text/plain" + }, + "is_patch" : { + "added" : "0", + "removed" : "1" + }, + "summary" : { + "added" : "Test XML file", + "removed" : "test patch" + } + }, + "id" : 2796, + "last_change_time" : "2014-09-29T14:41:53Z" + } + ] + } + +``attachments`` (array) Change objects with the following items: + +================ ======== ===================================================== +name type description +================ ======== ===================================================== +id int The ID of the attachment that was updated. +last_change_time datetime The exact time that this update was done at, for this + attachment. If no update was done (that is, no fields + had their values changed and no comment was added) + then this will instead be the last time the + attachment was updated. +changes object The changes that were actually done on this + attachment. The keys are the names of the fields that + were changed, and the values are an object with two + items: + + * added: (string) The values that were added to this + field. Possibly a comma-and-space-separated list + if multiple values were added. + * removed: (string) The values that were removed from + this field. +================ ======== ===================================================== diff --git a/docs/en/rst/api/core/v1/bug-user-last-visit.rst b/docs/en/rst/api/core/v1/bug-user-last-visit.rst new file mode 100644 index 000000000..919744968 --- /dev/null +++ b/docs/en/rst/api/core/v1/bug-user-last-visit.rst @@ -0,0 +1,111 @@ +Bug User Last Visited +===================== + +.. _rest-bug-user-last-visit-update: + +Update Last Visited +------------------- + +Update the last-visited time for the specified bug and current user. + +**Request** + +To update the time for a single bug id: + +.. code-block:: text + + POST /rest/bug_user_last_visit/(id) + +To update one or more bug ids at once: + +.. code-block:: text + + POST /rest/bug_user_last_visit + +.. code-block:: js + + { + "ids" : [35,36,37] + } + +======= ===== ============================== +name type description +======= ===== ============================== +**id** int An integer bug id. +**ids** array One or more bug ids to update. +======= ===== ============================== + +**Response** + +.. code-block:: js + + [ + { + "id" : 100, + "last_visit_ts" : "2014-10-16T17:38:24Z" + } + ] + +An array of objects containing the items: + +============= ======== ============================================ +name type description +============= ======== ============================================ +id int The bug id. +last_visit_ts datetime The timestamp the user last visited the bug. +============= ======== ============================================ + +.. _rest-bug-user-last-visit-get: + +Get Last Visited +---------------- + +**Request** + +Get the last-visited timestamp for one or more specified bug ids or get a +list of the last 20 visited bugs and their timestamps. + +To return the last-visited timestamp for a single bug id: + +.. code-block:: text + + GET /rest/bug_user_last_visit/(id) + +To return more than one specific bug timestamps: + +.. code-block:: text + + GET /rest/bug_user_last_visit/123?ids=234&ids=456 + +To return just the most recent 20 timestamps: + +.. code-block:: text + + GET /rest/bug_user_last_visit + +======= ===== ============================================ +name type description +======= ===== ============================================ +**id** int An integer bug id. +**ids** array One or more optional bug ids to get. +======= ===== ============================================ + +**Response** + +.. code-block:: js + + [ + { + "id" : 100, + "last_visit_ts" : "2014-10-16T17:38:24Z" + } + ] + +An array of objects containing the following items: + +============= ======== ============================================ +name type description +============= ======== ============================================ +id int The bug id. +last_visit_ts datetime The timestamp the user last visited the bug. +============= ======== ============================================ diff --git a/docs/en/rst/api/core/v1/bug.rst b/docs/en/rst/api/core/v1/bug.rst new file mode 100644 index 000000000..1bf2a2006 --- /dev/null +++ b/docs/en/rst/api/core/v1/bug.rst @@ -0,0 +1,986 @@ +Bugs +==== + +The REST API for creating, changing, and getting the details of bugs. + +This part of the Bugzilla REST API allows you to file new bugs in Bugzilla and +to get information about existing bugs. + +.. _rest_single_bug: + +Get Bug +------- + +Gets information about particular bugs in the database. + +**Request** + +To get information about a particular bug using its ID or alias: + +.. code-block:: text + + GET /rest/bug/(id_or_alias) + +You can also use :ref:`rest_search_bugs` to return more than one bug at a time +by specifying bug IDs as the search terms. + +.. code-block:: text + + GET /rest/bug?id=12434,43421 + +================ ===== ====================================================== +name type description +================ ===== ====================================================== +**id_or_alias** mixed An integer bug ID or a bug alias string. +================ ===== ====================================================== + +**Response** + +.. code-block:: js + + { + "faults": [], + "bugs": [ + { + "assigned_to_detail": { + "id": 2, + "real_name": "Test User", + "name": "user@bugzilla.org", + "email": "user@bugzilla.org" + }, + "flags": [ + { + "type_id": 11, + "modification_date": "2014-09-28T21:03:47Z", + "name": "blocker", + "status": "?", + "id": 2906, + "setter": "user@bugzilla.org", + "creation_date": "2014-09-28T21:03:47Z" + } + ], + "resolution": "INVALID", + "id": 35, + "qa_contact": "", + "version": "1.0", + "status": "RESOLVED", + "creator": "user@bugzilla.org", + "cf_drop_down": "---", + "summary": "test bug", + "last_change_time": "2014-09-23T19:12:17Z", + "platform": "All", + "url": "", + "classification": "Unclassified", + "cc_detail": [ + { + "id": 786, + "real_name": "Foo Bar", + "name": "foo@bar.com", + "email": "foo@bar.com" + }, + ], + "priority": "P1", + "is_confirmed": true, + "creation_time": "2000-07-25T13:50:04Z", + "assigned_to": "user@bugzilla.org", + "flags": [], + "alias": [], + "cf_large_text": "", + "groups": [], + "op_sys": "All", + "cf_bug_id": null, + "depends_on": [], + "is_cc_accessible": true, + "is_open": false, + "cf_qa_list_4": "---", + "keywords": [], + "cc": [ + "foo@bar.com", + ], + "see_also": [], + "deadline": null, + "is_creator_accessible": true, + "whiteboard": "", + "dupe_of": null, + "target_milestone": "---", + "cf_mulitple_select": [], + "component": "SaltSprinkler", + "severity": "critical", + "cf_date": null, + "product": "FoodReplicator", + "creator_detail": { + "id": 28, + "real_name": "hello", + "name": "user@bugzilla.org", + "email": "namachi@netscape.com" + }, + "cf_free_text": "", + "blocks": [] + } + ] + } + +``bugs`` (array) Each bug object contains information about the bugs with valid +ids containing the following items: + +These fields are returned by default or by specifying ``_default`` in +``include_fields``. + +===================== ======== ================================================ +name type description +===================== ======== ================================================ +actual_time double The total number of hours that this bug has + taken so far. If you are not in the time-tracking + group, this field will not be included in the + return value. +alias array The unique aliases of this bug. An empty array + will be returned if this bug has no aliases. +assigned_to string The login name of the user to whom the bug is + assigned. +assigned_to_detail object An object containing detailed user information + for the assigned_to. To see the keys included + in the user detail object, see below. +blocks array The IDs of bugs that are "blocked" by this bug. +cc array The login names of users on the CC list of this + bug. +cc_detail array Array of objects containing detailed user + information for each of the cc list members. + To see the keys included in the user detail + object, see below. +classification string The name of the current classification the bug + is in. +component string The name of the current component of this bug. +creation_time datetime When the bug was created. +creator string The login name of the person who filed this bug + (the reporter). +creator_detail object An object containing detailed user information + for the creator. To see the keys included in the + user detail object, see below. +deadline string The day that this bug is due to be completed, in + the format ``YYYY-MM-DD``. +depends_on array The IDs of bugs that this bug "depends on". +dupe_of int The bug ID of the bug that this bug is a + duplicate of. If this bug isn't a duplicate of + any bug, this will be null. +estimated_time double The number of hours that it was estimated that + this bug would take. If you are not in the + time-tracking group, this field will not be + included in the return value. +flags array An array of objects containing the information + about flags currently set for the bug. Each flag + objects contains the following items +groups array The names of all the groups that this bug is in. +id int The unique numeric ID of this bug. +is_cc_accessible boolean If true, this bug can be accessed by members of + the CC list, even if they are not in the groups + the bug is restricted to. +is_confirmed boolean ``true`` if the bug has been confirmed. Usually + this means that the bug has at some point been + moved out of the ``UNCONFIRMED`` status and into + another open status. +is_open boolean ``true`` if this bug is open, ``false`` if it + is closed. +is_creator_accessible boolean If ``true``, this bug can be accessed by the + creator of the bug, even if they are not a + member of the groups the bug is restricted to. +keywords array Each keyword that is on this bug. +last_change_time datetime When the bug was last changed. +op_sys string The name of the operating system that the bug + was filed against. +platform string The name of the platform (hardware) that the bug + was filed against. +priority string The priority of the bug. +product string The name of the product this bug is in. +qa_contact string The login name of the current QA Contact on the + bug. +qa_contact_detail object An object containing detailed user information + for the qa_contact. To see the keys included in + the user detail object, see below. +remaining_time double The number of hours of work remaining until work + on this bug is complete. If you are not in the + time-tracking group, this field will not be + included in the return value. +resolution string The current resolution of the bug, or an empty + string if the bug is open. +see_also array The URLs in the See Also field on the bug. +severity string The current severity of the bug. +status string The current status of the bug. +summary string The summary of this bug. +target_milestone string The milestone that this bug is supposed to be + fixed by, or for closed bugs, the milestone that + it was fixed for. +update_token string The token that you would have to pass to the + ``process_bug.cgi`` page in order to update this + bug. This changes every time the bug is updated. + This field is not returned to logged-out users. +url string A URL that demonstrates the problem described in + the bug, or is somehow related to the bug report. +version string The version the bug was reported against. +whiteboard string The value of the "status whiteboard" field on + the bug. +===================== ======== ================================================ + +Custom fields: + +Every custom field in this installation will also be included in the +return value. Most fields are returned as strings. However, some field types have +different return values. + +Normally custom fields are returned by default similar to normal bug fields or +you can specify only custom fields by using ``_custom`` in ``include_fields``. + +Extra fields: + +These fields are returned only by specifying ``_extra`` or the field name in +``include_fields``. + +==== ===== ==================================================================== +name type description +==== ===== ==================================================================== +tags array Each array item is a tag name. Note that tags are + personal to the currently logged in user and are not the same as + comment tags. +==== ===== ==================================================================== + +User object: + +========= ====== ============================================================== +name type description +========= ====== ============================================================== +id int The user ID for this user. +real_name string The 'real' name for this user, if any. +name string The user's Bugzilla login. +email string The user's email address. Currently this is the same value as + the name. +========= ====== ============================================================== + +Flag object: + +================= ======== ==================================================== +name type description +================= ======== ==================================================== +id int The ID of the flag. +name string The name of the flag. +type_id int The type ID of the flag. +creation_date datetime The timestamp when this flag was originally created. +modification_date datetime The timestamp when the flag was last modified. +status string The current status of the flag. +setter string The login name of the user who created or last + modified the flag. +requestee string The login name of the user this flag has been + requested to be granted or denied. Note, this field + is only returned if a requestee is set. +================= ======== ==================================================== + +Custom field object: + +You can specify to only return custom fields by specifying ``_custom`` or the +field name in ``include_fields``. + +* Bug ID Fields: (int) +* Multiple-Selection Fields: (array of strings) +* Date/Time Fields: (datetime) + +.. _rest_history: + +Bug History +----------- + +Gets the history of changes for particular bugs in the database. + +**Request** + +To get the history for a specific bug ID: + +.. code-block:: text + + GET /rest/bug/(id)/history + +To get the history for a bug since a specific date: + +.. code-block:: text + + GET /rest/bug/(id)/history?new_since=YYYY-MM-DD + +========= ======== ============================================================ +name type description +========= ======== ============================================================ +**id** mixed An integer bug ID or alias. +new_since datetime A datetime timestamp to only show history since. +========= ======== ============================================================ + +**Response** + +.. code-block:: js + + { + "bugs": [ + { + "alias": [], + "history": [ + { + "when": "2014-09-23T19:12:17Z", + "who": "user@bugzilla.org", + "changes": [ + { + "added": "P1", + "field_name": "priority", + "removed": "P2" + }, + { + "removed": "blocker", + "field_name": "severity", + "added": "critical" + } + ] + }, + { + "when": "2014-09-28T21:03:47Z", + "who": "user@bugzilla.org", + "changes": [ + { + "added": "blocker?", + "removed": "", + "field_name": "flagtypes.name" + } + ] + } + ], + "id": 35 + } + ] + } + +``bugs`` (array) Bug objects each containing the following items: + +======= ===== ================================================================= +name type description +======= ===== ================================================================= +id int The numeric ID of the bug. +alias array The unique aliases of this bug. An empty array will be returned + if this bug has no aliases. +history array An array of History objects. +======= ===== ================================================================= + +History object: + +======= ======== ============================================================== +name type description +======= ======== ============================================================== +when datetime The date the bug activity/change happened. +who string The login name of the user who performed the bug change. +changes array An array of Change objects which contain all the changes that + happened to the bug at this time (as specified by ``when``). +======= ======== ============================================================== + +Change object: + +============= ====== ========================================================== +name type description +============= ====== ========================================================== +field_name string The name of the bug field that has changed. +removed string The previous value of the bug field which has been + deleted by the change. +added string The new value of the bug field which has been added + by the change. +attachment_id int The ID of the attachment that was changed. + This only appears if the change was to an attachment, + otherwise ``attachment_id`` will not be present in this + object. +============= ====== ========================================================== + +.. _rest_search_bugs: + +Search Bugs +----------- + +Allows you to search for bugs based on particular criteria. + +**Request** + +To search for bugs: + +.. code-block:: text + + GET /rest/bug + +Unless otherwise specified in the description of a parameter, bugs are +returned if they match *exactly* the criteria you specify in these +parameters. That is, we don't match against substrings--if a bug is in +the "Widgets" product and you ask for bugs in the "Widg" product, you +won't get anything. + +Criteria are joined in a logical AND. That is, you will be returned +bugs that match *all* of the criteria, not bugs that match *any* of +the criteria. + +Each parameter can be either the type it says, or a list of the types +it says. If you pass an array, it means "Give me bugs with *any* of +these values." For example, if you wanted bugs that were in either +the "Foo" or "Bar" products, you'd pass: + +.. code-block:: text + + GET /rest/bug?product=Foo&product=Bar + +Some Bugzillas may treat your arguments case-sensitively, depending +on what database system they are using. Most commonly, though, Bugzilla is +not case-sensitive with the arguments passed (because MySQL is the +most-common database to use with Bugzilla, and MySQL is not case sensitive). + +In addition to the fields listed below, you may also use criteria that +is similar to what is used in the Advanced Search screen of the Bugzilla +UI. This includes fields specified by ``Search by Change History`` and +``Custom Search``. The easiest way to determine what the field names are and what +format Bugzilla expects is to first construct your query using the +Advanced Search UI, execute it and use the query parameters in they URL +as your query for the REST call. + +================ ======== ===================================================== +name type description +================ ======== ===================================================== +alias array The unique aliases of this bug. An empty array will + be returned if this bug has no aliases. +assigned_to string The login name of a user that a bug is assigned to. +component string The name of the Component that the bug is in. Note + that if there are multiple Components with the same + name, and you search for that name, bugs in *all* + those Components will be returned. If you don't want + this, be sure to also specify the ``product`` argument. +creation_time datetime Searches for bugs that were created at this time or + later. May not be an array. +creator string The login name of the user who created the bug. You + can also pass this argument with the name + ``reporter``, for backwards compatibility with + older Bugzillas. +id int The numeric ID of the bug. +last_change_time datetime Searches for bugs that were modified at this time + or later. May not be an array. +limit int Limit the number of results returned. If the limit + is more than zero and higher than the maximum limit + set by the administrator, then the maximum limit will + be used instead. If you set the limit equal to zero, + then all matching results will be returned instead. +offset int Used in conjunction with the ``limit`` argument, + ``offset`` defines the starting position for the + search. For example, given a search that would + return 100 bugs, setting ``limit`` to 10 and + ``offset`` to 10 would return bugs 11 through 20 + from the set of 100. +op_sys string The "Operating System" field of a bug. +platform string The Platform (sometimes called "Hardware") field of + a bug. +priority string The Priority field on a bug. +product string The name of the Product that the bug is in. +resolution string The current resolution--only set if a bug is closed. + You can find open bugs by searching for bugs with an + empty resolution. +severity string The Severity field on a bug. +status string The current status of a bug (not including its + resolution, if it has one, which is a separate field + above). +summary string Searches for substrings in the single-line Summary + field on bugs. If you specify an array, then bugs + whose summaries match *any* of the passed substrings + will be returned. Note that unlike searching in the + Bugzilla UI, substrings are not split on spaces. So + searching for ``foo bar`` will match "This is a foo + bar" but not "This foo is a bar". ``['foo', 'bar']``, + would, however, match the second item. +tags string Searches for a bug with the specified tag. If you + specify an array, then any bugs that match *any* of + the tags will be returned. Note that tags are + personal to the currently logged in user. +target_milestone string The Target Milestone field of a bug. Note that even + if this Bugzilla does not have the Target Milestone + field enabled, you can still search for bugs by + Target Milestone. However, it is likely that in that + case, most bugs will not have a Target Milestone set + (it defaults to "---" when the field isn't enabled). +qa_contact string The login name of the bug's QA Contact. Note that + even if this Bugzilla does not have the QA Contact + field enabled, you can still search for bugs by QA + Contact (though it is likely that no bug will have a + QA Contact set, if the field is disabled). +url string The "URL" field of a bug. +version string The Version field of a bug. +whiteboard string Search the "Status Whiteboard" field on bugs for a + substring. Works the same as the ``summary`` field + described above, but searches the Status Whiteboard + field. +quicksearch string Search for bugs using quicksearch syntax. +================ ======== ===================================================== + +**Response** + +The same as :ref:`rest_single_bug`. + +.. _rest_create_bug: + +Create Bug +---------- + +This allows you to create a new bug in Bugzilla. If you specify any +invalid fields, an error will be thrown stating which field is invalid. +If you specify any fields you are not allowed to set, they will just be +set to their defaults or ignored. + +You cannot currently set all the items here that you can set on enter_bug.cgi. + +The WebService interface may allow you to set things other than those listed +here, but realize that anything undocumented here may likely change in the +future. + +**Request** + +To create a new bug in Bugzilla. + +.. code-block:: text + + POST /rest/bug + +.. code-block:: js + + { + "product" : "TestProduct", + "component" : "TestComponent", + "version" : "unspecified", + "summary" : "'This is a test bug - please disregard", + "alias" : "SomeAlias", + "op_sys" : "All", + "priority" : "P1", + "rep_platform" : "All" + } + +Some params must be set, or an error will be thrown. These params are +marked in **bold**. + +Some parameters can have defaults set in Bugzilla, by the administrator. +If these parameters have defaults set, you can omit them. These parameters +are marked (defaulted). + +Clients that want to be able to interact uniformly with multiple +Bugzillas should always set both the params marked required and those +marked (defaulted), because some Bugzillas may not have defaults set +for (defaulted) parameters, and then this method will throw an error +if you don't specify them. + +================== ======= ==================================================== +name type description +================== ======= ==================================================== +**product** string The name of the product the bug is being filed + against. +**component** string The name of a component in the product above. +**summary** string A brief description of the bug being filed. +**version** string A version of the product above; the version the + bug was found in. +description string (defaulted) The initial description for this bug. + Some Bugzilla installations require this to not be + blank. +op_sys string (defaulted) The operating system the bug was + discovered on. +platform string (defaulted) What type of hardware the bug was + experienced on. +priority string (defaulted) What order the bug will be fixed in by + the developer, compared to the developer's other + bugs. +severity string (defaulted) How severe the bug is. +alias array One or more brief aliases for the bug that can be + used instead of a bug number when accessing this bug. + Must be unique in all of this Bugzilla. +assigned_to string A user to assign this bug to, if you don't want it + to be assigned to the component owner. +cc array An array of usernames to CC on this bug. +comment_is_private boolean If set to true, the description is private, + otherwise it is assumed to be public. +groups array An array of group names to put this bug into. You + can see valid group names on the Permissions tab of + the Preferences screen, or, if you are an + administrator, in the Groups control panel. If you + don't specify this argument, then the bug will be + added into all the groups that are set as being + "Default" for this product. (If you want to avoid + that, you should specify ``groups`` as an empty + array.) +qa_contact string If this installation has QA Contacts enabled, you + can set the QA Contact here if you don't want to + use the component's default QA Contact. +status string The status that this bug should start out as. Note + that only certain statuses can be set on bug + creation. +resolution string If you are filing a closed bug, then you will have + to specify a resolution. You cannot currently + specify a resolution of ``DUPLICATE`` for new + bugs, though. That must be done with + :ref:`rest_update_bug`. +target_milestone string A valid target milestone for this product. +flags array Flags objects to add to the bug. The object format + is described in the Flag object below. +================== ======= ==================================================== + +Flag object: + +To create a flag, at least the ``status`` and the ``type_id`` or ``name`` must +be provided. An optional requestee can be passed if the flag type is requestable +to a specific user. + +========= ====== ============================================================== +name type description +========= ====== ============================================================== +name string The name of the flag type. +type_id int The internal flag type ID. +status string The flags new status (i.e. "?", "+", "-" or "X" to clear flag). +requestee string The login of the requestee if the flag type is requestable + to a specific user. +========= ====== ============================================================== + +In addition to the above parameters, if your installation has any custom +fields, you can set them just by passing in the name of the field and +its value as a string. + +**Response** + +.. code-block:: js + + { + "id" : 12345 + } + +==== ==== ====================================== +name type description +==== ==== ====================================== +id int This is the ID of the newly-filed bug. +==== ==== ====================================== + +.. _rest_update_bug: + +Update Bug +---------- + +Allows you to update the fields of a bug. Automatically sends emails +out about the changes. + +**Request** + +To update the fields of a current bug. + +.. code-block:: text + + PUT /rest/bug/(id_or_alias) + +.. code-block:: js + + { + "ids" : [35], + "status" : "IN_PROGRESS", + "keywords" : { + "add" : ["funny", "stupid"] + } + } + +The params to include in the PUT body as well as the returned data format, +are the same as below. You can specify the ID or alias of the bug to update +either in the URL path and/or in the ``ids`` param. You can use both and they +will be combined so you can edit more than one bug at a time. + +=============== ===== ========================================================= +name type description +=============== ===== ========================================================= +**id_or_alias** mixed An integer bug ID or alias. +**ids** array The IDs or aliases of the bugs that you want to modify. +=============== ===== ========================================================= + +All following fields specify the values you want to set on the bugs you are +updating. + +===================== ======= ================================================= +name type description +===================== ======= ================================================= +alias object These specify the aliases of a bug that can be + used instead of a bug number when acessing this + bug. To set these, you should pass a hash as the + value. The object may contain the following + items: + + * ``add`` (array) Aliases to add to this field. + * ``remove`` (array) Aliases to remove from this + field. If the aliases are not already in the + field, they will be ignored. + * ``set`` (array) An exact set of aliases to set + this field to, overriding the current value. + If you specify ``set``, then ``add`` and + ``remove`` will be ignored. + + You can only set this if you are modifying a + single bug. If there is more than one bug + specified in ``ids``, passing in a value for + ``alias`` will cause an error to be thrown. + + For backwards compatibility, you can also + specify a single string. This will be treated as + if you specified the set key above. +assigned_to string The full login name of the user this bug is + assigned to. +blocks object (Same as ``depends_on`` below) +depends_on object These specify the bugs that this bug blocks or + depends on, respectively. To set these, you + should pass an object as the value. The object + may contain the following items: + + * ``add`` (array) Bug IDs to add to this field. + * ``remove`` (array) Bug IDs to remove from this + field. If the bug IDs are not already in the + field, they will be ignored. + * ``set`` (array of) An exact set of bug IDs to + set this field to, overriding the current + value. If you specify ``set``, then ``add`` + and ``remove`` will be ignored. +cc object The users on the cc list. To modify this field, + pass an object, which may have the following + items: + + * ``add`` (array) User names to add to the CC + list. They must be full user names, and an + error will be thrown if you pass in an invalid + user name. + * ``remove`` (array) User names to remove from + the CC list. They must be full user names, and + an error will be thrown if you pass in an + invalid user name. +is_cc_accessible boolean Whether or not users in the CC list are allowed + to access the bug, even if they aren't in a group + that can normally access the bug. +comment object A comment on the change. The object may contain + the following items: + + * ``body`` (string) The actual text of the + comment. For compatibility with the parameters + to :ref:`rest_add_comment`, you can also call + this field ``comment``, if you want. + * ``is_private`` (boolean) Whether the comment is + private or not. If you try to make a comment + private and you don't have the permission to, + an error will be thrown. +comment_is_private object This is how you update the privacy of comments + that are already on a bug. This is a object, + where the keys are the ``int`` ID of comments + (not their count on a bug, like #1, #2, #3, but + their globally-unique ID, as returned by + :ref:`rest_comments` and the value is a + ``boolean`` which specifies whether that comment + should become private (``true``) or public + (``false``). + + The comment IDs must be valid for the bug being + updated. Thus, it is not practical to use this + while updating multiple bugs at once, as a single + comment ID will never be valid on multiple bugs. +component string The Component the bug is in. +deadline date The Deadline field is a date specifying when the + bug must be completed by, in the format + ``YYYY-MM-DD``. +dupe_of int The bug that this bug is a duplicate of. If you + want to mark a bug as a duplicate, the safest + thing to do is to set this value and *not* set + the ``status`` or ``resolutio`` fields. They will + automatically be set by Bugzilla to the + appropriate values for duplicate bugs. +estimated_time double The total estimate of time required to fix the + bug, in hours. This is the *total* estimate, not + the amount of time remaining to fix it. +flags array An array of Flag change objects. The items needed + are described below. +groups object The groups a bug is in. To modify this field, + pass an object, which may have the following + items: + + * ``add`` (array) The names of groups to add. + Passing in an invalid group name or a group + that you cannot add to this bug will cause an + error to be thrown. + * ``remove`` (array) The names of groups to + remove. Passing in an invalid group name or a + group that you cannot remove from this bug + will cause an error to be thrown. +keywords object Keywords on the bug. To modify this field, pass + an object, which may have the following items: + + * ``add`` (array) The names of keywords to add + to the field on the bug. Passing something that + isn't a valid keyword name will cause an error + to be thrown. + * ``remove`` (array) The names of keywords to + remove from the field on the bug. Passing + something that isn't a valid keyword name will + cause an error to be thrown. + * ``set`` (array) An exact set of keywords to set + the field to, on the bug. Passing something + that isn't a valid keyword name will cause an + error to be thrown. Specifying ``set`` + overrides ``add`` and ``remove``. +op_sys string The Operating System ("OS") field on the bug. +platform string The Platform or "Hardware" field on the bug. +priority string The Priority field on the bug. +product string The name of the product that the bug is in. If + you change this, you will probably also want to + change ``target_milestone``, ``version``, and + ``component``, since those have different legal + values in every product. + + If you cannot change the ``target_milestone`` + field, it will be reset to the default for the + product, when you move a bug to a new product. + + You may also wish to add or remove groups, as + which groups are + valid on a bug depends on the product. Groups + that are not valid in the new product will be + automatically removed, and groups which are + mandatory in the new product will be automaticaly + added, but no other automatic group changes will + be done. + + .. note:: + Users can only move a bug into a product if + they would normally have permission to file + new bugs in that product. +qa_contact string The full login name of the bug's QA Contact. +is_creator_accessible boolean Whether or not the bug's reporter is allowed + to access the bug, even if they aren't in a group + that can normally access the bug. +remaining_time double How much work time is remaining to fix the bug, + in hours. If you set ``work_time`` but don't + explicitly set ``remaining_time``, then the + ``work_time`` will be deducted from the bug's + ``remaining_time``. +reset_assigned_to boolean If true, the ``assigned_to`` field will be + reset to the default for the component that the + bug is in. (If you have set the component at the + same time as using this, then the component used + will be the new component, not the old one.) +reset_qa_contact boolean If true, the ``qa_contact`` field will be reset + to the default for the component that the bug is + in. (If you have set the component at the same + time as using this, then the component used will + be the new component, not the old one.) +resolution string The current resolution. May only be set if you + are closing a bug or if you are modifying an + already-closed bug. Attempting to set the + resolution to *any* value (even an empty or null + string) on an open bug will cause an error to be + thrown. + + .. note:: + If you change the ``status`` field to an open + status, the resolution field will automatically + be cleared, so you don't have to clear it + manually. +see_also object The See Also field on a bug, specifying URLs to + bugs in other bug trackers. To modify this field, + pass an object, which may have the following + items: + + * ``add`` (array) URLs to add to the field. Each + URL must be a valid URL to a bug-tracker, or + an error will be thrown. + * ``remove`` (array) URLs to remove from the + field. Invalid URLs will be ignored. +severity string The Severity field of a bug. +status string The status you want to change the bug to. Note + that if a bug is changing from open to closed, + you should also specify a ``resolution``. +summary string The Summary field of the bug. +target_milestone string The bug's Target Milestone. +url string The "URL" field of a bug. +version string The bug's Version field. +whiteboard string The Status Whiteboard field of a bug. +work_time double The number of hours worked on this bug as part + of this change. + If you set ``work_time`` but don't explicitly + set ``remaining_time``, then the ``work_time`` + will be deducted from the bug's ``remaining_time``. +===================== ======= ================================================= + +You can also set the value of any custom field by passing its name as +a parameter, and the value to set the field to. For multiple-selection +fields, the value should be an array of strings. + +Flag change object: + +The following values can be specified. At least the ``status`` and one of +``type_id``, ``id``, or ``name`` must be specified. If a ``type_id`` or +``name`` matches a single currently set flag, the flag will be updated unless +``new`` is specified. + +========== ======= ============================================================ +name type description +========== ======= ============================================================ +name string The name of the flag that will be created or updated. +type_id int The internal flag type ID that will be created or updated. + You will need to specify the ``type_id`` if more than one + flag type of the same name exists. +**status** string The flags new status (i.e. "?", "+", "-" or "X" to clear a + flag). +requestee string The login of the requestee if the flag type is requestable + to a specific user. +id int Use ID to specify the flag to be updated. You will need to + specify the ``id`` if more than one flag is set of the same + name. +new boolean Set to true if you specifically want a new flag to be + created. +========== ======= ============================================================ + +**Response** + +.. code-block:: js + + { + "bugs" : [ + { + "alias" : [], + "changes" : { + "keywords" : { + "added" : "funny, stupid", + "removed" : "" + }, + "status" : { + "added" : "IN_PROGRESS", + "removed" : "CONFIRMED" + } + }, + "id" : 35, + "last_change_time" : "2014-09-29T14:25:35Z" + } + ] + } + +``bugs`` (array) This points to an array of objects with the following items: + +================ ======== ===================================================== +name type description +================ ======== ===================================================== +id int The ID of the bug that was updated. +alias array The aliases of the bug that was updated, if this bug + has any alias. +last_change_time datetime The exact time that this update was done at, for + this bug. If no update was done (that is, no fields + had their values changed and no comment was added) + then this will instead be the last time the bug was + updated. +changes object The changes that were actually done on this bug. The + keys are the names of the fields that were changed, + and the values are an object with two keys: + + * ``added`` (string) The values that were added to + this field, possibly a comma-and-space-separated + list if multiple values were added. + * ``removed`` (string) The values that were removed + from this field, possibly a + comma-and-space-separated list if multiple values + were removed. +================ ======== ===================================================== + +Currently, some fields are not tracked in changes: ``comment``, +``comment_is_private``, and ``work_time``. This means that they will not +show up in the return value even if they were successfully updated. +This may change in a future version of Bugzilla. diff --git a/docs/en/rst/api/core/v1/bugzilla.rst b/docs/en/rst/api/core/v1/bugzilla.rst new file mode 100644 index 000000000..2dd40e0cb --- /dev/null +++ b/docs/en/rst/api/core/v1/bugzilla.rst @@ -0,0 +1,302 @@ +Bugzilla Information +==================== + +These methods are used to get general configuration information about this +Bugzilla instance. + +Version +------- + +Returns the current version of Bugzilla. Normally in the format of ``X.X`` or +``X.X.X``. For example, ``4.4`` for the initial release of a new branch. Or +``4.4.6`` for a minor release on the same branch. + +**Request** + +.. code-block:: text + + GET /rest/version + +**Response** + +.. code-block:: js + + { + "version": "4.5.5+" + } + +======= ====== ========================================= +name type description +======= ====== ========================================= +version string The current version of this Bugzilla +======= ====== ========================================= + +Extensions +---------- + +Gets information about the extensions that are currently installed and enabled +in this Bugzilla. + +**Request** + +.. code-block:: text + + GET /rest/extensions + +**Response** + +.. code-block:: js + + { + "extensions": { + "Voting": { + "version": "4.5.5+" + }, + "BmpConvert": { + "version": "1.0" + } + } + } + +========== ====== ==================================================== +name type description +========== ====== ==================================================== +extensions object An object containing the extensions enabled as keys. + Each extension object contains the following keys: + + * ``version`` (string) The version of the extension. +========== ====== ==================================================== + +Timezone +-------- + +Returns the timezone in which Bugzilla expects to receive dates and times on the API. +Currently hard-coded to UTC ("+0000"). This is unlikely to change. + +**Request** + +.. code-block:: text + + GET /rest/timezone + +.. code-block:: js + + { + "timezone": "+0000" + } + +**Response** + +======== ====== =============================================================== +name type description +======== ====== =============================================================== +timezone string The timezone offset as a string in (+/-)XXXX (RFC 2822) format. +======== ====== =============================================================== + +Time +---- + +Gets information about what time the Bugzilla server thinks it is, and +what timezone it's running in. + +**Request** + +.. code-block:: text + + GET /rest/time + +**Response** + +.. code-block:: js + + { + "web_time_utc": "2014-09-26T18:01:30Z", + "db_time": "2014-09-26T18:01:30Z", + "web_time": "2014-09-26T18:01:30Z", + "tz_offset": "+0000", + "tz_short_name": "UTC", + "tz_name": "UTC" + } + +============= ====== ========================================================== +name type description +============= ====== ========================================================== +db_time string The current time in UTC, according to the Bugzilla + database server. + + Note that Bugzilla assumes that the database and the + webserver are running in the same time zone. However, + if the web server and the database server aren't + synchronized or some reason, *this* is the time that + you should rely on or doing searches and other input + to the WebService. +web_time string This is the current time in UTC, according to + Bugzilla's web server. + + This might be different by a second from ``db_time`` + since this comes from a different source. If it's any + more different than a second, then there is likely + some problem with this Bugzilla instance. In this + case you should rely on the ``db_time``, not the + ``web_time``. +web_time_utc string Identical to ``web_time``. (Exists only for + backwards-compatibility with versions of Bugzilla + before 3.6.) +tz_name string The literal string ``UTC``. (Exists only for + backwards-compatibility with versions of Bugzilla + before 3.6.) +tz_short_name string The literal string ``UTC``. (Exists only for + backwards-compatibility with versions of Bugzilla + before 3.6.) +tz_offset string The literal string ``+0000``. (Exists only for + backwards-compatibility with versions of Bugzilla + before 3.6.) +============= ====== ========================================================== + +Parameters +---------- + +Returns parameter values currently used in this Bugzilla. + +**Request** + +.. code-block:: text + + GET /rest/parameters + +**Response** + +Example response for anonymous user: + +.. code-block:: js + + { + "parameters" : { + "maintainer" : "admin@example.com", + "requirelogin" : "0" + } + } + +Example response for authenticated user: + +.. code-block:: js + + { + "parameters" : { + "allowemailchange" : "1", + "attachment_base" : "http://bugzilla.example.com/", + "commentonchange_resolution" : "0", + "commentonduplicate" : "0", + "cookiepath" : "/", + "createemailregexp" : ".*", + "defaultopsys" : "", + "defaultplatform" : "", + "defaultpriority" : "--", + "defaultseverity" : "normal", + "duplicate_or_move_bug_status" : "RESOLVED", + "emailregexp" : "^[\\w\\.\\+\\-=']+@[\\w\\.\\-]+\\.[\\w\\-]+$", + "emailsuffix" : "", + "letsubmitterchoosemilestone" : "1", + "letsubmitterchoosepriority" : "1", + "mailfrom" : "bugzilla-daemon@example.com", + "maintainer" : "admin@example.com", + "maxattachmentsize" : "1000", + "maxlocalattachment" : "0", + "musthavemilestoneonaccept" : "0", + "noresolveonopenblockers" : "0", + "password_complexity" : "no_constraints", + "rememberlogin" : "on", + "requirelogin" : "0", + "urlbase" : "http://bugzilla.example.com/", + "use_see_also" : "1", + "useclassification" : "1", + "usemenuforusers" : "0", + "useqacontact" : "1", + "usestatuswhiteboard" : "1", + "usetargetmilestone" : "1", + } + } + +A logged-out user can only access the ``maintainer`` and ``requirelogin`` +parameters. + +A logged-in user can access the following parameters (listed alphabetically): + +* allowemailchange +* attachment_base +* commentonchange_resolution +* commentonduplicate +* cookiepath +* defaultopsys +* defaultplatform +* defaultpriority +* defaultseverity +* duplicate_or_move_bug_status +* emailregexpdesc +* emailsuffix +* letsubmitterchoosemilestone +* letsubmitterchoosepriority +* mailfrom +* maintainer +* maxattachmentsize +* maxlocalattachment +* musthavemilestoneonaccept +* noresolveonopenblockers +* password_complexity +* rememberlogin +* requirelogin +* search_allow_no_criteria +* urlbase +* use_see_also +* useclassification +* usemenuforusers +* useqacontact +* usestatuswhiteboard +* usetargetmilestone + +A user in the tweakparams group can access all existing parameters. +New parameters can appear or obsolete parameters can disappear depending +on the version of Bugzilla and on extensions being installed. +The list of parameters returned by this method is not stable and will +never be stable. + +Last Audit Time +--------------- + +Gets the most recent timestamp among all of the events recorded in the audit_log +table. + +**Request** + +To get most recent audit timestamp for all classes: + +.. code-block:: text + + GET /rest/last_audit_time + +To get the the most recent audit timestamp for the ``Bugzilla::Product`` class: + +.. code-block:: text + + GET /rest/last_audit_time?class=Bugzilla::Product + +===== ===== =================================================================== +name type description +===== ===== =================================================================== +class array The class names are defined as ``Bugzilla::<class_name>"`` such as + Bugzilla:Product`` for products. +===== ===== =================================================================== + +**Response** + +.. code-block:: js + + { + "last_audit_time": "2014-09-23T18:03:38Z" + } + +=============== ====== ==================================================== +name type description +=============== ====== ==================================================== +last_audit_time string The maximum of the at_time from the audit_log. +=============== ====== ==================================================== diff --git a/docs/en/rst/api/core/v1/classification.rst b/docs/en/rst/api/core/v1/classification.rst new file mode 100644 index 000000000..ef5e58d1b --- /dev/null +++ b/docs/en/rst/api/core/v1/classification.rst @@ -0,0 +1,80 @@ +Classifications +=============== + +This part of the Bugzilla API allows you to deal with the available +classifications. You will be able to get information about them as well as +manipulate them. + +.. _rest_get_classification: + +Get Classification +------------------ + +Returns an object containing information about a set of classifications. + +**Request** + +To return information on a single classification using the ID or name: + +.. code-block:: text + + GET /rest/classification/(id_or_name) + +============== ===== ===================================== +name type description +============== ===== ===================================== +**id_or_name** mixed An Integer classification ID or name. +============== ===== ===================================== + +**Response** + +.. code-block:: js + + { + "classifications": [ + { + "sort_key": 0, + "description": "Unassigned to any classifications", + "products": [ + { + "id": 2, + "name": "FoodReplicator", + "description": "Software that controls a piece of hardware that will create any food item through a voice interface." + }, + { + "description": "Silk, etc.", + "name": "Spider Secretions", + "id": 4 + } + ], + "id": 1, + "name": "Unclassified" + } + ] + } + +``classifications`` (array) Each object is a classification that the user is +authorized to see and has the following items: + +=========== ====== ============================================================ +name type description +=========== ====== ============================================================ +id int The ID of the classification. +name string The name of the classification. +description string The description of the classificaion. +sort_key int The value which determines the order the classification is + sorted. +products array Products the user is authorized to + access within the classification. Each hash has the + following keys: +=========== ====== ============================================================ + +Product object: + +=========== ====== ================================ +name type description +=========== ====== ================================ +name string The name of the product. +id int The ID of the product. +description string The description of the product. +=========== ====== ================================ diff --git a/docs/en/rst/api/core/v1/comment.rst b/docs/en/rst/api/core/v1/comment.rst new file mode 100644 index 000000000..60fabb93b --- /dev/null +++ b/docs/en/rst/api/core/v1/comment.rst @@ -0,0 +1,242 @@ +Comments +======== + +.. _rest_comments: + +Get Comments +------------ + +This allows you to get data about comments, given a bug ID or comment ID. + +**Request** + +To get all comments for a particular bug using the bug ID or alias: + +.. code-block:: text + + GET /rest/bug/(id_or_alias)/comment + +To get a specific comment based on the comment ID: + +.. code-block:: text + + GET /rest/bug/comment/(comment_id) + +=============== ======== ====================================================== +name type description +=============== ======== ====================================================== +**id_or_alias** mixed A single integer bug ID or alias. +**comment_id** int A single integer comment ID. +new_since datetime If specified, the method will only return comments + *newer* than this time. This only affects comments + returned from the ``ids`` argument. You will always be + returned all comments you request in the + ``comment_ids`` argument, even if they are older than + this date. +=============== ======== ====================================================== + +**Response** + +.. code-block:: js + + { + "bugs": { + "35": { + "comments": [ + { + "time": "2000-07-25T13:50:04Z", + "text": "test bug to fix problem in removing from cc list.", + "bug_id": 35, + "count": 0, + "attachment_id": null, + "is_private": false, + "tags": [], + "creator": "user@bugzilla.org", + "creation_time": "2000-07-25T13:50:04Z", + "id": 75 + } + ] + } + }, + "comments": {} + } + +Two items are returned: + +``bugs`` This is used for bugs specified in ``ids``. This is an object, +where the keys are the numeric IDs of the bugs, and the value is +a object with a single key, ``comments``, which is an array of comments. +(The format of comments is described below.) + +Any individual bug will only be returned once, so if you specify an ID +multiple times in ``ids``, it will still only be returned once. + +``comments`` Each individual comment requested in ``comment_ids`` is +returned here, in a object where the numeric comment ID is the key, +and the value is the comment. (The format of comments is described below.) + +A "comment" as described above is a object that contains the following items: + +============= ======== ======================================================== +name type description +============= ======== ======================================================== +id int The globally unique ID for the comment. +bug_id int The ID of the bug that this comment is on. +attachment_id int If the comment was made on an attachment, this will be + the ID of that attachment. Otherwise it will be null. +count int The number of the comment local to the bug. The + Description is 0, comments start with 1. +text string The actual text of the comment. +creator string The login name of the comment's author. +time datetime The time (in Bugzilla's timezone) that the comment was + added. +creation_time datetime This is exactly same as the ``time`` key. Use this + field instead of ``time`` for consistency with other + methods including :ref:`rest_single_bug` and + :ref:`rest_attachments`. + + For compatibility, ``time`` is still usable. However, + please note that ``time`` may be deprecated and removed + in a future release. + +is_private boolean ``true`` if this comment is private (only visible to a + certain group called the "insidergroup"), ``false`` + otherwise. +============= ======== ======================================================== + +.. _rest_add_comment: + +Create Comments +--------------- + +This allows you to add a comment to a bug in Bugzilla. + +**Request** + +To create a comment on a current bug. + +.. code-block:: text + + POST /rest/bug/(id)/comment + +.. code-block:: js + + { + "ids" : [123,..], + "comment" : "This is an additional comment", + "is_private" : false + } + +``ids`` is optional in the data example above and can be used to specify adding +a comment to more than one bug at the same time. + +=========== ======= =========================================================== +name type description +=========== ======= =========================================================== +**id** int The ID or alias of the bug to append a comment to. +ids array List of integer bug IDs to add the comment to. +**comment** string The comment to append to the bug. If this is empty + or all whitespace, an error will be thrown saying that you + did not set the ``comment`` parameter. +is_private boolean If set to true, the comment is private, otherwise it is + assumed to be public. +work_time double Adds this many hours to the "Hours Worked" on the bug. + If you are not in the time tracking group, this value will + be ignored. +=========== ======= =========================================================== + +**Response** + +.. code-block:: js + + { + "id" : 789 + } + +==== ==== ================================= +name type description +==== ==== ================================= +id int ID of the newly-created comment. +==== ==== ================================= + +.. _rest_search_comment_tags: + +Search Comment Tags +------------------- + +Searches for tags which contain the provided substring. + +**Request** + +To search for comment tags: + +.. code-block:: text + + GET /rest/bug/comment/tags/(query) + +Example: + +.. code-block:: text + + GET /rest/bug/comment/tags/spa + +========= ====== ==================================================== +name type description +========= ====== ==================================================== +**query** string Only tags containg this substring will be returned. +limit int If provided will return no more than ``limit`` tags. + Defaults to ``10``. +========= ====== ==================================================== + +**Response** + +.. code-block:: js + + [ + "spam" + ] + +An array of matching tags. + +.. _rest_update_comment_tags: + +Update Comment Tags +------------------- + +Adds or removes tags from a comment. + +**Request** + +To update the tags comments attached to a comment: + +.. code-block:: text + + PUT /rest/bug/comment/(comment_id)/tags + +Example: + +.. code-block:: js + + { + "comment_id" : 75, + "add" : ["spam", "bad"] + } + +============== ===== ==================================== +name type description +============== ===== ==================================== +**comment_id** int The ID of the comment to update. +add array The tags to attach to the comment. +remove array The tags to detach from the comment. +============== ===== ==================================== + +**Response** + +.. code-block:: js + + [ + "bad", + "spam" + ] + +An array of strings containing the comment's updated tags. diff --git a/docs/en/rst/api/core/v1/component.rst b/docs/en/rst/api/core/v1/component.rst new file mode 100644 index 000000000..aceada1a7 --- /dev/null +++ b/docs/en/rst/api/core/v1/component.rst @@ -0,0 +1,65 @@ +Components +========== + +This part of the Bugzilla API allows you to deal with the available product +components. You will be able to get information about them as well as manipulate +them. + +Create Component +---------------- + +This allows you to create a new component in Bugzilla. You must be authenticated +and be in the *editcomponents* group to perform this action. + +**Request** + +To create a new component: + +.. code-block:: text + + POST /rest/component + +.. code-block:: js + + { + "product" : "TestProduct", + "name" : "New Component", + "description" : "This is a new component", + "default_assignee" : "dkl@mozilla.com" + } + +Some params must be set, or an error will be thrown. These params are +shown in **bold**. + +==================== ======= ================================================== +name type description +==================== ======= ================================================== +**name** string The name of the new component. +**product** string The name of the product that the component must + be added to. This product must already exist, and + the user have the necessary permissions to edit + components for it. +**description** string The description of the new component. +**default_assignee** string The login name of the default assignee of the + component. +default_cc array Each string representing one login name of the + default CC list. +default_qa_contact string The login name of the default QA contact for the + component. +is_open boolean 1 if you want to enable the component for bug + creations. 0 otherwise. Default is 1. +==================== ======= ================================================== + +**Response** + +.. code-block:: js + + { + "id": 27 + } + +==== ==== ======================================== +name type description +==== ==== ======================================== +id int The ID of the newly-added component. +==== ==== ======================================== diff --git a/docs/en/rst/api/core/v1/field.rst b/docs/en/rst/api/core/v1/field.rst new file mode 100644 index 000000000..d97aa3050 --- /dev/null +++ b/docs/en/rst/api/core/v1/field.rst @@ -0,0 +1,240 @@ +Bug Fields +========== + +The Bugzilla API for getting details about bug fields. + +.. _rest_fields: + +Fields +------ + +Get information about valid bug fields, including the lists of legal values +for each field. + +**Request** + +To get information about all fields: + +.. code-block:: text + + GET /rest/field/bug + +To get information related to a single field: + +.. code-block:: text + + GET /rest/field/bug/(id_or_name) + +========== ===== ========================================================== +name type description +========== ===== ========================================================== +id_or_name mixed An integer field ID or string representing the field name. +========== ===== ========================================================== + +**Response** + +.. code-block:: js + + { + "fields": [ + { + "display_name": "Priority", + "name": "priority", + "type": 2, + "is_mandatory": false, + "value_field": null, + "values": [ + { + "sortkey": 100, + "sort_key": 100, + "visibility_values": [], + "name": "P1" + }, + { + "sort_key": 200, + "name": "P2", + "visibility_values": [], + "sortkey": 200 + }, + { + "sort_key": 300, + "visibility_values": [], + "name": "P3", + "sortkey": 300 + }, + { + "sort_key": 400, + "name": "P4", + "visibility_values": [], + "sortkey": 400 + }, + { + "name": "P5", + "visibility_values": [], + "sort_key": 500, + "sortkey": 500 + } + ], + "visibility_values": [], + "visibility_field": null, + "is_on_bug_entry": false, + "is_custom": false, + "id": 13 + } + ] + } + +``field`` (array) Field objects each containing the following items: + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +id int An integer ID uniquely identifying this field in this + installation only. +type int The number of the fieldtype. The following values are + defined: + + * ``0`` Field type unknown + * ``1`` Single-line string field + * ``2`` Single value field + * ``3`` Multiple value field + * ``4`` Multi-line text value + * ``5`` Date field with time + * ``6`` Bug ID field + * ``7`` See Also field + * ``8`` Keywords field + * ``9`` Date field + * ``10`` Integer field + +is_custom boolean ``true`` when this is a custom field, ``false`` + otherwise. +name string The internal name of this field. This is a unique + identifier for this field. If this is not a custom + field, then this name will be the same across all + Bugzilla installations. +display_name string The name of the field, as it is shown in the user + interface. +is_mandatory boolean ``true`` if the field must have a value when filing + new bugs. Also, mandatory fields cannot have their + value cleared when updating bugs. +is_on_bug_entry boolean For custom fields, this is ``true`` if the field is + shown when you enter a new bug. For standard fields, + this is currently always ``false``, even if the field + shows up when entering a bug. (To know whether or not + a standard field is valid on bug entry, see + :ref:`rest_create_bug`. +visibility_field string The name of a field that controls the visibility of + this field in the user interface. This field only + appears in the user interface when the named field is + equal to one of the values is ``visibility_values``. + Can be null. +visibility_values array This field is only shown when ``visibility_field`` + matches one of these string values. When + ``visibility_field`` is null, then this is an empty + array. +value_field string The name of the field that controls whether or not + particular values of the field are shown in the user + interface. Can be null. +values array Objects representing the legal values for + select-type (drop-down and multiple-selection) + fields. This is also populated for the + ``component``, ``version``, ``target_milestone``, + and ``keywords`` fields, but not for the ``product`` + field (you must use ``get_accessible_products`` for + that). For fields that aren't select-type fields, + this will simply be an empty array. Each object + contains the items described in the Value object + below. +================= ======= ===================================================== + +Value object: + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +name string The actual value--this is what you would specify for + this field in ``create``, etc. +sort_key int Values, when displayed in a list, are sorted first by + this integer and then secondly by their name. +visibility_values array If ``value_field`` is defined for this field, then + this value is only shown if the ``value_field`` is + set to one of the values listed in this array. Note + that for per-product fields, ``value_field`` is set + to ``product`` and ``visibility_values`` will reflect + which product(s) this value appears in. +is_active boolean This value is defined only for certain + product-specific fields such as version, + target_milestone or component. When true, the value + is active; otherwise the value is not active. +description string The description of the value. This item is only + included for the ``keywords`` field. +is_open boolean For ``bug_status`` values, determines whether this + status specifies that the bug is "open" (``true``) + or "closed" (``false``). This item is only included + for the ``bug_status`` field. +can_change_to array For ``bug_status`` values, this is an array of + objects that determine which statuses you can + transition to from this status. (This item is only + included for the ``bug_status`` field.) + + Each object contains the following items: + + * name: (string) The name of the new status + * comment_required: (boolean) ``true`` if a comment + is required when you change a bug into this status + using this transition. +================= ======= ===================================================== + +.. _rest_legal_values: + +Legal Values +------------ + +**DEPRECATED** Use ''Fields'' instead. + +Tells you what values are allowed for a particular field. + +**Request** + +To get information on the values for a field based on field name: + +.. code-block:: text + + GET /rest/field/bug/(field)/values + +To get information based on field name and a specific product: + +.. code-block:: text + + GET /rest/field/bug/(field)/(product_id)/values + +========== ====== ============================================================= +name type description +========== ====== ============================================================= +field string The name of the field you want information about. + This should be the same as the name you would use in + :ref:`rest_create_bug`, below. +product_id int If you're picking a product-specific field, you have to + specify the ID of the product you want the values for. +========== ====== ============================================================= + +**Resppnse** + +.. code-block:: js + + { + "values": [ + "P1", + "P2", + "P3", + "P4", + "P5" + ] + } + +========== ====== ============================================================= +name type description +========== ====== ============================================================= +values array The legal values for this field. The values will be sorted + as they normally would be in Bugzilla. +========== ====== ============================================================= diff --git a/docs/en/rst/api/core/v1/flagtype.rst b/docs/en/rst/api/core/v1/flagtype.rst new file mode 100644 index 000000000..994ac27c8 --- /dev/null +++ b/docs/en/rst/api/core/v1/flagtype.rst @@ -0,0 +1,373 @@ +Flag Types +========== + +This part of the Bugzilla API allows you to get and create bug and attachment +flags. + +.. _rest_flagtype_get: + +Get Flag Type +------------- + +Get information about valid flag types that can be set for bugs and attachments. + +**Request** + +To get information about all flag types for a product: + +.. code-block:: text + + GET /rest/flag_type/(product) + +To get information about flag_types for a product and component: + +.. code-block:: text + + GET /rest/flag_type/(product)/(component) + +.. code-block:: js + + { + "bug": [ + { + "is_multiplicable": false, + "is_requesteeble": false, + "values": [ + "X", + "?", + "+", + "-" + ], + "id": 11, + "type": "bug", + "is_active": true, + "description": "Blocks the next release", + "name": "blocker" + }, + { + "is_requesteeble": false, + "is_multiplicable": false, + "is_active": true, + "description": "Regression found?", + "name": "regression", + "id": 10, + "type": "bug", + "values": [ + "X", + "?", + "+", + "-" + ] + }, + ], + "attachment": [ + { + "is_requesteeble": true, + "is_multiplicable": true, + "name": "review", + "is_active": true, + "description": "Review the patch for correctness and applicability to the problem.", + "type": "attachment", + "id": 1, + "values": [ + "X", + "?", + "+", + "-" + ] + }, + { + "name": "approval", + "description": "Approve the patch for check-in to the tree.", + "is_active": true, + "values": [ + "X", + "?", + "+", + "-" + ], + "type": "attachment", + "id": 3, + "is_multiplicable": false, + "is_requesteeble": false + } + ] + } + +You must pass a product name and an optional component name. If the product or +component names contains a ``/`` character, up will need to url encode it. + +=========== ====== ============================================================ +name type description +=========== ====== ============================================================ +**product** string The name of a valid product. +component string An optional valid component name associated with the + product. +=========== ====== ============================================================ + +**Response** + +An object containing two items, ``bug`` and ``attachment``. Each value is an +array of objects, containing the following items: + +================ ======= ====================================================== +name type description +================ ======= ====================================================== +id int An integer ID uniquely identifying this flag type. +name string The name for the flag type. +type string The target of the flag type which is either ``bug`` + or ``attachment``. +description string The description of the flag type. +values array String values that the user can set on the flag type. +is_requesteeble boolean Users can ask specific other users to set flags of + this type. +is_multiplicable boolean Multiple flags of this type can be set for the same + bug or attachment. +================ ======= ====================================================== + +Create Flag Type +---------------- + +Create a new flag type. You must be authenticated and be in the *editcomponents* +group to perform this action. + +**Request** + +.. code-block:: text + + POST /rest/flag_type + +.. code-block:: js + + { + "name" : "feedback", + "description" : "This attachment needs feedback", + "inclusions" : [ "WorldControl "], + "target_type" : "attachment" + } + +Some params must be set, or an error will be thrown. The required params are +marked in **bold**. + +=========================== ======= =========================================== +name type description +=========================== ======= =========================================== +**name** string The name of the new flag type. +**description** string A description for the flag type. +target_type string The new flag is either for a ``bug`` or an + ``attachment``. +inclusions array An array of strings or an object containing + product names, and optionally component + names. If you provide a string, the flag + type will be shown on all bugs in that + product. If you provide an object, the key + represents the product name, and the value + is the components of the product to be + included. +exclusions array An array of strings or an object containing + product names. This uses the same format as + ``inclusions``. This will exclude the flag + from all products and components specified. +sortkey int A number between 1 and 32767 by which this + type will be sorted when displayed to users + in a list; ignore if you don't care what + order the types appear in or if you want + them to appear in alphabetical order. +is_active boolean Flag of this type appear in the UI and can + be set. Default is ``true``. +is_requestable boolean Users can ask for flags of this type to be + set. Default is ``true``. +cc_list array If the flag type is requestable, who should + receive e-mail notification of requests. + This is an array of e-mail addresses which\ + do not need to be Bugzilla logins. +is_specifically_requestable boolean Users can ask specific other users to + set flags of this type as opposed to just + asking the wind. Default is ``true``. +is_multiplicable boolean Multiple flags of this type can be set on + the same bug. Default is ``true``. +grant_group string The group allowed to grant/deny flags of + this type (to allow all users to grant/deny + these flags, select no group). Default is + no group. +request_group string If flags of this type are requestable, the + group allowed to request them (to allow all + users to request these flags, select no + group). Note that the request group alone + has no effect if the grant group is not + defined! Default is no group. +=========================== ======= =========================================== + +An example for ``inclusions`` and/or ``exclusions``: + +.. code-block:: js + + [ + "FooProduct" + ] + + { + "BarProduct" : [ "C1", "C3" ], + "BazProduct" : [ "C7" ] + } + +This flag will be added to **all** components of ``FooProduct``, components C1 +and C3 of ``BarProduct``, and C7 of ``BazProduct``. + +**Response** + +.. code-block:: js + + { + "id": 13 + } + +======= ==== ============================================== +name type description +======= ==== ============================================== +flag_id int ID of the new FlagType object is returned. +======= ==== ============================================== + +.. _rest_flagtype_update: + +Update Flag Type +---------------- + +This allows you to update a flag type in Bugzilla. You must be authenticated +and be in the *editcomponents* group to perform this action. + +**Request** + +.. code-block:: text + + PUT /rest/flag_type/(id_or_name) + +.. code-block:: js + + { + "ids" : [13], + "name" : "feedback-new", + "is_requestable" : false + } + +You can edit a single flag type by passing the ID or name of the flag type +in the URL. To edit more than one flag type, you can specify addition IDs or +flag type names using the ``ids`` or ``names`` parameters respectively. + +One of the below must be specified. + +============== ===== ========================================================== +name type description +============== ===== ========================================================== +**id_or_name** mixed Integer flag type ID or name. +**ids** array Numeric IDs of the flag types that you wish to update. +**names** array Names of the flag types that you wish to update. If many + flag types have the same name, this will change **all** + of them. +============== ===== ========================================================== + +The following parameters specify the new values you want to set for the flag +types you are updating. + +=========================== ======= =========================================== +name type description +=========================== ======= =========================================== +name string A short name identifying this type. +description string A comprehensive description of this type. +inclusions array An array of strings or an object containing + product names, and optionally component + names. If you provide a string, the flag + type will be shown on all bugs in that + product. If you provide an object, the key + represents the product name, and the value + is the components of the product to be + included. +exclusions array An array of strings or an object containing + product names. This uses the same format as + ``inclusions``. This will exclude the flag + from all products and components specified. +sortkey int A number between 1 and 32767 by which this + type will be sorted when displayed to users + in a list; ignore if you don't care what + order the types appear in or if you want + them to appear in alphabetical order. +is_active boolean Flag of this type appear in the UI and can + be set. +is_requestable boolean Users can ask for flags of this type to be + set. +cc_list array If the flag type is requestable, who should + receive e-mail notification of requests. + This is an array of e-mail addresses + which do not need to be Bugzilla logins. +is_specifically_requestable boolean Users can ask specific other users to set + flags of this type as opposed to just + asking the wind. +is_multiplicable boolean Multiple flags of this type can be set on + the same bug. +grant_group string The group allowed to grant/deny flags of + this type (to allow all users to grant/deny + these flags, select no group). +request_group string If flags of this type are requestable, the + group allowed to request them (to allow all + users to request these flags, select no + group). Note that the request group alone + has no effect if the grant group is not + defined! +=========================== ======= =========================================== + +An example for ``inclusions`` and/or ``exclusions``: + +.. code-block:: js + + [ + "FooProduct", + ] + + { + "BarProduct" : [ "C1", "C3" ], + "BazProduct" : [ "C7" ] + } + +This flag will be added to **all** components of ``FooProduct``, +components C1 and C3 of ``BarProduct``, and C7 of ``BazProduct``. + +**Response** + +.. code-block:: js + + { + "flagtypes": [ + { + "name": "feedback-new", + "changes": { + "is_requestable": { + "added": "0", + "removed": "1" + }, + "name": { + "removed": "feedback", + "added": "feedback-new" + } + }, + "id": 13 + } + ] + } + +``flagtypes`` (array) Flag change objects containing the following items: + +======= ====== ================================================================ +name type description +======= ====== ================================================================ +id int The ID of the flag type that was updated. +name string The name of the flag type that was updated. +changes object The changes that were actually done on this flag type. + The keys are the names of the fields that were changed, and the + values are an object with two items: + + * added: (string) The value that this field was changed to. + * removed: (string) The value that was previously set in this + field. +======= ====== ================================================================ + +Booleans changes will be represented with the strings '1' and '0'. diff --git a/docs/en/rst/api/core/v1/general.rst b/docs/en/rst/api/core/v1/general.rst new file mode 100644 index 000000000..06ef5b2fb --- /dev/null +++ b/docs/en/rst/api/core/v1/general.rst @@ -0,0 +1,255 @@ +General +======= + +This is the standard REST API for external programs that want to interact +with Bugzilla. It provides a REST interface to various Bugzilla functions. + +Basic Information +----------------- + +**Browsing** + +If the ``Accept`` header of a request is set to ``text/html`` (as it is by an +ordinary web browser) then the API will return the JSON data as a HTML +page which the browser can display. In other words, you can play with the +API using just your browser to see results in a human-readable form. +This is a good way to try out the various GET calls, even if you can't use +it for POST or PUT. + +**Data Format** + +The REST API only supports JSON input, and either JSON or JSONP output. +So objects sent and received must be in JSON format. + +On every request, you must set both the ``Accept`` and ``Content-Type`` HTTP +headers to the MIME type of the data format you are using to communicate with +the API. ``Content-Type`` tells the API how to interpret your request, and +``Accept`` tells it how you want your data back. ``Content-Type`` must be +``application/json``. ``Accept`` can be either that, or +``application/javascript`` for JSONP. In the latter`case, add a ``callback`` +parameter to name your callback. + +Parameters may also be passed in as part of the query string for non-GET +requests and will override any matching parameters in the request body. + +Example request which returns the current version of Bugzilla: + +.. code-block:: http + + GET /rest/version HTTP/1.1 + Host: bugzilla.example.com + Accept: application/json + +Example response: + +.. code-block:: http + + HTTP/1.1 200 OK + Vary: Accept + Content-Type: application/json + + { + "version" : "4.2.9+" + } + +**Errors** + +When an error occurs over REST, an object is returned with the key ``error`` +set to ``true``. + +The error contents look similar to: + +.. code-block:: js + + { + "error": true, + "message": "Some message here", + "code": 123 + } + +Common Data Types +----------------- + +The Bugzilla API uses the following various types of parameters: + +======== ====================================================================== + type description +======== ====================================================================== +int Integer. +double A floating-point number. +string A string. +email A string representing an email address. This value, when returned, + may be filtered based on if the user is logged in or not. +date A specific date. Example format: ``YYYY-MM-DD``. +datetime A date/time. Timezone should be in UTC unless otherwise noted. + Example format: ``YYYY-MM-DDTHH24:MI:SSZ``. +boolean ``true`` or ``false``. +base64 A base64-encoded string. This is the only way to transfer + binary data via the API. +array An array. There may be mixed types in an array. ``[`` and ``]`` are + used to represent the beginning and end of arrays. +object A mapping of keys to values. Called a "hash", "dict", or "map" in + some other programming languages. The keys are strings, and the + values can be any type. ``{`` and ``}`` are used to represent the + beginning and end of objects. +======== ====================================================================== + +Parameters that are required will be displayed in **bold** in the parameters +table for each API method. + +Authentication +-------------- + +Some methods do not require you to log in. An example of this is +:ref:`rest_single_bug`. However, authenticating yourself allows you to see +non-public information, for example, a bug that is not publicly visible. + +There are two ways to authenticate yourself: + +**API Keys** + +You can specify ``Bugzilla_api_key`` or simply ``api_key`` as an argument to +any call, and you will be logged in as that user if the key is correct and has +not been revoked. You can set up an API key by using the 'API Key' tab in the +Preferences pages. + +**Login and Password** + +You can specify ``Bugzilla_login`` and ``Bugzilla_password`` or simply +``login`` and ``password`` respectively, as arguments to any call, and you will +be logged in as that user if your credentials are correct. + +====================== ======= ============================================== +name type description +====================== ======= ============================================== +**Bugzilla_login** string A user's login name. +**Bugzilla_password** string That user's password. +Bugzilla_restrictlogin boolean If true, then your login will only be + valid for your IP address. +====================== ======= ============================================== + +The ``Bugzilla_restrictlogin`` option is only used when you have also +specified ``Bugzilla_login`` and ``Bugzilla_password``. + +There is also a deprecated method of authentication described below that will be +removed in the version after Bugzilla 5.0. + +**Bugzilla Tokens** + +You can use :ref:`rest_user_login` to log in as a Bugzilla user. This issues a +token that you must then use in future calls. Just use the value for ``token`` +and pass as either ``Bugzilla_token`` or simply ``token`` as arguments to an +API call. + +================== ====== =================================================== +name type description +================== ====== =================================================== +**Bugzilla_token** string You can specify this as argument to any call, + and you will be logged in as that user if the + token is correct. This is the token returned + when calling :ref:`rest_user_login` mentioned + above. +================== ====== =================================================== + +An error is thrown if you pass an invalid token; you will need to log in again +to get a new token. + +Also starting with Bugzilla 5.0, login cookies are no longer returned by +:ref:`rest_user_login` due to security concerns. + +Useful Parameters +----------------- + +Many calls take common arguments. These are documented below and linked from +the individual calls where these parameters are used. + +**Including Fields** + +Many calls return an array of objects with various fields in the objects. (For +example, :ref:`rest_single_bug` returns a list of ``bugs`` that have fields like +``id``, ``summary``, ``creation_time``, etc.) + +These parameters allow you to limit what fields are present in the objects, to +improve performance or save some bandwidth. + +``include_fields``: The (case-sensitive) names of fields in the response data. +Only the fields specified in the object will be returned, the rest will not be +included. Fields should be comma delimited. + +Invalid field names are ignored. + +Example request to :ref:`rest_user_get`: + +.. code-block:: text + + GET /rest/user/1?include_fields=id,name + +would return something like: + +.. code-block:: js + + { + "users" : [ + { + "id" : 1, + "name" : "user@domain.com" + } + ] + } + +**Excluding Fields** + +``exclude_fields``: The (case-sensitive) names of fields in the return value. The\ +fields specified will not be included in the returned hashes. Fields should +be comma delimited. + +Invalid field names are ignored. + +Specifying fields here overrides ``include_fields``, so if you specify a +field in both, it will be excluded, not included. + +Example request to :ref:`rest_user_get`: + +.. code-block:: js + + GET /rest/user/1?exclude_fields=name + +would return something like: + +.. code-block:: js + + { + "users" : [ + { + "id" : 1, + "real_name" : "John Smith" + } + ] + } + +Some calls support specifying "subfields". If a call states that it supports +"subfield" restrictions, you can restrict what information is returned within +the first field. For example, if you call :ref:`rest_product_get` with an +``include_fields`` of ``components.name``, then only the component name would be +returned (and nothing else). You can include the main field, and exclude a +subfield. + +There are several shortcut identifiers to ask for only certain groups of +fields to be returned or excluded: + +========= ===================================================================== +value description +========= ===================================================================== +_all All possible fields are returned if this is specified in + ``include_fields``. +_default Default fields are returned if ``include_fields`` is empty or + this is specified. This is useful if you want the default + fields in addition to a field that is not normally returned. +_extra Extra fields are not returned by default and need to be manually + specified in ``include_fields`` either by exact field name, or adding + ``_extra``. + _custom Custom fields are normally returned by default unless this is added + to ``exclude_fields``. Also you can use it in ``include_fields`` if + for example you want specific field names plus all custom fields. + Custom fields are normally only relevant to bug objects. +========= ===================================================================== diff --git a/docs/en/rst/api/core/v1/group.rst b/docs/en/rst/api/core/v1/group.rst new file mode 100644 index 000000000..e2c595240 --- /dev/null +++ b/docs/en/rst/api/core/v1/group.rst @@ -0,0 +1,278 @@ +Groups +====== + +The API for creating, changing, and getting information about groups. + +.. _rest_group_create: + +Create Group +------------ + +This allows you to create a new group in Bugzilla. You must be authenticated and +be in the *creategroups* group to perform this action. + +**Request** + +.. code-block:: text + + POST /rest/group + +.. code-block:: js + + { + "name" : "secret-group", + "description" : "Too secret for you!", + "is_active" : true + } + +Some params must be set, or an error will be thrown. The required params are +marked in **bold**. + +=============== ======= ======================================================= +name type description +=============== ======= ======================================================= +**name** string A short name for this group. Must be unique. This + is not usually displayed in the user interface, except + in a few places. +**description** string A human-readable name for this group. Should be + relatively short. This is what will normally appear in + the UI as the name of the group. +user_regexp string A regular expression. Any user whose Bugzilla username + matches this regular expression will automatically be + granted membership in this group. +is_active boolean ``true`` if new group can be used for bugs, ``false`` + if this is a group that will only contain users and no + bugs will be restricted to it. +icon_url string A URL pointing to a small icon used to identify the + group. This icon will show up next to users' names in + various parts of Bugzilla if they are in this group. +=============== ======= ======================================================= + +**Response** + +.. code-block:: js + + { + "id": 22 + } + +==== ==== ============================== +name type description +==== ==== ============================== +id int ID of the newly-created group. +==== ==== ============================== + +.. _rest_group_update: + +Update Group +------------ + +This allows you to update a group in Bugzilla. You must be authenticated and be +in the *creategroups* group to perform this action. + +**Request** + +To update a group using the group ID or name: + +.. code-block:: text + + PUT /rest/group/(id_or_name) + +.. code-block:: js + + { + "name" : "secret-group", + "description" : "Too secret for you! (updated description)", + "is_active" : false + } + +You can edit a single group by passing the ID or name of the group +in the URL. To edit more than one group, you can specify addition IDs or +group names using the ``ids`` or ``names`` parameters respectively. + +One of the below must be specified. + +============== ===== ========================================================== +name type description +============== ===== ========================================================== +**id_or_name** mixed Integer group or name. +**ids** array IDs of groups to update. +**names** array Names of groups to update. +============== ===== ========================================================== + +The following parameters specify the new values you want to set for the group(s) +you are updating. + +=========== ======= =========================================================== +name type description +=========== ======= =========================================================== +name string A new name for the groups. If you try to set this while + updating more than one group, an error will occur, as + group names must be unique. +description string A new description for the groups. This is what will appear + in the UI as the name of the groups. +user_regexp string A new regular expression for email. Will automatically + grant membership to these groups to anyone with an email + address that matches this perl regular expression. +is_active boolean Set if groups are active and eligible to be used for bugs. + ``true`` if bugs can be restricted to this group, ``false`` + otherwise. +icon_url string A URL pointing to an icon that will appear next to the name + of users who are in this group. +=========== ======= =========================================================== + +**Response** + +.. code-block:: js + + { + "groups": [ + { + "changes": { + "description": { + "added": "Too secret for you! (updated description)", + "removed": "Too secret for you!" + }, + "is_active": { + "removed": "1", + "added": "0" + } + }, + "id": "22" + } + ] + } + +``groups`` (array) Group change objects, each containing the following items: + +======= ====== ================================================================ +name type description +======= ====== ================================================================ +id int The ID of the group that was updated. +changes object The changes that were actually done on this group. The + keys are the names of the fields that were changed, and the + values are an object with two items: + + * added: (string) The values that were added to this field, + possibly a comma-and-space-separated list if multiple values + were added. + * removed: (string) The values that were removed from this + field, possibly a comma-and-space-separated list if multiple + values were removed. +======= ====== ================================================================ + +.. _rest_group_get: + +Get Group +--------- + +Returns information about Bugzilla groups. + +**Request** + +To return information about a specific group ID or name: + +.. code-block:: text + + GET /rest/group/(id_or_name) + +You can also return information about more than one specific group by using the +following in your query string: + +.. code-block:: text + + GET /rest/group?ids=1&ids=2&ids=3 + GET /group?names=ProductOne&names=Product2 + +If neither IDs nor names are passed, and you are in the creategroups or +editusers group, then all groups will be retrieved. Otherwise, only groups +that you have bless privileges for will be returned. + +========== ======= ============================================================ +name type description +========== ======= ============================================================ +id_or_name mixed Integer group ID or name. +ids array Integer IDs of groups. +names array Names of groups. +membership boolean Set to 1 then a list of members of the passed groups names + and IDs will be returned. +========== ======= ============================================================ + +**Response** + +.. code-block:: js + + { + "groups": [ + { + "membership": [ + { + "real_name": "Bugzilla User", + "can_login": true, + "name": "user@bugzilla.org", + "login_denied_text": "", + "id": 85, + "email_enabled": false, + "email": "user@bugzilla.org" + }, + ], + "is_active": true, + "description": "Test Group", + "user_regexp": "", + "is_bug_group": true, + "name": "TestGroup", + "id": 9 + } + ] + } + +If the user is a member of the *creategroups* group they will receive +information about all groups or groups matching the criteria that they passed. +You have to be in the creategroups group unless you're requesting membership +information. + +If the user is not a member of the *creategroups* group, but they are in the +"editusers" group or have bless privileges to the groups they require +membership information for, the is_active, is_bug_group and user_regexp values +are not supplied. + +The return value will be an object containing group names as the keys; each +value will be an object that describes the group and has the following items: + +============ ====== =========================================================== +name type description +============ ====== =========================================================== +id int The unique integer ID that Bugzilla uses to identify this + group. Even if the name of the group changes, this ID will + stay the same. +name string The name of the group. +description string The description of the group. +is_bug_group int Whether this group is to be used for bug reports or is + only administrative specific. +user_regexp string A regular expression that allows users to be added to + this group if their login matches. +is_active int Whether this group is currently active or not. +users array User objects that are members of this group; only + returned if the user sets the ``membership`` parameter to + 1. Each user object has the items describe in the User + object below. +============ ====== =========================================================== + +User object: + +============= ======= ========================================================= +name type description +============= ======= ========================================================= +id int The ID of the user. +real_name string The actual name of the user. +email string The email address of the user. +name string The login name of the user. Note that in some situations + this is different than their email. +can_login boolean A boolean value to indicate if the user can login into + bugzilla. +email_enabled boolean A boolean value to indicate if bug-related mail will + be sent to the user or not. +disabled_text string A text field that holds the reason for disabling a user + from logging into Bugzilla. If empty, then the user + account is enabled; otherwise it is disabled/closed. +============= ======= ========================================================= diff --git a/docs/en/rst/api/core/v1/index.rst b/docs/en/rst/api/core/v1/index.rst new file mode 100644 index 000000000..933aeed96 --- /dev/null +++ b/docs/en/rst/api/core/v1/index.rst @@ -0,0 +1,18 @@ +Core API v1 +=========== + +.. toctree:: + + general + attachment + bug + bug-user-last-visit + bugzilla + classification + comment + component + field + flagtype + group + product + user diff --git a/docs/en/rst/api/core/v1/product.rst b/docs/en/rst/api/core/v1/product.rst new file mode 100644 index 000000000..95726a3a8 --- /dev/null +++ b/docs/en/rst/api/core/v1/product.rst @@ -0,0 +1,416 @@ +Products +======== + +This part of the Bugzilla API allows you to list the available products and +get information about them. + +.. _rest_product_list: + +List Products +------------- + +Returns a list of the IDs of the products the user can search on. + +**Request** + +To get a list of product IDs a user can select such as for querying bugs: + +.. code-block:: text + + GET /rest/product_selectable + +To get a list of product IDs a user can enter a bug against: + +.. code-block:: text + + GET /rest/product_enterable + +To get a list of product IDs a user can search or enter bugs against. + +.. code-block:: text + + GET /rest/product_accessible + +**Response** + +.. code-block:: js + + { + "ids": [ + "2", + "3", + "19", + "1", + "4" + ] + } + +==== ===== ====================================== +name type description +==== ===== ====================================== +ids array List of integer product IDs. +==== ===== ====================================== + +.. _rest_product_get: + +Get Product +----------- + +Returns a list of information about the products passed to it. + +**Request** + +To return information about a specific type of products such as +``accessible``, ``selectable``, or ``enterable``: + +.. code-block:: text + + GET /rest/product?type=accessible + +To return information about a specific product by ``id`` or ``name``: + +.. code-block:: text + + GET /rest/product/(id_or_name) + +You can also return information about more than one product by using the +following parameters in your query string: + +.. code-block:: text + + GET /rest/product?ids=1&ids=2&ids=3 + GET /rest/product?names=ProductOne&names=Product2 + +========== ====== ============================================================= +name type description +========== ====== ============================================================= +id_or_name mixed Integer product ID or product name. +ids array Product IDs +names array Product names +type string The group of products to return. Valid values are + ``accessible`` (default), ``selectable``, and ``enterable``. + ``type`` can be a single value or an array of values if more + than one group is needed with duplicates removed. +========== ====== ============================================================= + +**Response** + +.. code-block:: js + + { + "products": [ + { + "id": 1, + "default_milestone": "---", + "components": [ + { + "is_active": true, + "default_assigned_to": "admin@bugzilla.org", + "id": 1, + "sort_key": 0, + "name": "TestComponent", + "flag_types": { + "bug": [ + { + "is_active": true, + "grant_group": null, + "cc_list": "", + "is_requestable": true, + "id": 3, + "is_multiplicable": true, + "name": "needinfo", + "request_group": null, + "is_requesteeble": true, + "sort_key": 0, + "description": "needinfo" + } + ], + "attachment": [ + { + "description": "Review", + "is_multiplicable": true, + "name": "review", + "is_requesteeble": true, + "request_group": null, + "sort_key": 0, + "cc_list": "", + "grant_group": null, + "is_requestable": true, + "id": 2, + "is_active": true + } + ] + }, + "default_qa_contact": "", + "description": "This is a test component." + } + ], + "is_active": true, + "classification": "Unclassified", + "versions": [ + { + "id": 1, + "name": "unspecified", + "is_active": true, + "sort_key": 0 + } + ], + "description": "This is a test product.", + "has_unconfirmed": true, + "milestones": [ + { + "name": "---", + "is_active": true, + "sort_key": 0, + "id": 1 + } + ], + "name": "TestProduct" + } + ] + } + +``products`` (array) Each product object has the following items: + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +id int An integer ID uniquely identifying the product in + this installation only. +name string The name of the product. This is a unique identifier + for the product. +description string A description of the product, which may contain HTML. +is_active boolean A boolean indicating if the product is active. +default_milestone string The name of the default milestone for the product. +has_unconfirmed boolean Indicates whether the UNCONFIRMED bug status is + available for this product. +classification string The classification name for the product. +components array Each component object has the items described in the + Component object below. +versions array Each object describes a version, and has the + following items: ``name``, ``sort_key`` and + ``is_active``. +milestones array Each object describes a milestone, and has the + following items: ``name``, ``sort_key`` and + ``is_active``. +================= ======= ===================================================== + +If the user tries to access a product that is not in the list of accessible +products for the user, or a product that does not exist, that is silently +ignored, and no information about that product is returned. + +Component object: + +=================== ======= =================================================== +name type description +=================== ======= =================================================== +id int An integer ID uniquely identifying the component in + this installation only. +name string The name of the component. This is a unique + identifier for this component. +description string A description of the component, which may contain + HTML. +default_assigned_to string The login name of the user to whom new bugs + will be assigned by default. +default_qa_contact string The login name of the user who will be set as + the QA Contact for new bugs by default. Empty + string if the QA contact is not defined. +sort_key int Components, when displayed in a list, are sorted + first by this integer and then secondly by their + name. +is_active boolean A boolean indicating if the component is active. + Inactive components are not enabled for new bugs. +flag_types object An object containing two items ``bug`` and + ``attachment`` that each contains an array of + objects, where each describes a flagtype. The + flagtype items are described in the Flagtype + object below. +=================== ======= =================================================== + +Flagtype object: + +================ ======= ====================================================== +name type description +================ ======= ====================================================== +id int Returns the ID of the flagtype. +name string Returns the name of the flagtype. +description string Returns the description of the flagtype. +cc_list string Returns the concatenated CC list for the flagtype, as + a single string. +sort_key int Returns the sortkey of the flagtype. +is_active boolean Returns whether the flagtype is active or disabled. + Flags being in a disabled flagtype are not deleted. + It only prevents you from adding new flags to it. +is_requestable boolean Returns whether you can request for the given + flagtype (i.e. whether the '?' flag is available or + not). +is_requesteeble boolean Returns whether you can ask someone specifically + or not. +is_multiplicable boolean Returns whether you can have more than one + flag for the given flagtype in a given bug/attachment. +grant_group int the group ID that is allowed to grant/deny flags of + this type. If the item is not included all users are + allowed to grant/deny this flagtype. +request_group int The group ID that is allowed to request the flag if + the flag is of the type requestable. If the item is + not included all users are allowed request this + flagtype. +================ ======= ====================================================== + +.. _rest_product_create: + +Create Product +-------------- + +This allows you to create a new product in Bugzilla. + +**Request** + +.. code-block:: text + + POST /rest/product + +.. code-block:: js + + { + "name" : "AnotherProduct", + "description" : "Another Product", + "classification" : "Unclassified", + "is_open" : false, + "has_unconfirmed" : false, + "version" : "unspecified" + } + +Some params must be set, or an error will be thrown. The required params are +marked in bold. + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +**name** string The name of this product. Must be globally unique + within Bugzilla. +**description** string A description for this product. Allows some simple + HTML. +**version** string The default version for this product. +has_unconfirmed boolean Allow the UNCONFIRMED status to be set on bugs in + this product. Default: true. +classification string The name of the Classification which contains this + product. +default_milestone string The default milestone for this product. Default + '---'. +is_open boolean ``true`` if the product is currently allowing bugs + to be entered into it. Default: ``true``. +create_series boolean ``true`` if you want series for New Charts to be + created for this new product. Default: ``true``. +================= ======= ===================================================== + +**Response** + +.. code-block:: js + + { + "id": 20 + } + +Returns an object with the following items: + +==== ==== ===================================== +name type description +==== ==== ===================================== +id int ID of the newly-filed product. +==== ==== ===================================== + +.. _rest_product_update: + +Update Product +-------------- + +This allows you to update a product in Bugzilla. + +**Request** + +.. code-block:: text + + PUT /rest/product/(id_or_name) + +You can edit a single product by passing the ID or name of the product +in the URL. To edit more than one product, you can specify addition IDs or +product names using the ``ids`` or ``names`` parameters respectively. + +.. code-block:: js + + { + "ids" : [123], + "name" : "BarName", + "has_unconfirmed" : false + } + +One of the below must be specified. + +============== ===== ========================================================== +name type description +============== ===== ========================================================== +**id_or_name** mixed Integer product ID or name. +**ids** array Numeric IDs of the products that you wish to update. +**names** array Names of the products that you wish to update. +============== ===== ========================================================== + +The following parameters specify the new values you want to set for the product(s) +you are updating. + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +name string A new name for this product. If you try to set this + while updating more than one product, an error will + occur, as product names must be unique. +default_milestone string When a new bug is filed, what milestone does it + get by default if the user does not choose one? Must + represent a milestone that is valid for this product. +description string Update the long description for these products to + this value. +has_unconfirmed boolean Allow the UNCONFIRMED status to be set on bugs in + products. +is_open boolean ``true`` if the product is currently allowing bugs + to be entered into it, ``false`` otherwise. +================= ======= ===================================================== + +**Response** + +.. code-block:: js + + { + "products" : [ + { + "id" : 123, + "changes" : { + "name" : { + "removed" : "FooName", + "added" : "BarName" + }, + "has_unconfirmed" : { + "removed" : "1", + "added" : "0" + } + } + } + ] + } + +``products`` (array) Product change objects containing the following items: + +======= ====== ================================================================ +name type description +======= ====== ================================================================ +id int The ID of the product that was updated. +changes object The changes that were actually done on this product. The + keys are the names of the fields that were changed, and the + values are an object with two items: + + * added: (string) The value that this field was changed to. + * removed: (string) The value that was previously set in this + field. +======= ====== ================================================================ + +Booleans will be represented with the strings '1' and '0' for changed values +as they are stored as strings in the database currently. diff --git a/docs/en/rst/api/core/v1/user.rst b/docs/en/rst/api/core/v1/user.rst new file mode 100644 index 000000000..e27211a7f --- /dev/null +++ b/docs/en/rst/api/core/v1/user.rst @@ -0,0 +1,380 @@ +Users +===== + +This part of the Bugzilla API allows you to create user accounts, get information +about user accounts and to log in or out using an existing account. + +.. _rest_user_login: + +Login +----- + +Logging in with a username and password is required for many Bugzilla +installations, in order to search for private bugs, post new bugs, etc. This +method allows you to retrieve a token that can be used as authentication for +subsequent API calls. Otherwise yuou will need to pass your ``login`` and +``password`` with each call. + +This method will be going away in the future in favor of using *API keys*. + +**Request** + +.. code-block:: text + + GET /rest/login?login=foo@example.com&password=toosecrettoshow + +============== ======= ======================================================== +name type description +============== ======= ======================================================== +**login** string The user's login name. +**password** string The user's password. +restrict_login boolean If set to a true value, the token returned by this + method will only be valid from the IP address which + called this method. +============== ======= ======================================================== + +**Response** + +.. code-block:: js + + { + "token": "786-OLaWfBisMY", + "id": 786 + } + +======== ====== =============================================================== +name type description +======== ====== =============================================================== +id int Numeric ID of the user that was logged in. +token string Token which can be passed in the parameters as + authentication in other calls. The token can be sent along + with any future requests to the webservice, for the duration + of the session, i.e. til :ref:`rest_user_logout` is called. +======== ====== =============================================================== + +.. _rest_user_logout: + +Logout +------ + +Log out the user. Basically it invalidates the token provided so it cannot be +re-used. Does nothing if the token is not in use. Will also clear any existing +authentication cookies the client may still have stored. + +**Request** + +.. code-block:: text + + GET /rest/logout?token=1234-VWvO51X69r + +===== ====== =================================================== +name type description +===== ====== =================================================== +token string The user's token used for authentication. +===== ====== =================================================== + +.. _rest_user_valid_login: + +Valid Login +----------- + +This method will verify whether a client's cookies or current login token is +still valid or have expired. A valid username that matches must be provided as +well. + +**Request** + +.. code-block:: text + + GET /rest/valid_login?login=foo@example.com&token=1234-VWvO51X69r + +========= ======= ============================================================= +name type description +========= ======= ============================================================= +**login** string The login name that matches the provided cookies or token. +token string Persistent login token currently being used for + authentication. +========= ======= ============================================================= + +**Response** + +Returns true/false depending on if the current token is valid for the provided +username. + +.. _rest_user_create: + +Create User +----------- + +Creates a user account directly in Bugzilla, password and all. Instead of this, +you should use **Offer Account by Email** when possible because that makes sure +that the email address specified can actually receive an email. This function +does not check that. You must be authenticated and be in the *editusers* group +to perform this action. + +**Request** + +.. code-block:: text + + POST /rest/user + +.. code-block:: js + + { + "email" : "user@bugzilla.org", + "full_name" : "Test User", + "password" : "K16ldRr922I1" + } + +========== ====== ============================================================= +name type description +========== ====== ============================================================= +**email** string The email address for the new user. +full_name string The user's full name. Will be set to empty if not specified. +password string The password for the new user account, in plain text. It + will be stripped of leading and trailing whitespace. If + blank or not specified, the new created account will + exist in Bugzilla but will not be allowed to log in + using DB authentication until a password is set either + by the user (through resetting their password) or by the + administrator. +========== ====== ============================================================= + +**Response** + +.. code-block:: js + + { + "id": 58707 + } + +==== ==== ============================================ +name type desciption +==== ==== ============================================ +id int The numeric ID of the user that was created. +==== ==== ============================================ + +.. _rest_user_update: + +Update User +----------- + +Updates an existing user account in Bugzilla. You must be authenticated and be +in the *editusers* group to perform this action. + +**Request** + +.. code-block:: text + + PUT /rest/user/(id_or_name) + +You can edit a single user by passing the ID or login name of the user +in the URL. To edit more than one user, you can specify addition IDs or +login names using the ``ids`` or ``names`` parameters respectively. + +================= ======= ===================================================== + name type description +================= ======= ===================================================== +**id_or_name** mixed Either the ID or the login name of the user to + update. +**ids** array Additional IDs of users to update. +**names** array Additional login names of users to update. +full_name string The new name of the user. +email string The email of the user. Note that email used to + login to bugzilla. Also note that you can only + update one user at a time when changing the login + name / email. (An error will be thrown if you try to + update this field for multiple users at once.) +password string The password of the user. +email_enabled boolean A boolean value to enable/disable sending + bug-related mail to the user. +login_denied_text string A text field that holds the reason for disabling a + user from logging into Bugzilla. If empty, then the + user account is enabled; otherwise it is + disabled/closed. +groups object These specify the groups that this user is directly + a member of. To set these, you should pass an object + as the value. The object's items are described in + the Groups update objects below. +bless_groups object This is the same as groups but affects what groups + a user has direct membership to bless that group. + It takes the same inputs as groups. +================= ======= ===================================================== + +Groups and bless groups update object: + +====== ===== ================================================================== +name type description +====== ===== ================================================================== +add array The group IDs or group names that the user should be added to. +remove array The group IDs or group names that the user should be removed from. +set array Integers or strings which are an exact set of group IDs and group + names that the user should be a member of. This does not remove + groups from the user when the person making the change does not + have the bless privilege for the group. +====== ===== ================================================================== + +If you specify ``set``, then ``add`` and ``remove`` will be ignored. A group in +both the ``add`` and ``remove`` list will be added. Specifying a group that the +user making the change does not have bless rights will generate an error. + +**Response** + +* users: (array) List of user change objects with the following items: + +======= ====== ================================================================ +name type description +======= ====== ================================================================ +id int The ID of the user that was updated. +changes object The changes that were actually done on this user. The keys + are the names of the fields that were changed, and the values + are an object with two items: + + * added: (string) The values that were added to this field, + possibly a comma-and-space-separated list if multiple values + were added. + * removed: (string) The values that were removed from this + field, possibly a comma-and-space-separated list if multiple + values were removed. +======= ====== ================================================================ + +.. _rest_user_get: + +Get User +-------- + +Gets information about user accounts in Bugzilla. + +**Request** + +To get information about a single user in Bugzilla: + +.. code-block:: text + + GET /rest/user/(id_or_name) + +To get multiple users by name or ID: + +.. code-block:: text + + GET /rest/user?names=foo@bar.com&name=test@bugzilla.org + GET /rest/user?ids=123&ids=321 + +To get user matching a search string: + +.. code-block:: text + + GET /rest/user?match=foo + +To get user by using an integer ID value or by using ``match``, you must be +authenticated. + +================ ======= ====================================================== +name type description +================ ======= ====================================================== +id_or_name mixed An integer user ID or login name of the user. +ids array Integer user IDs. Logged=out users cannot pass + this parameter to this function. If they try, + they will get an error. Logged=in users will get + an error if they specify the ID of a user they + cannot see. +names array Login names. +match array This works just like "user matching" in Bugzilla + itself. Users will be returned whose real name + or login name contains any one of the specified + strings. Users that you cannot see will not be + included in the returned list. + + Most installations have a limit on how many + matches are returned for each string; the default + is 1000 but can be changed by the Bugzilla + administrator. + + Logged-out users cannot use this argument, and + an error will be thrown if they try. (This is to + make it harder for spammers to harvest email + addresses from Bugzilla, and also to enforce the + user visibility restrictions that are + implemented on some Bugzillas.) +limit int Limit the number of users matched by the + ``match`` parameter. If the value is greater than the + system limit, the system limit will be used. + This parameter is only valid when using the ``match`` + parameter. +group_ids array Numeric IDs for groups that a user can be in. +groups array Names of groups that a user can be in. If + ``group_ids`` or ``groups`` are specified, they + limit the return value to users who are in *any* + of the groups specified. +include_disabled boolean By default, when using the ``match`` parameter, + disabled users are excluded from the returned + results unless their full username is identical + to the match string. Setting ``include_disabled`` to + ``true`` will include disabled users in the returned + results even if their username doesn't fully match + the input string. +================ ======= ====================================================== + +**Response** + +* users: (array) Each object describes a user and has the following items: + +================= ======= ===================================================== +name type description +================= ======= ===================================================== +id int The unique integer ID that Bugzilla uses to represent + this user. Even if the user's login name changes, + this will not change. +real_name string The actual name of the user. May be blank. +email string The email address of the user. +name string The login name of the user. Note that in some + situations this is different than their email. +can_login boolean A boolean value to indicate if the user can login + into bugzilla. +email_enabled boolean A boolean value to indicate if bug-related mail will + be sent to the user or not. +login_denied_text string A text field that holds the reason for disabling a + user from logging into Bugzilla. If empty then the + user account is enabled; otherwise it is + disabled/closed. +groups array Groups the user is a member of. If the currently + logged in user is querying their own account or is a + member of the 'editusers' group, the array will + contain all the groups that the user is a member of. + Otherwise, the array will only contain groups that + the logged in user can bless. Each object describes + the group and contains the items described in the + Group object below. +saved_searches array User's saved searches, each having the following + Search object items described below. +saved_reports array User's saved reports, each having the following + Search object items described below. +================= ======= ===================================================== + +Group object: + +=========== ====== ============================================================ +name type description +=========== ====== ============================================================ +id int The group ID +name string The name of the group +description string The description for the group +=========== ====== ============================================================ + +Search object: + +===== ====== ================================================================== +name type description +===== ====== ================================================================== +id int An integer ID uniquely identifying the saved report. +name string The name of the saved report. +query string The CGI parameters for the saved report. +===== ====== ================================================================== + +If you are not authenticated when you call this function, you will only be +returned the ``id``, ``name``, and ``real_name`` items. If you are authenticated +and not in 'editusers' group, you will only be returned the ``id``, ``name``, +``real_name``, ``email``, ``can_login``, and ``groups`` items. The groups +returned are filtered based on your permission to bless each group. The +``saved_searches`` and ``saved_reports`` items are only returned if you are +querying your own account, even if you are in the editusers group. diff --git a/docs/en/rst/api/index.rst b/docs/en/rst/api/index.rst new file mode 100644 index 000000000..45055eba1 --- /dev/null +++ b/docs/en/rst/api/index.rst @@ -0,0 +1,13 @@ +.. _apis: + +WebService API Reference +======================== + +This Bugzilla installation has the following WebService APIs available +(as of the last time you compiled the documentation): + +.. toctree:: + :glob: + + core/v*/index + ../extensions/*/api/v*/index diff --git a/docs/en/rst/conf.py b/docs/en/rst/conf.py new file mode 100644 index 000000000..dde678707 --- /dev/null +++ b/docs/en/rst/conf.py @@ -0,0 +1,375 @@ +# -*- coding: utf-8 -*- +# +# Bugzilla documentation build configuration file, created by +# sphinx-quickstart on Tue Sep 3 16:11:00 2013. +# +# This file is execfile()d with the current directory set to its containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys, os, re + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +#sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ----------------------------------------------------- + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be extensions +# coming with Sphinx (named 'sphinx.ext.*') or your custom ones. +extensions = ['sphinx.ext.todo', 'sphinx.ext.extlinks'] + +if tags.has('enable_rst2pdf'): + extensions.append('rst2pdf.pdfbuilder') + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +#source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'BMO' +copyright = u'2015, The BMO Team' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = '4.2' +# The full version, including alpha/beta/rc tags. +release = '' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +#language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +#today = '' +# Else, today_fmt is used as the format for a strftime call. +#today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ['**.inc.rst'] + +# The reST default role (used for this markup: `text`) to use for all documents. +#default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +#add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +#add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +#show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +#modindex_common_prefix = [] + +rst_prolog = """ +.. role:: param + :class: param + +.. role:: paramval + :class: paramval + +.. role:: group + :class: group + +.. role:: field + :class: field + +.. |min-perl-ver| replace:: 5.10.1 +""" + +rst_epilog = """ + +---------- + +This documentation undoubtedly has bugs; if you find some, please file +them `here <https://bugzilla.mozilla.org/enter_bug.cgi?product=bugzilla.mozilla.org&component=Documentation>`_. +""" + +# -- Options for HTML output --------------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +#html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +#html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# "<project> v<release> documentation". +#html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +#html_short_title = None + +html_style = "bugzilla.css" + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +html_logo = "" + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +html_favicon = '../../../images/favicon.ico' + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +#html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# Switched off because it converted --long-option to –long-option +html_use_smartypants = False + +# Custom sidebar templates, maps document names to template names. +#html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +#html_additional_pages = {} + +# If false, no module index is generated. +#html_domain_indices = True + +# If false, no index is generated. +html_use_index = False + +# If true, the index is split into individual pages for each letter. +#html_split_index = False + +# If true, links to the reST sources are added to the pages. +html_show_sourcelink = False + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +#html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +html_show_copyright = False + +# If true, an OpenSearch description file will be output, and all pages will +# contain a <link> tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +#html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +#html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'Bugzilladoc' + +# -- Options for LaTeX output -------------------------------------------------- + +latex_elements = { +# The paper size ('letterpaper' or 'a4paper'). +#'papersize': 'letterpaper', + +# The font size ('10pt', '11pt' or '12pt'). +#'pointsize': '10pt', + +# Additional stuff for the LaTeX preamble. +#'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, author, documentclass [howto/manual]). +latex_documents = [ + ('index', 'BMO.tex', u'BMO Documentation', + u'The BMO Team', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +#latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +#latex_use_parts = False + +# If true, show page references after internal links. +#latex_show_pagerefs = False + +# If true, show URL addresses after external links. +#latex_show_urls = False + +# Documents to append as an appendix to all manuals. +#latex_appendices = [] + +# If false, no module index is generated. +#latex_domain_indices = True + + +# -- Options for manual page output -------------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'bugzilla', u'BMO Documentation', + [u'The BMO Team'], 1) +] + +# If true, show URL addresses after external links. +#man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------------ + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'BMO', u'BMO Documentation', + u'The BMO Team', 'BMO', 'One line description of project.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +#texinfo_appendices = [] + +# If false, no module index is generated. +#texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +#texinfo_show_urls = 'footnote' + +# -- Options for PDF output -------------------------------------------------- + +# Grouping the document tree into PDF files. List of tuples +# (source start file, target name, title, author, options). +# +# If there is more than one author, separate them with \\. +# For example: r'Guido van Rossum\\Fred L. Drake, Jr., editor' +# +# The options element is a dictionary that lets you override +# this config per-document. +# For example, +# ('index', u'MyProject', u'My Project', u'Author Name', +# dict(pdf_compressed = True)) +# would mean that specific document would be compressed +# regardless of the global pdf_compressed setting. + +pdf_documents = [ +('index', u'BMO', u'BMO Documentation', u'The BMO Team'), +] + +# A comma-separated list of custom stylesheets. Example: +pdf_stylesheets = ['sphinx','kerning','a4'] + +# A list of folders to search for stylesheets. Example: +pdf_style_path = ['.', '_styles'] + +# Create a compressed PDF +# Use True/False or 1/0 +# Example: compressed=True +pdf_compressed = True + +# A colon-separated list of folders to search for fonts. Example: +# pdf_font_path = ['/usr/share/fonts', '/usr/share/texmf-dist/fonts/'] + +# Language to be used for hyphenation support +#pdf_language = "en_US" + +# Mode for literal blocks wider than the frame. Can be +# overflow, shrink or truncate +pdf_fit_mode = "shrink" + +# Section level that forces a break page. +# For example: 1 means top-level sections start in a new page +# 0 means disabled +pdf_break_level = 2 + +# When a section starts in a new page, force it to be 'even', 'odd', +# or just use 'any' +#pdf_breakside = 'any' + +# Insert footnotes where they are defined instead of +# at the end. +#pdf_inline_footnotes = True + +# verbosity level. 0 1 or 2 +pdf_verbosity = 0 + +# If false, no index is generated. +pdf_use_index = False + +# If false, no modindex is generated. +pdf_use_modindex = False + +# If false, no coverpage is generated. +#pdf_use_coverpage = True + +# Name of the cover page template to use +#pdf_cover_template = 'sphinxcover.tmpl' + +# Documents to append as an appendix to all manuals. +#pdf_appendices = [] + +# Enable experimental feature to split table cells. Use it +# if you get "DelayedTable too big" errors +#pdf_splittables = False + +# Set the default DPI for images +#pdf_default_dpi = 72 + +# Enable rst2pdf extension modules (default is only vectorpdf) +# you need vectorpdf if you want to use sphinx's graphviz support +pdf_extensions = ['vectorpdf', 'dotted_toc'] + +# Page template name for "regular" pages +#pdf_page_template = 'cutePage' + +# Show Table Of Contents at the beginning? +pdf_use_toc = True + +# How many levels deep should the table of contents be? +pdf_toc_depth = 5 + +# Add section number to section references +pdf_use_numbered_links = True + +# Background images fitting mode +pdf_fit_background_mode = 'scale' + +# -- Options for Sphinx extensions ------------------------------------------- + +# Temporary highlighting of TODO items +todo_include_todos = False + +extlinks = {'bug': ('https://bugzilla.mozilla.org/show_bug.cgi?id=%s', 'bug ')} diff --git a/docs/en/rst/index.rst b/docs/en/rst/index.rst new file mode 100644 index 000000000..73f2487b6 --- /dev/null +++ b/docs/en/rst/index.rst @@ -0,0 +1,13 @@ +======================================== +BMO Documentation (bugzilla.mozilla.org) +======================================== + +.. toctree:: + :maxdepth: 1 + :numbered: 4 + + about/index + using/index + administering/index + integrating/index + api/index diff --git a/docs/en/rst/integrating/apis.rst b/docs/en/rst/integrating/apis.rst new file mode 100644 index 000000000..6067c12df --- /dev/null +++ b/docs/en/rst/integrating/apis.rst @@ -0,0 +1,72 @@ +.. _api-list: + +APIs +#### + +Bugzilla has a number of APIs that you can call in your code to extract +information from and put information into Bugzilla. Some are deprecated and +will soon be removed. Which one to use? Short answer: the +:ref:`REST WebService API v1 <apis>` +should be used for all new integrations, but keep an eye out for version 2, +coming soon. + +The APIs currently available are as follows: + +Ad-Hoc APIs +=========== + +Various pages on Bugzilla are available in machine-parseable formats as well +as HTML. For example, bugs can be downloaded as XML, and buglists as CSV. +CSV is useful for spreadsheet import. There should be links on the HTML page +to alternate data formats where they are available. + +XML-RPC +======= + +Bugzilla has an `XML-RPC API +<http://www.bugzilla.org/docs/tip/en/html/api/Bugzilla/WebService/Server/XMLRPC.html>`_. +This will receive no further updates and will be removed in a future version +of Bugzilla. + +Endpoint: :file:`/xmlrpc.cgi` + +JSON-RPC +======== + +Bugzilla has a `JSON-RPC API +<http://www.bugzilla.org/docs/tip/en/html/api/Bugzilla/WebService/Server/JSONRPC.html>`_. +This will receive no further updates and will be removed in a future version +of Bugzilla. + +Endpoint: :file:`/jsonrpc.cgi` + +REST +==== + +Bugzilla has a :ref:`REST API <apis>` which is the currently-recommended API +for integrating with Bugzilla. The current REST API is version 1. It is stable, +and so will not be changed in a backwardly-incompatible way. + +**This is the currently-recommended API for new development.** + +Endpoint: :file:`/rest` + +BzAPI/BzAPI-Compatible REST +=========================== + +The first ever REST API for Bugzilla was implemented using an external proxy +called `BzAPI <https://wiki.mozilla.org/Bugzilla:BzAPI>`_. This became popular +enough that a BzAPI-compatible shim on top of the (native) REST API has been +written, to allow code which used the BzAPI API to take advantage of the +speed improvements of direct integration without needing to be rewritten. +The shim is an extension which you would need to install in your Bugzilla. + +Neither BzAPI nor this BzAPI-compatible API shim will receive any further +updates, and they should not be used for new code. + +REST v2 +======= + +The future of Bugzilla's APIs is version 2 of the REST API, which will take +the best of the current REST API and the BzAPI API. It is still under +development. diff --git a/docs/en/rst/integrating/extensions.rst b/docs/en/rst/integrating/extensions.rst new file mode 100644 index 000000000..18c5341d3 --- /dev/null +++ b/docs/en/rst/integrating/extensions.rst @@ -0,0 +1,199 @@ +.. _extensions: + +Extensions +########## + +One of the best ways to customize Bugzilla is by using a Bugzilla +Extension. Extensions can modify both the code and UI of Bugzilla in a way +that can be distributed to other Bugzilla users and ported forward to future +versions of Bugzilla with minimal effort. We maintain a +`list of available extensions <https://wiki.mozilla.org/Bugzilla:Addons>`_ +written by other people on our wiki. You would need to +make sure that the extension in question works with your version of Bugzilla. + +Or, you can write your own extension. See the `Bugzilla Extension +documentation <http://www.bugzilla.org/docs/tip/en/html/api/Bugzilla/Extension.html>`_ +for the core documentation on how to do that. It would make sense to read +the section on :ref:`templates`. There is also a sample extension in +:file:`$BUGZILLA_HOME/extensions/Example/` which gives examples of how to +use all the code hooks. + +This section explains how to achieve some common tasks using the Extension APIs. + +Adding A New Page to Bugzilla +============================= + +There are occasions where it's useful to add a new page to Bugzilla which +has little or no relation to other pages, and perhaps doesn't use very much +Bugzilla data. A help page, or a custom report for example. The best mechanism +for this is to use :file:`page.cgi` and the ``page_before_template`` hook. + +Altering Data On An Existing Page +================================= + +The ``template_before_process`` hook can be used to tweak the data displayed +on a particular existing page, if you know what template is used. It has +access to all the template variables before they are passed to the templating +engine. + +Adding New Fields To Bugs +========================= + +To add new fields to a bug, you need to do the following: + +* Add an ``install_update_db`` hook to add the fields by calling + ``Bugzilla::Field->create`` (only if the field doesn't already exist). + Here's what it might look like for a single field: + + .. code-block:: perl + + my $field = new Bugzilla::Field({ name => $name }); + return if $field; + + $field = Bugzilla::Field->create({ + name => $name, + description => $description, + type => $type, # From list in Constants.pm + enter_bug => 0, + buglist => 0, + custom => 1, + }); + +* Push the name of the field onto the relevant arrays in the ``bug_columns`` + and ``bug_fields`` hooks. + +* If you want direct accessors, or other functions on the object, you need to + add a BEGIN block to your Extension.pm: + + .. code-block:: perl + + BEGIN { + *Bugzilla::Bug::is_foopy = \&_bug_is_foopy; + } + + ... + + sub _bug_is_foopy { + return $_[0]->{'is_foopy'}; + } + +* You don't have to change ``Bugzilla/DB/Schema.pm``. + +* You can use ``bug_end_of_create``, ``bug_end_of_create_validators``, and + ``bug_end_of_update`` to create or update the values for your new field. + +Adding New Fields To Other Things +================================= + +If you are adding the new fields to an object other than a bug, you need to +go a bit lower-level. With reference to the instructions above: + +* In ``install_update_db``, use ``bz_add_column`` instead + +* Push on the columns in ``object_columns`` and ``object_update_columns`` + instead of ``bug_columns``. + +* Add validators for the values in ``object_validators`` + +The process for adding accessor functions is the same. + +You can use the hooks ``object_end_of_create``, +``object_end_of_create_validators``, ``object_end_of_set_all``, and +``object_end_of_update`` to create or update the values for the new object +fields you have added. In the hooks you can check the object type being +operated on and skip any objects you don't care about. For example, if you +added a new field to the ``products`` table: + +.. code-block:: perl + + sub object_end_of_create { + my ($self, $args) = @_; + my $class = $args->{'class'}; + my $object = $args->{'object'}; + if ($class->isa('Bugzilla::Product') { + [...] + } + } + +You will need to do this filtering for most of the hooks whose names begin with +``object_``. + +Adding Admin Configuration Panels +================================= + +If you add new functionality to Bugzilla, it may well have configurable +options or parameters. The way to allow an administrator to set those +is to add a new configuration panel. + +As well as using the ``config_add_panels`` hook, you will need a template to +define the UI strings for the panel. See the templates in +:file:`template/en/default/admin/params` for examples, and put your own +template in :file:`template/en/default/admin/params` in your extension's +directory. + +You can access param values from Templates using:: + + [% Param('param_name') %] + +and from code using: + +.. code-block:: perl + + Bugzilla->params->{'param_name'} + +Adding User Preferences +======================= + +To add a new user preference: + +* Call ``add_setting('setting_name', ['some_option', 'another_option'], + 'some_option')`` in the ``install_before_final_checks`` hook. (The last + parameter is the name of the option which should be the default.) + +* Add descriptions for the identifiers for your setting and choices + (setting_name, some_option etc.) to the hash defined in + :file:`global/setting-descs.none.tmpl`. Do this in a template hook: + :file:`hook/global/setting-descs-settings.none.tmpl`. Your code can see the + hash variable; just set more members in it. + +* To change behaviour based on the setting, reference it in templates using + ``[% user.settings.setting_name.value %]``. Reference it in code using + ``$user->settings->{'setting_name'}->{'value'}``. The value will be one of + the option tag names (e.g. some_option). + +.. _who-can-change-what: + +Altering Who Can Change What +============================ + +Companies often have rules about which employees, or classes of employees, +are allowed to change certain things in the bug system. For example, +only the bug's designated QA Contact may be allowed to VERIFY the bug. +Bugzilla has been +designed to make it easy for you to write your own custom rules to define +who is allowed to make what sorts of value transition. + +By default, assignees, QA owners and users +with *editbugs* privileges can edit all fields of bugs, +except group restrictions (unless they are members of the groups they +are trying to change). Bug reporters also have the ability to edit some +fields, but in a more restrictive manner. Other users, without +*editbugs* privileges, cannot edit +bugs, except to comment and add themselves to the CC list. + +Because this kind of change is such a common request, we have added a +specific hook for it that :ref:`extensions` can call. It's called +``bug_check_can_change_field``, and it's documented `in the Hooks +documentation <http://www.bugzilla.org/docs/tip/en/html/api/Bugzilla/Hook.html#bug_check_can_change_field>`_. + +Checking Syntax +=============== + +It's not immediately obvious how to check the syntax of your extension's +Perl modules, if it contains any. Running :command:`checksetup.pl` might do +some of it, but the errors aren't necessarily massively informative. + +:command:`perl -Mlib=lib -MBugzilla -e 'BEGIN { Bugzilla->extensions; } use Bugzilla::Extension::ExtensionName::Class;'` + +(run from ``$BUGZILLA_HOME``) is what you need. + diff --git a/docs/en/rst/integrating/faq.rst b/docs/en/rst/integrating/faq.rst new file mode 100644 index 000000000..19f8b59ff --- /dev/null +++ b/docs/en/rst/integrating/faq.rst @@ -0,0 +1,27 @@ + +.. _customization-faq: + +Customization FAQ +================= + +How do I... + +...add a new field on a bug? + Use :ref:`custom-fields` or, if you just want new form fields on bug entry + but don't need Bugzilla to track the field seperately thereafter, you can + use a :ref:`custom bug entry form <custom-bug-entry>`. + +...change the name of a built-in bug field? + :ref:`Edit <templates>` the relevant value in the template + :file:`template/en/default/global/field-descs.none.tmpl`. + +...use a word other than 'bug' to describe bugs? + :ref:`Edit or override <templates>` the appropriate values in the template + :file:`template/en/default/global/variables.none.tmpl`. + +...call the system something other than 'Bugzilla'? + :ref:`Edit or override <templates>` the appropriate value in the template + :file:`template/en/default/global/variables.none.tmpl`. + +...alter who can change what field when? + See :ref:`who-can-change-what`. diff --git a/docs/en/rst/integrating/index.rst b/docs/en/rst/integrating/index.rst new file mode 100644 index 000000000..816ffe8e5 --- /dev/null +++ b/docs/en/rst/integrating/index.rst @@ -0,0 +1,22 @@ +.. highlight:: perl + +.. _integrating: + +=================================== +Integration and Customization Guide +=================================== + +You may find that Bugzilla already does what you want it to do, you just +need to configure it correctly. Read the :ref:`administering` sections +carefully to see if that's the case for you. If not, then this chapter +explains how to use the available mechanisms for integration and customization. + +.. toctree:: + :maxdepth: 2 + + faq + languages + skins + templates + extensions + apis diff --git a/docs/en/rst/integrating/languages.rst b/docs/en/rst/integrating/languages.rst new file mode 100644 index 000000000..01586d3fe --- /dev/null +++ b/docs/en/rst/integrating/languages.rst @@ -0,0 +1,19 @@ +Languages +========= + +Bugzilla's templates can be localized, although it's a `big job +<https://wiki.mozilla.org/Bugzilla:L10n:Guide>`_. If you have +a localized set of templates for your version of Bugzilla, Bugzilla can +support multiple languages at once. In that case, Bugzilla honours the user's +``Accept-Language`` HTTP header when deciding which language to serve. If +multiple languages are installed, a menu will display in the header allowing +the user to manually select a different language. If they do this, their +choice will override the ``Accept-Language`` header. + +Many language templates can be obtained from +`the localization section of the Bugzilla website +<http://www.bugzilla.org/download.html#localizations>`_. Instructions +for submitting new languages are also available from that location. There's +also a `list of localization teams +<https://wiki.mozilla.org/Bugzilla:L10n:Localization_Teams>`_; you might +want to contact someone to ask about the status of their localization. diff --git a/docs/en/rst/integrating/skins.rst b/docs/en/rst/integrating/skins.rst new file mode 100644 index 000000000..2cd08b4c0 --- /dev/null +++ b/docs/en/rst/integrating/skins.rst @@ -0,0 +1,27 @@ +.. _skins: + +Skins +===== + +Bugzilla supports skins - ways of changing the look of the UI without altering +its underlying structure. It ships with two - "Classic" and "Dusk". You can +find some more listed +`on the wiki <https://wiki.mozilla.org/Bugzilla:Addons#Skins>`_, and there +are a couple more which are part of +`bugzilla.mozilla.org <http://git.mozilla.org/?p=webtools/bmo/bugzilla.git>`_. +However, in each +case you may need to check that the skin supports the version of Bugzilla +you have. + +To create a new custom skin, make a directory that contains all the same CSS +file names as :file:`skins/standard/`, and put your directory in +:file:`skins/contrib/`. Then, add your CSS to the appropriate files. + +After you put the directory there, make sure to run :file:`checksetup.pl` so +that it can set the file permissions correctly. + +After you have installed the new skin, it will show up as an option in the +user's :guilabel:`Preferences`, on the :guilabel:`General` tab. If you would +like to force a particular skin on all users, just select that skin in the +:guilabel:`Default Preferences` in the :guilabel:`Administration` UI, and +then uncheck "Enabled" on the preference, so users cannot change it. diff --git a/docs/en/rst/integrating/templates.rst b/docs/en/rst/integrating/templates.rst new file mode 100644 index 000000000..f30b4a848 --- /dev/null +++ b/docs/en/rst/integrating/templates.rst @@ -0,0 +1,289 @@ +.. _templates: + +Templates +######### + +Bugzilla uses a system of templates to define its user interface. The standard +templates can be modified, replaced or overridden. You can also use template +hooks in an :ref:`extension <extensions>` to add or modify the +behaviour of templates using a stable interface. + +.. _template-directory: + +Template Directory Structure +============================ + +The template directory structure starts with top level directory +named :file:`template`, which contains a directory +for each installed localization. Bugzilla comes with English +templates, so the directory name is :file:`en`, +and we will discuss :file:`template/en` throughout +the documentation. Below :file:`template/en` is the +:file:`default` directory, which contains all the +standard templates shipped with Bugzilla. + +.. warning:: A directory :file:`data/template` also exists; + this is where Template Toolkit puts the compiled versions (i.e. Perl code) + of the templates. *Do not* directly edit the files in this + directory, or all your changes will be lost the next time + Template Toolkit recompiles the templates. + +.. _template-method: + +Choosing a Customization Method +=============================== + +If you want to edit Bugzilla's templates, the first decision +you must make is how you want to go about doing so. There are three +choices, and which you use depends mainly on the scope of your +modifications, and the method you plan to use to upgrade Bugzilla. + +#. You can directly edit the templates found in :file:`template/en/default`. + +#. You can copy the templates to be modified into a mirrored directory + structure under :file:`template/en/custom`. Templates in this + directory structure automatically override any identically-named + and identically-located templates in the + :file:`template/en/default` directory. (The :file:`custom` directory does + not exist by default and must be created if you want to use it.) + +#. You can use the hooks built into many of the templates to add or modify + the UI from an :ref:`extension <extensions>`. Hooks generally don't go away + and have a stable interface. + +The third method is the best if there are hooks in the appropriate places +and the change you want to do is possible using hooks. It's not very easy +to modify existing UI using hooks; they are most commonly used for additions. +You can make modifications if you add JS code which then makes the +modifications when the page is loaded. You can remove UI by adding CSS to hide +it. + +Unlike code hooks, there is no requirement to document template hooks, so +you just have to open up the template and see (search for ``Hook.process``). + +If there are no hooks available, then the second method of customization +should be used if you are going to make major changes, because it is +guaranteed that the contents of the :file:`custom` directory will not be +touched during an upgrade, and you can then decide whether +to revert to the standard templates, continue using yours, or make the effort +to merge your changes into the new versions by hand. It's also good for +entirely new files, and for a few files like +:file:`bug/create/user-message.html.tmpl` which are designed to be entirely +replaced. + +Using the second method, your user interface may break if incompatible +changes are made to the template interface. Templates do change regularly +and so interface changes are not individually documented, and you would +need to work out what had changed and adapt your template accordingly. + +For minor changes, the convenience of the first method is hard to beat. When +you upgrade Bugzilla, :command:`git` will merge your changes into the new +version for you. On the downside, if the merge fails then Bugzilla will not +work properly until you have fixed the problem and re-integrated your code. + +Also, you can see what you've changed using :command:`git diff`, which you +can't if you fork the file into the :file:`custom` directory. + +.. _template-edit: + +How To Edit Templates +===================== + +.. note:: If you are making template changes that you intend on submitting + back for inclusion in standard Bugzilla, you should read the relevant + sections of the + `Developers' Guide <http://www.bugzilla.org/docs/developer.html>`_. + +Bugzilla uses a templating system called Template Toolkit. The syntax of the +language is beyond the scope of this guide. It's reasonably easy to pick up by +looking at the current templates; or, you can read the manual, available on +the `Template Toolkit home page <http://www.template-toolkit.org>`_. + +One thing you should take particular care about is the need +to properly HTML filter data that has been passed into the template. +This means that if the data can possibly contain special HTML characters +such as ``<``, and the data was not intended to be HTML, they need to be +converted to entity form, i.e. ``<``. You use the ``html`` filter in the +Template Toolkit to do this (or the ``uri`` filter to encode special +characters in URLs). If you forget, you may open up your installation +to cross-site scripting attacks. + + +You should run :command:`./checksetup.pl` after editing any templates. Failure +to do so may mean either that your changes are not picked up, or that the +permissions on the edited files are wrong so the webserver can't read them. + +.. _template-formats: + +Template Formats and Types +========================== + +Some CGI's have the ability to use more than one template. For example, +:file:`buglist.cgi` can output itself as two formats of HTML (complex and +simple). Each of these is a separate template. The mechanism that provides +this feature is extensible - you can create new templates to add new formats. + +You might use this feature to e.g. add a custom bug entry form for a +particular subset of users or a particular type of bug. + +Bugzilla can also support different types of output - e.g. bugs are available +as HTML and as XML, and this mechanism is extensible also to add new content +types. However, instead of using such interfaces or enhancing Bugzilla to add +more, you would be better off using the :ref:`apis` to integrate with +Bugzilla. + +To see if a CGI supports multiple output formats and types, grep the +CGI for ``get_format``. If it's not present, adding +multiple format/type support isn't too hard - see how it's done in +other CGIs, e.g. :file:`config.cgi`. + +To make a new format template for a CGI which supports this, +open a current template for +that CGI and take note of the INTERFACE comment (if present.) This +comment defines what variables are passed into this template. If +there isn't one, I'm afraid you'll have to read the template and +the code to find out what information you get. + +Write your template in whatever markup or text style is appropriate. + +You now need to decide what content type you want your template +served as. The content types are defined in the +:file:`Bugzilla/Constants.pm` file in the :file:`contenttypes` +constant. If your content type is not there, add it. Remember +the three- or four-letter tag assigned to your content type. +This tag will be part of the template filename. + +Save your new template as +:file:`<stubname>-<formatname>.<contenttypetag>.tmpl`. +Try out the template by calling the CGI as +``<cginame>.cgi?format=<formatname>``. Add ``&ctype=<type>`` if the type is +not HTML. + +.. _template-specific: + +Particular Templates +==================== + +There are a few templates you may be particularly interested in +customizing for your installation. + +:file:`index.html.tmpl`: + This is the Bugzilla front page. + +:file:`global/header.html.tmpl`: + This defines the header that goes on all Bugzilla pages. + The header includes the banner, which is what appears to users + and is probably what you want to edit instead. However the + header also includes the HTML HEAD section, so you could for + example add a stylesheet or META tag by editing the header. + +:file:`global/banner.html.tmpl`: + This contains the ``banner``, the part of the header that appears + at the top of all Bugzilla pages. The default banner is reasonably + barren, so you'll probably want to customize this to give your + installation a distinctive look and feel. It is recommended you + preserve the Bugzilla version number in some form so the version + you are running can be determined, and users know what docs to read. + +:file:`global/footer.html.tmpl`: + This defines the footer that goes on all Bugzilla pages. Editing + this is another way to quickly get a distinctive look and feel for + your Bugzilla installation. + +:file:`global/variables.none.tmpl`: + This allows you to change the word 'bug' to something else (e.g. "issue") + throughout the interface, and also to change the name Bugzilla to something + else (e.g. "FooCorp Bug Tracker"). + +:file:`list/table.html.tmpl`: + This template controls the appearance of the bug lists created + by Bugzilla. Editing this template allows per-column control of + the width and title of a column, the maximum display length of + each entry, and the wrap behaviour of long entries. + For long bug lists, Bugzilla inserts a 'break' every 100 bugs by + default; this behaviour is also controlled by this template, and + that value can be modified here. + +:file:`bug/create/user-message.html.tmpl`: + This is a message that appears near the top of the bug reporting page. + By modifying this, you can tell your users how they should report + bugs. + +:file:`bug/process/midair.html.tmpl`: + This is the page used if two people submit simultaneous changes to the + same bug. The second person to submit their changes will get this page + to tell them what the first person did, and ask if they wish to + overwrite those changes or go back and revisit the bug. The default + title and header on this page read "Mid-air collision detected!" If + you work in the aviation industry, or other environment where this + might be found offensive (yes, we have true stories of this happening) + you'll want to change this to something more appropriate for your + environment. + +.. _custom-bug-entry: + +:file:`bug/create/create.html.tmpl` and :file:`bug/create/comment.txt.tmpl`: + You may not wish to go to the effort of creating custom fields in + Bugzilla, yet you want to make sure that each bug report contains + a number of pieces of important information for which there is not + a special field. The bug entry system has been designed in an + extensible fashion to enable you to add arbitrary HTML widgets, + such as drop-down lists or textboxes, to the bug entry page + and have their values appear formatted in the initial comment. + + An example of this is the `guided bug submission form + <http://landfill.bugzilla.org/bugzilla-tip/enter_bug.cgi?product=WorldControl;format=guided>`_. + The code for this comes with the Bugzilla distribution as an example for + you to copy. It can be found in the files + :file:`create-guided.html.tmpl` and :file:`comment-guided.html.tmpl`. + + A hidden field that indicates the format should be added inside + the form in order to make the template functional. Its value should + be the suffix of the template filename. For example, if the file + is called :file:`create-guided.html.tmpl`, then + + :: + + <input type="hidden" name="format" value="guided"> + + is used inside the form. + + So to use this feature, create a custom template for + :file:`enter_bug.cgi`. The default template, on which you + could base it, is + :file:`default/bug/create/create.html.tmpl`. + Call it :file:`custom/bug/create/create-<formatname>.html.tmpl`, and + in it, add form inputs for each piece of information you'd like + collected - such as a build number, or set of steps to reproduce. + + Then, create a template based on + :file:`default/bug/create/comment.txt.tmpl`, and call it + :file:`custom/bug/create/comment-<formatname>.txt.tmpl`. + It needs a couple of lines of boilerplate at the top like this:: + + [% USE Bugzilla %] + [% cgi = Bugzilla.cgi % + + Then, this template can reference the form fields you have created using + the syntax ``[% cgi.param("field_name") %]``. When a bug report is + submitted, the initial comment attached to the bug report will be + formatted according to the layout of this template. + + For example, if your custom enter_bug template had a field:: + + <input type="text" name="buildid" size="30"> + + and then your comment.txt.tmpl had:: + + [% USE Bugzilla %] + [% cgi = Bugzilla.cgi %] + Build Identifier: [%+ cgi.param("buildid") %] + + then something like:: + + Build Identifier: 20140303 + + would appear in the initial comment. + + This system allows you to gather structured data in bug reports without + the overhead and UI complexity of a large number of custom fields. diff --git a/docs/en/rst/style.rst b/docs/en/rst/style.rst new file mode 100644 index 000000000..aa3957b95 --- /dev/null +++ b/docs/en/rst/style.rst @@ -0,0 +1,122 @@ +:orphan: + +.. _style-guide: + +============================== +Writing Bugzilla Documentation +============================== + +The Bugzilla documentation uses +`reStructured Text (reST) <http://docutils.sourceforge.net/rst.html>`_, +as extended by our documentation compilation tool, +`Sphinx <http://sphinx-doc.org/>`_. This document is a reST document for +demonstration purposes. To learn from it, you need to read it in reST form. + +When you build the docs, this document gets built (at least in +the HTML version) as a standalone file, although it isn't as useful in that +form because some of the directives discussed are invisible or change when +rendered. + +`The Sphinx documentation <http://sphinx-doc.org/latest/rest.html>`_ +gives a good introduction to reST and the Sphinx-specific extensions. Reading +that one immediately-linked page should be enough to get started. Later, the +`inline markup section <http://sphinx-doc.org/latest/markup/inline.html>`_ +is worth a read. + +Bugzilla's particular documentation conventions are as follows: + +Block Directives +################ + +Chapter headings use the double-equals, page title headings the #, and then +the three other levels are headings within a page. Every heading should be +preceded by an anchor, with a globally-unique name with no spaces. Now, we +demonstrate the available heading levels we haven't used yet: + +.. _uniqueanchorname: + +Third Level Heading +=================== + +Fourth Level Heading +-------------------- + +Fifth Level Heading +~~~~~~~~~~~~~~~~~~~ + +(Although try not to use headings as deep as the 5th level.) + +Make links to anchors like this: :ref:`uniqueanchorname`. It'll pick up the +following heading name automatically and use it as the link text. Don't use +standard reST internal links like `uniqueanchorname`_ - they don't work +across files. + +Comments are done like this: + +.. This is a comment. It can go on to multiple lines. Follow-on lines need to + be indented. + +Other block types: + +.. note:: This is just a note, for your information. Like all double-dot + blocks, follow-on lines need to be indented. + +.. warning:: This is a warning of a potential serious problem you should be + aware of. + +.. todo:: This is some documentation-related task that still needs doing. + +Use both of the above block types sparingly. Consider putting the information +in the main text, omitting it, or (if long) placing it in a subsidiary file. + +Code gets highlighted using Pygments. Choose the highlighter at the top of +each file using: + +.. highlight:: console + +You can change the highlighter for a particular block by introducing it like +this: + +.. code-block:: perl + + # This is some Perl code + print "Hello"; + +There is a +`list of all available lexer names <http://pygments.org/docs/lexers/>`_ +available. We currently use ``console``, ``perl``, and ``sql``. ``none`` is +also a valid value. + +Use 4-space indentation, except where a different value is better so that +things line up. So normally two spaces for bulleted lists, and 3 spaces +for .. blocks. + +Inline Directives +################# + +.. warning:: Remember that reST does not support nested inline markup. So you + can't have a substitution inside a link, or bold inside italics. + +* A filename or a path to a filename: + :file:`/path/to/{variable-bit-of-path}/filename.ext` + +* A command to type in the shell: + :command:`command --arguments` + +* A parameter name: + :param:`shutdownhtml` + +* A parameter value: + :paramval:`DB` + +* A group name: + :group:`editbugs` + +* A bug field name: + :field:`Summary` + +* Any string from the UI: + :guilabel:`Administration` + +* A specific BMO bug: + :bug:`201069` diff --git a/docs/en/rst/using/creating-an-account.rst b/docs/en/rst/using/creating-an-account.rst new file mode 100644 index 000000000..0ea42ee5d --- /dev/null +++ b/docs/en/rst/using/creating-an-account.rst @@ -0,0 +1,39 @@ +.. _creating-an-account: + +Creating an Account +################### + +If you want to use a particular installation of Bugzilla, first you need to +create an account. Ask the administrator responsible for your installation +for the URL you should use to access it. If you're test-driving Bugzilla, +you can use one of the installations on +`Landfill <http://landfill.bugzilla.org/>`_. + +The process of creating an account is similar to many other websites. + +#. On the home page, click the :guilabel:`New Account` link in the header. + Enter your email address, then click the ``Send`` + button. + + .. note:: If the :guilabel:`New Account` link is not available, this means that the + administrator of the installation has disabled self-registration. + Speak to the administrator to find out how to get an account. + +#. Within moments, you should + receive an email to the address you provided, which contains your + login name (generally the same as the email address), and a URL to + click to confirm your registration. + +#. Once you confirm your registration, Bugzilla will ask you your real name + (optional, but recommended) and ask you to choose a password. Depending + on how your Bugzilla is configured, there may be minimum complexity + requirements for the password. + +#. Now all you need to do is to click the :guilabel:`Log In` + link in the header or footer, + enter your email address and the password you just chose into the + login form, and click the :guilabel:`Log in` button. + +You are now logged in. Bugzilla uses cookies to remember you are +logged in, so, unless you have cookies disabled or your IP address changes, +you should not have to log in again during your session. diff --git a/docs/en/rst/using/editing.rst b/docs/en/rst/using/editing.rst new file mode 100644 index 000000000..c147d9d3b --- /dev/null +++ b/docs/en/rst/using/editing.rst @@ -0,0 +1,98 @@ +.. _editing: + +Editing a Bug +############# + +.. _attachments: + +Attachments +=========== + +Attachments are used to attach relevant files to bugs - patches, screenshots, +test cases, debugging aids or logs, or anything else binary or too large to +fit into a comment. + +You should use attachments, rather than comments, for large chunks of plain +text data, such as trace, debugging output files, or log files. That way, it +doesn't bloat the bug for everyone who wants to read it, and cause people to +receive large, useless mails. + +You should make sure to trim screenshots. There's no need to show the +whole screen if you are pointing out a single-pixel problem. + +Bugzilla stores and uses a Content-Type for each attachment +(e.g. text/html). To download an attachment as a different +Content-Type (e.g. application/xhtml+xml), you can override this +using a 'content_type' parameter on the URL, e.g. +:file:`&content_type=text/plain`. + +Also, you can enter the URL pointing to the attachment instead of +uploading the attachment itself. For example, this is useful if you want to +point to an external application, a website or a very large file. + +It's also possible to create an attachment by pasting text directly in a text +field; Bugzilla will convert it into an attachment. This is pretty useful +when you are copying and pasting, to avoid the extra step of saving the text +in a temporary file. + +.. _editing-flags: + +Flags +===== + +To set a flag, select either :guilabel:`+` or :guilabel:`-` from the drop-down +menu next to the name of the flag in the :guilabel:`Flags` list. The meaning +of these values are flag-specific and thus cannot be described in this +documentation, but by way of example, setting a flag named :guilabel:`review` +:guilabel:`+` may indicate that the bug/attachment has passed review, while +setting it to :guilabel:`-` may indicate that the bug/attachment has failed +review. + +To unset a flag, click its drop-down menu and select the blank value. +Note that marking an attachment as obsolete automatically cancels all +pending requests for the attachment. + +If your administrator has enabled requests for a flag, request a flag +by selecting :guilabel:`?` from the drop-down menu and then entering the +username of the user you want to set the flag in the text field next to the +menu. + +.. _time-tracking: + +Time Tracking +============= + +Users who belong to the group specified by the ``timetrackinggroup`` +parameter have access to time-related fields. Developers can see +deadlines and estimated times to fix bugs, and can provide time spent +on these bugs. Users who do not belong to this group can only see the deadline +but not edit it. Other time-related fields remain invisible to them. + +At any time, a summary of the time spent by developers on bugs is +accessible either from bug lists when clicking the ``Time Summary`` +button or from individual bugs when clicking the ``Summarize time`` +link in the time tracking table. The :file:`summarize_time.cgi` +page lets you view this information either per developer or per bug +and can be split on a month basis to have greater details on how time +is spent by developers. + +As soon as a bug is marked as RESOLVED, the remaining time expected +to fix the bug is set to zero. This lets QA people set it again for +their own usage, and it will be set to zero again when the bug is +marked as VERIFIED. + +.. _lifecycle: + +Life Cycle of a Bug +=================== + +The life cycle of a bug, also known as workflow, is customizable to match +the needs of your organization (see :ref:`workflow`). +The image below contains a graphical representation of +the default workflow using the default bug statuses. If you wish to +customize this image for your site, the +`diagram file <../../images/bzLifecycle.xml>`_ +is available in `Dia's <http://www.gnome.org/projects/dia>`_ +native XML format. + +.. image:: ../../images/bzLifecycle.png diff --git a/docs/en/rst/using/extensions.rst b/docs/en/rst/using/extensions.rst new file mode 100644 index 000000000..752b50b9a --- /dev/null +++ b/docs/en/rst/using/extensions.rst @@ -0,0 +1,18 @@ +.. _installed-extensions-user: + +Installed Extensions +==================== + +Bugzilla can be enhanced using extensions (see :ref:`extensions`). If an +extension comes with documentation in the appropriate format, and you build +your own copy of the Bugzilla documentation using :file:`makedocs.pl`, then +the documentation for your installed extensions will show up here. + +Your Bugzilla installation has the following extensions available (as of the +last time you compiled the documentation): + +.. toctree:: + :maxdepth: 1 + :glob: + + ../extensions/*/index-user diff --git a/docs/en/rst/using/filing.rst b/docs/en/rst/using/filing.rst new file mode 100644 index 000000000..788cebbd5 --- /dev/null +++ b/docs/en/rst/using/filing.rst @@ -0,0 +1,82 @@ +.. _filing: + +Filing a Bug +############ + +Reporting a New Bug +=================== + +Years of bug writing experience has been distilled for your +reading pleasure into the +`Bug Writing Guidelines <http://landfill.bugzilla.org/bugzilla-tip/page.cgi?id=bug-writing.html>`_. +While some of the advice is Mozilla-specific, the basic principles of +reporting Reproducible, Specific bugs and isolating the Product you are +using, the Version of the Product, the Component which failed, the Hardware +Platform, and Operating System you were using at the time of the failure go a +long way toward ensuring accurate, responsible fixes for the bug that bit you. + +.. note:: If you want to file a test bug to see how Bugzilla works, + you can do it on one of our test installations on + `Landfill <http://landfill.bugzilla.org/>`_. Please don't do it on anyone's + production Bugzilla installation. + +The procedure for filing a bug is as follows: + +#. Click the :guilabel:`New` link available in the header or footer + of pages, or the :guilabel:`File a Bug` link on the home page. + +#. First, you have to select the product in which you found a bug. + +#. You now see a form where you can specify the component (part of + the product which is affected by the bug you discovered; if you have + no idea, just select :guilabel:`General` if such a component exists), + the version of the program you were using, the operating system and + platform your program is running on and the severity of the bug (if the + bug you found crashes the program, it's probably a major or a critical + bug; if it's a typo somewhere, that's something pretty minor; if it's + something you would like to see implemented, then that's an enhancement). + +#. You also need to provide a short but descriptive summary of the bug you found. + "My program is crashing all the time" is a very poor summary + and doesn't help developers at all. Try something more meaningful or + your bug will probably be ignored due to a lack of precision. + In the Description, give a detailed list of steps to reproduce + the problem you encountered. Try to limit these steps to a minimum set + required to reproduce the problem. This will make the life of + developers easier, and the probability that they consider your bug in + a reasonable timeframe will be much higher. + + .. note:: Try to make sure that everything in the Summary is also in the + Description. Summaries are often updated and this will ensure your original + information is easily accessible. + +#. As you file the bug, you can also attach a document (testcase, patch, + or screenshot of the problem). + +#. Depending on the Bugzilla installation you are using and the product in + which you are filing the bug, you can also request developers to consider + your bug in different ways (such as requesting review for the patch you + just attached, requesting your bug to block the next release of the + product, and many other product-specific requests). + +#. Now is a good time to read your bug report again. Remove all misspellings; + otherwise, your bug may not be found by developers running queries for some + specific words, and so your bug would not get any attention. + Also make sure you didn't forget any important information developers + should know in order to reproduce the problem, and make sure your + description of the problem is explicit and clear enough. + When you think your bug report is ready to go, the last step is to + click the :guilabel:`Submit Bug` button to add your report into the database. + +.. _cloning-a-bug: + +Clone an Existing Bug +===================== + +Bugzilla allows you to "clone" an existing bug. The newly created bug will +inherit most settings from the old bug. This allows you to track similar +concerns that require different handling in a new bug. To use this, go to +the bug that you want to clone, then click the :guilabel:`Clone This Bug` +link on the bug page. This will take you to the :guilabel:`Enter Bug` +page that is filled with the values that the old bug has. +You can then change the values and/or text if needed. diff --git a/docs/en/rst/using/finding.rst b/docs/en/rst/using/finding.rst new file mode 100644 index 000000000..a8e18eef2 --- /dev/null +++ b/docs/en/rst/using/finding.rst @@ -0,0 +1,259 @@ +.. _finding: + +Finding Bugs +############ + +Bugzilla has a number of different search options. + +.. note:: Bugzilla queries are case-insensitive and accent-insensitive when + used with either MySQL or Oracle databases. When using Bugzilla with + PostgreSQL, however, some queries are case sensitive. This is due to + the way PostgreSQL handles case and accent sensitivity. + +.. _quicksearch: + +Quicksearch +=========== + +Quicksearch is a single-text-box query tool. You'll find it in +Bugzilla's header or footer. + +Quicksearch uses +metacharacters to indicate what is to be searched. For example, typing + + ``foo|bar`` + +into Quicksearch would search for "foo" or "bar" in the +summary and status whiteboard of a bug; adding + + ``:BazProduct`` + +would search only in that product. + +You can also use it to go directly to a bug by entering its number or its +alias. + +Simple Search +============= + +Simple Search is good for finding one particular bug. It works like internet +search engines - just enter some keywords and off you go. + +Advanced Search +=============== + +The Advanced Search page is used to produce a list of all bugs fitting +exact criteria. `You can play with it on +Landfill <http://landfill.bugzilla.org/bugzilla-tip/query.cgi?format=advanced>`_. + +Advanced Search has controls for selecting different possible +values for all of the fields in a bug, as described above. For some +fields, multiple values can be selected. In those cases, Bugzilla +returns bugs where the content of the field matches any one of the selected +values. If none is selected, then the field can take any value. + +After a search is run, you can save it as a Saved Search, which +will appear in the page footer. If you are in the group defined +by the "querysharegroup" parameter, you may share your queries +with other users; see :ref:`saved-searches` for more details. + +.. _custom-search: + +Custom Search +============= + +Highly advanced querying is done using the :guilabel:`Custom Search` feature +of the :guilabel:`Advanced Search` page. + +The search criteria here further restrict the set of results +returned by a query, over and above those defined in the fields at the top +of the page. It is thereby possible to search for bugs +based on elaborate combinations of criteria. + +The simplest custom searches have only one term. These searches +permit the selected *field* +to be compared using a +selectable *operator* to a +specified *value.* Much of this could be reproduced using the standard +fields. However, you can then combine terms using "Match ANY" or "Match ALL", +using parentheses for combining and priority, in order to construct searches +of almost arbitrary complexity. + +There are three fields in each row (known as a "term") of a custom search: + +- *Field:* + the name of the field being searched + +- *Operator:* + the comparison operator + +- *Value:* + the value to which the field is being compared + +The list of available *fields* contains all the fields defined for a bug, +including any custom fields, and then also some pseudofields like +:guilabel:`Assignee Real Name`, :guilabel:`Days Since Bug Changed`, +:guilabel:`Time Since Assignee Touched` and other things it may be useful to +search on. + +There are a wide range of *operators* available, not all of which may make +sense for a particular field. There are various string-matching operations +(including regular expressions), numerical comparisons (which also work for +dates), and also the ability to search for change information—when a field +changed, what it changed from or to, and who did it. There are special +operators for :guilabel:`is empty` and :guilabel:`is not empty`, because +Bugzilla can't tell the difference between a value field left blank on +purpose and one left blank by accident. + +You can have an arbitrary number of rows, and the dropdown box above them +defines how they relate—:guilabel:`Match ALL of the following separately`, +:guilabel:`Match ANY of the following separately`, or :guilabel:`Match ALL of +the following against the same field`. The difference between the first and +the third can be illustrated with a comment search. If you have a search:: + + Comment contains the string "Fred" + Comment contains the string "Barney" + +then under the first regime (match separately) the search would return bugs +where "Fred" appeared in one comment and "Barney" in the same or any other +comment, whereas under the second (match against the same field), both strings +would need to occur in exactly the same comment. + +.. _advanced-features: + +Advanced Features +----------------- + +If you click :guilabel:`Show Advanced Features`, then more capabilities appear. +You can negate any row with a checkbox (see below) and also group lines of the +search with parentheses to determine how different search terms relate. Within +each bracketed set, you get the choice of combining them using ALL (i.e. AND) +or ANY (i.e. OR). + +Negation +-------- + +At first glance, negation seems redundant. Rather than +searching for:: + + NOT ( summary contains the string "foo" ) + +one could search for:: + + summary does not contain the string "foo" + +However, the search:: + + CC does not contain the string "@mozilla.org" + +would find every bug where anyone on the CC list did not contain +"@mozilla.org" while:: + + NOT ( CC contains the string "@mozilla.org" ) + +would find every bug where there was nobody on the CC list who +did contain the string. Similarly, the use of negation also permits +complex expressions to be built using terms OR'd together and then +negated. Negation permits queries such as:: + + NOT ( ( product equals "Update" ) + OR + ( component equals "Documentation" ) + ) + +to find bugs that are neither +in the :guilabel:`Update` product or in the :guilabel:`Documentation` component +or:: + + NOT ( ( commenter equals "%assignee%" ) + OR + (component equals "Documentation" ) + ) + +to find non-documentation bugs on which the assignee has never commented. + +.. _pronouns: + +Pronoun Substitution +-------------------- + +Sometimes, a query needs to compare a user-related field +(such as :guilabel:`Reporter`) with a role-specific user (such as the +user running the query or the user to whom each bug is assigned). For +example, you may want to find all bugs that are assigned to the person +who reported them. + +When the :guilabel:`Custom Search` operator is either :guilabel:`equals` or +:guilabel:`notequals`, the value can be "%reporter%", "%assignee%", +"%qacontact%", or "%user%". These are known as "pronouns". The user pronoun +refers to the user who is executing the query or, in the case +of whining reports, the user who will be the recipient +of the report. The reporter, assignee, and qacontact +pronouns refer to the corresponding fields in the bug. + +This feature also lets you search by a user's group memberships. If the +operator is either :guilabel:`equals`, :guilabel:`notequals` or +:guilabel:`anyexact`, you can search for +whether a user belongs (or not) to the specified group. The group name must be +entered using "%group.foo%" syntax, where "foo" is the group name. +So if you are looking for bugs reported by any user being in the +"editbugs" group, then you can use:: + + reporter equals "%group.editbugs%" + +.. _list: + +Bug Lists +========= + +The result of a search is a list of matching bugs. + +The format of the list is configurable. For example, it can be +sorted by clicking the column headings. Other useful features can be +accessed using the links at the bottom of the list: + +Long Format: + this gives you a large page with a non-editable summary of the fields + of each bug. + +XML (icon): + get the buglist in an XML format. + +CSV (icon): + get the buglist as comma-separated values, for import into e.g. + a spreadsheet. + +Feed (icon): + get the buglist as an Atom feed. Copy this link into your + favorite feed reader. If you are using Firefox, you can also + save the list as a live bookmark by clicking the live bookmark + icon in the status bar. To limit the number of bugs in the feed, + add a limit=n parameter to the URL. + +iCalendar (icon): + Get the buglist as an iCalendar file. Each bug is represented as a + to-do item in the imported calendar. + +Change Columns: + change the bug attributes which appear in the list. + +Change Several Bugs At Once: + If your account is sufficiently empowered, and more than one bug + appears in the bug list, this link is displayed and lets you easily make + the same change to all the bugs in the list - for example, changing + their assignee. + +Send Mail to Bug Assignees: + If more than one bug appear in the bug list and there are at least + two distinct bug assignees, this links is displayed which lets you + easily send a mail to the assignees of all bugs on the list. + +Edit Search: + If you didn't get exactly the results you were looking for, you can + return to the Query page through this link and make small revisions + to the query you just made so you get more accurate results. + +Remember Search As: + You can give a search a name and remember it; a link will appear + in your page footer giving you quick access to run it again later. + diff --git a/docs/en/rst/using/index.rst b/docs/en/rst/using/index.rst new file mode 100644 index 000000000..73aa707c3 --- /dev/null +++ b/docs/en/rst/using/index.rst @@ -0,0 +1,19 @@ +.. _using: + +========== +User Guide +========== + +.. toctree:: + :maxdepth: 2 + + creating-an-account + filing + understanding + editing + finding + reports-and-charts + tips + preferences + extensions + diff --git a/docs/en/rst/using/preferences.rst b/docs/en/rst/using/preferences.rst new file mode 100644 index 000000000..d61dc4f8a --- /dev/null +++ b/docs/en/rst/using/preferences.rst @@ -0,0 +1,195 @@ +.. _user-preferences: + +User Preferences +################ + +Once logged in, you can customize various aspects of +Bugzilla via the "Preferences" link in the page footer. +The preferences are split into a number of tabs, detailed in the sections +below. + +.. _generalpreferences: + +General Preferences +=================== + +This tab allows you to change several default settings of Bugzilla. +Administrators have the power to remove preferences from this list, so you +may not see all the preferences available. + +Each preference should be self-explanatory. + +.. _emailpreferences: + +Email Preferences +================= + +This tab allows you to enable or disable email notification on +specific events. + +In general, users have almost complete control over how much (or +how little) email Bugzilla sends them. If you want to receive the +maximum amount of email possible, click the ``Enable All +Mail`` button. If you don't want to receive any email from +Bugzilla at all, click the ``Disable All Mail`` button. + +.. note:: A Bugzilla administrator can stop a user from receiving + bugmail by clicking the ``Bugmail Disabled`` checkbox + when editing the user account. This is a drastic step + best taken only for disabled accounts, as it overrides + the user's individual mail preferences. + +There are two global options -- ``Email me when someone +asks me to set a flag`` and ``Email me when someone +sets a flag I asked for``. These define how you want to +receive bugmail with regards to flags. Their use is quite +straightforward: enable the checkboxes if you want Bugzilla to +send you mail under either of the above conditions. + +If you'd like to set your bugmail to something besides +'Completely ON' and 'Completely OFF', the +``Field/recipient specific options`` table +allows you to do just that. The rows of the table +define events that can happen to a bug -- things like +attachments being added, new comments being made, the +priority changing, etc. The columns in the table define +your relationship with the bug - reporter, assignee, QA contact (if enabled) +or CC list member. + +To fine-tune your bugmail, decide the events for which you want +to receive bugmail; then decide if you want to receive it all +the time (enable the checkbox for every column) or only when +you have a certain relationship with a bug (enable the checkbox +only for those columns). For example, if you didn't want to +receive mail when someone added themselves to the CC list, you +could uncheck all the boxes in the ``CC Field Changes`` +line. As another example, if you never wanted to receive email +on bugs you reported unless the bug was resolved, you would +uncheck all boxes in the ``Reporter`` column +except for the one on the ``The bug is resolved or +verified`` row. + +.. note:: Bugzilla adds the ``X-Bugzilla-Reason`` header to + all bugmail it sends, describing the recipient's relationship + (AssignedTo, Reporter, QAContact, CC, or Voter) to the bug. + This header can be used to do further client-side filtering. + +Bugzilla has a feature called ``User Watching``. +When you enter one or more comma-delineated user accounts (usually email +addresses) into the text entry box, you will receive a copy of all the +bugmail those users are sent (security settings permitting). +This powerful functionality enables seamless transitions as developers +change projects or users go on holiday. + +Each user listed in the ``Users watching you`` field +has you listed in their ``Users to watch`` list +and can get bugmail according to your relationship to the bug and +their ``Field/recipient specific options`` setting. + +Lastly, you can define a list of bugs on which you no longer wish to receive +any email, ever. (You can also add bugs to this list individually by checking +the "Ignore Bug Mail" checkbox on the bug page for that bug.) This is useful +for ignoring bugs where you are the reporter, as that's a role it's not +possible to stop having. + +.. _saved-searches: + +Saved Searches +============== + +On this tab you can view and run any Saved Searches that you have +created, and any Saved Searches that other members of the group +defined in the :param:`querysharegroup` parameter have shared. +Saved Searches can be added to the page footer from this screen. +If somebody is sharing a Search with a group they are allowed to +:ref:`assign users to <groups>`, the sharer may opt to have +the Search show up in the footer of the group's direct members by default. + +.. _account-information: + +Account Information +=================== + +On this tab, you can change your basic account information, +including your password, email address and real name. For security +reasons, in order to change anything on this page you must type your +*current* password into the ``Password`` +field at the top of the page. +If you attempt to change your email address, a confirmation +email is sent to both the old and new addresses with a link to use to +confirm the change. This helps to prevent account hijacking. + +.. _api-keys: + +API Keys +======== + +API keys allow you to give a "token" to some external software so it can log +in to the WebService API as you without knowing your password. You can then +revoke that token if you stop using the web service, and you don't need to +change your password everywhere. + +You can create more than one API key if required. Each API key has an optional +description which can help you record what it is used for. + +On this page, you can unrevoke, revoke and change the description of existing +API keys for your login. A revoked key means that it cannot be used. The +description is optional and purely for your information. + +You can also create a new API key by selecting the checkbox under the 'New +API key' section of the page. + +.. _permissions: + +Permissions +=========== + +This is a purely informative page which outlines your current +permissions on this installation of Bugzilla. + +A complete list of permissions in a default install of Bugzilla is below. +Your administrator may have defined other permissions. Only users with +*editusers* privileges can change the permissions of other users. + +admin + Indicates user is an Administrator. + +bz_canusewhineatothers + Indicates user can configure whine reports for other users. + +bz_canusewhines + Indicates user can configure whine reports for self. + +bz_quip_moderators + Indicates user can moderate quips. + +bz_sudoers + Indicates user can perform actions as other users. + +bz_sudo_protect + Indicates user cannot be impersonated by other users. + +canconfirm + Indicates user can confirm a bug or mark it a duplicate. + +creategroups + Indicates user can create and destroy groups. + +editbugs + Indicates user can edit all bug fields. + +editclassifications + Indicates user can create, destroy and edit classifications. + +editcomponents + Indicates user can create, destroy and edit products, components, + versions, milestones and flag types. + +editkeywords + Indicates user can create, destroy and edit keywords. + +editusers + Indicates user can create, disable and edit users. + +tweakparams + Indicates user can change :ref:`Parameters <parameters>`. diff --git a/docs/en/rst/using/reports-and-charts.rst b/docs/en/rst/using/reports-and-charts.rst new file mode 100644 index 000000000..659cd5cbd --- /dev/null +++ b/docs/en/rst/using/reports-and-charts.rst @@ -0,0 +1,120 @@ +.. _reports-and-charts: + +Reports and Charts +################## + +As well as the standard buglist, Bugzilla has two more ways of +viewing sets of bugs. These are the reports (which give different +views of the current state of the database) and charts (which plot +the changes in particular sets of bugs over time). + +.. _reports: + +Reports +======= + +A report is a view of the current state of the bug database. + +You can run either an HTML-table-based report, or a graphical +line/pie/bar-chart-based one. The two have different pages to +define them but are close cousins - once you've defined and +viewed a report, you can switch between any of the different +views of the data at will. + +Both report types are based on the idea of defining a set of bugs +using the standard search interface and then choosing some +aspect of that set to plot on the horizontal and/or vertical axes. +You can also get a form of 3-dimensional report by choosing to have +multiple images or tables. + +So, for example, you could use the search form to choose "all +bugs in the WorldControl product" and then plot their severity +against their component to see which component had had the largest +number of bad bugs reported against it. + +Once you've defined your parameters and hit :guilabel:`Generate Report`, +you can switch between HTML, CSV, Bar, Line and Pie. (Note: Pie +is only available if you didn't define a vertical axis, as pie +charts don't have one.) The other controls are fairly self-explanatory; +you can change the size of the image if you find text is overwriting +other text, or the bars are too thin to see. + +.. _charts: + +Charts +====== + +A chart is a view of the state of the bug database over time. + +Bugzilla currently has two charting systems - Old Charts and New +Charts. Old Charts have been part of Bugzilla for a long time; they +chart each status and resolution for each product, and that's all. +They are deprecated, and going away soon - we won't say any more +about them. +New Charts are the future - they allow you to chart anything you +can define as a search. + +.. note:: Both charting forms require the administrator to set up the + data-gathering script. If you can't see any charts, ask them whether + they have done so. + +An individual line on a chart is called a data set. +All data sets are organised into categories and subcategories. The +data sets that Bugzilla defines automatically use the Product name +as a :guilabel:`Category` and Component names as :guilabel:`Subcategories`, +but there is no need for you to follow that naming scheme with your own +charts if you don't want to. + +Data sets may be public or private. Everyone sees public data sets in +the list, but only their creator sees private data sets. Only +administrators can make data sets public. +No two data sets, even two private ones, can have the same set of +category, subcategory and name. So if you are creating private data +sets, one idea is to have the :guilabel:`Category` be your username. + +Creating Charts +--------------- + +You create a chart by selecting a number of data sets from the +list and pressing :guilabel:`Add To List` for each. In the +:guilabel:`List Of Data Sets To Plot`, you can define the label that data +set will have in the chart's legend and also ask Bugzilla to :guilabel:`Sum` +a number of data sets (e.g. you could :guilabel:`Sum` data sets representing +:guilabel:`RESOLVED`, :guilabel:`VERIFIED` and :guilabel:`CLOSED` in a +particular product to get a data set representing all the resolved bugs in +that product.) + +If you've erroneously added a data set to the list, select it +using the checkbox and click :guilabel:`Remove`. Once you add more than one +data set, a :guilabel:`Grand Total` line +automatically appears at the bottom of the list. If you don't want +this, simply remove it as you would remove any other line. + +You may also choose to plot only over a certain date range, and +to cumulate the results, that is, to plot each one using the +previous one as a baseline so the top line gives a sum of all +the data sets. It's easier to try than to explain :-) + +Once a data set is in the list, you can also perform certain +actions on it. For example, you can edit the +data set's parameters (name, frequency etc.) if it's one you +created or if you are an administrator. + +Once you are happy, click :guilabel:`Chart This List` to see the chart. + +.. _charts-new-series: + +Creating New Data Sets +---------------------- + +You may also create new data sets of your own. To do this, +click the :guilabel:`create a new data set` link on the +:guilabel:`Create Chart` page. This takes you to a search-like interface +where you can define the search that Bugzilla will plot. At the bottom of the +page, you choose the category, sub-category and name of your new +data set. + +If you have sufficient permissions, you can make the data set public, +and reduce the frequency of data collection to less than the default +of seven days. + diff --git a/docs/en/rst/using/tips.rst b/docs/en/rst/using/tips.rst new file mode 100644 index 000000000..34274f728 --- /dev/null +++ b/docs/en/rst/using/tips.rst @@ -0,0 +1,65 @@ +.. _pro-tips: + +Pro Tips +######## + +This section distills some Bugzilla tips and best practices +that have been developed. + +Autolinkification +================= + +Bugzilla comments are plain text - so typing <U> will +produce less-than, U, greater-than rather than underlined text. +However, Bugzilla will automatically make hyperlinks out of certain +sorts of text in comments. For example, the text +``http://www.bugzilla.org`` will be turned into a link: +`<http://www.bugzilla.org>`_. +Other strings which get linkified in the obvious manner are: + ++ bug 12345 + ++ bugs 123, 456, 789 + ++ comment 7 + ++ comments 1, 2, 3, 4 + ++ bug 23456, comment 53 + ++ attachment 4321 + ++ mailto\:george\@example.com + ++ george\@example.com + ++ ftp\://ftp.mozilla.org + ++ Most other sorts of URL + +A corollary here is that if you type a bug number in a comment, +you should put the word "bug" before it, so it gets autolinkified +for the convenience of others. + +.. _commenting: + +Comments +======== + +If you are changing the fields on a bug, only comment if +either you have something pertinent to say or Bugzilla requires it. +Otherwise, you may spam people unnecessarily with bugmail. +To take an example: a user can set up their account to filter out messages +where someone just adds themselves to the CC field of a bug +(which happens a lot). If you come along, add yourself to the CC field, +and add a comment saying "Adding self to CC", then that person +gets a pointless piece of mail they would otherwise have avoided. + +Don't use sigs in comments. Signing your name ("Bill") is acceptable, +if you do it out of habit, but full mail/news-style +four line ASCII art creations are not. + +If you feel a bug you filed was incorrectly marked as a +DUPLICATE of another, please question it in your bug, not +the bug it was duped to. Feel free to CC the person who duped it +if they are not already CCed. diff --git a/docs/en/rst/using/understanding.rst b/docs/en/rst/using/understanding.rst new file mode 100644 index 000000000..c52bd2167 --- /dev/null +++ b/docs/en/rst/using/understanding.rst @@ -0,0 +1,303 @@ +.. _understanding: + +Understanding a Bug +################### + +The core of Bugzilla is the screen which displays a particular +bug. Note that the labels for most fields are hyperlinks; +clicking them will take you to context-sensitive help on that +particular field. Fields marked * may not be present on every +installation of Bugzilla. + +*Summary:* + A one-sentence summary of the problem, displayed in the header next to + the bug number. + +*Status (and Resolution):* + These define exactly what state the bug is in—from not even + being confirmed as a bug, through to being fixed and the fix + confirmed by Quality Assurance. The different possible values for + Status and Resolution on your installation should be documented in the + context-sensitive help for those items. + +*Alias:* + A unique short text name for the bug, which can be used instead of the + bug number. + +*Product and Component*: + Bugs are divided up by Product and Component, with a Product + having one or more Components in it. + +*Version:* + The "Version" field usually contains the numbers or names of released + versions of the product. It is used to indicate the version(s) affected by + the bug report. + +*Hardware (Platform and OS):* + These indicate the computing environment where the bug was + found. + +*Importance (Priority and Severity):* + The Priority field is used to prioritize bugs, either by the assignee, + or someone else with authority to direct their time such as a project + manager. It's a good idea not to change this on other people's bugs. The + default values are P1 to P5. + + The Severity field indicates how severe the problem is—from blocker + ("application unusable") to trivial ("minor cosmetic issue"). You + can also use this field to indicate whether a bug is an enhancement + request. + +*\*Target Milestone:* + A future version by which the bug is to + be fixed. e.g. The Bugzilla Project's milestones for future + Bugzilla versions are 4.4, 5.0, 6.0, etc. Milestones are not + restricted to numbers, though—you can use any text strings, such + as dates. + +*Assigned To:* + The person responsible for fixing the bug. + +*\*QA Contact:* + The person responsible for quality assurance on this bug. + +*URL:* + A URL associated with the bug, if any. + +*\*Whiteboard:* + A free-form text area for adding short notes and tags to a bug. + +*Keywords:* + The administrator can define keywords which you can use to tag and + categorise bugs—e.g. ``crash`` or ``regression``. + +*Personal Tags:* + Unlike Keywords which are global and visible by all users, Personal Tags + are personal and can only be viewed and edited by their author. Editing + them won't send any notifications to other users. Use them to tag and keep + track of sets of bugs that you personally care about, using your own + classification system. + +*Dependencies (Depends On and Blocks):* + If this bug cannot be fixed unless other bugs are fixed (depends + on), or this bug stops other bugs being fixed (blocks), their + numbers are recorded here. + + Clicking the :guilabel:`Dependency tree` link shows + the dependency relationships of the bug as a tree structure. + You can change how much depth to show, and you can hide resolved bugs + from this page. You can also collapse/expand dependencies for + each non-terminal bug on the tree view, using the [-]/[+] buttons that + appear before the summary. + +*Reported:* + The person who filed the bug, and the date and time they did it. + +*Modified:* + The date and time the bug was last changed. + +*CC List:* + A list of people who get mail when the bug changes, in addition to the + Reporter, Assignee and QA Contact (if enabled). + +*Ignore Bug Mail:* + Set this if you want never to get bugmail from this bug again. See also + :ref:`emailpreferences`. + +*\*See Also:* + Bugs, in this Bugzilla, other Bugzillas, or other bug trackers, that are + related to this one. + +*Flags:* + A flag is a kind of status that can be set on bugs or attachments + to indicate that the bugs/attachments are in a certain state. + Each installation can define its own set of flags that can be set + on bugs or attachments. See :ref:`flags`. + +*\*Time Tracking:* + This form can be used for time tracking. + To use this feature, you have to be a member of the group + specified by the :param:`timetrackinggroup` parameter. See + :ref:`time-tracking` for more information. + + Orig. Est.: + This field shows the original estimated time. + Current Est.: + This field shows the current estimated time. + This number is calculated from ``Hours Worked`` + and ``Hours Left``. + Hours Worked: + This field shows the number of hours worked. + Hours Left: + This field shows the ``Current Est.`` - + ``Hours Worked``. + This value + ``Hours Worked`` will become the + new Current Est. + %Complete: + This field shows what percentage of the task is complete. + Gain: + This field shows the number of hours that the bug is ahead of the + ``Orig. Est.``. + Deadline: + This field shows the deadline for this bug. + +*Attachments:* + You can attach files (e.g. test cases or patches) to bugs. If there + are any attachments, they are listed in this section. See + :ref:`attachments` for more information. + +*Additional Comments:* + You can add your two cents to the bug discussion here, if you have + something worthwhile to say. + +.. _flags: + +Flags +===== + +Flags are a way to attach a specific status to a bug or attachment, +either ``+`` or ``-``. The meaning of these symbols depends on the name of +the flag itself, but contextually they could mean pass/fail, +accept/reject, approved/denied, or even a simple yes/no. If your site +allows requestable flags, then users may set a flag to ``?`` as a +request to another user that they look at the bug/attachment and set +the flag to its correct status. + +A set flag appears in bug reports and on "edit attachment" pages with the +abbreviated username of the user who set the flag prepended to the +flag name. For example, if Jack sets a "review" flag to ``+``, it appears +as :guilabel:`Jack: review [ + ]`. + +A requested flag appears with the user who requested the flag prepended +to the flag name and the user who has been requested to set the flag +appended to the flag name within parentheses. For example, if Jack +asks Jill for review, it appears as :guilabel:`Jack: review [ ? ] (Jill)`. + +You can browse through open requests made of you and by you by selecting +:guilabel:`My Requests` from the footer. You can also look at open requests +limited by other requesters, requestees, products, components, and flag names. +Note that you can use '-' for requestee to specify flags with no requestee +set. + +.. _flags-simpleexample: + +A Simple Example +---------------- + +A developer might want to ask their manager, +"Should we fix this bug before we release version 2.0?" +They might want to do this for a *lot* of bugs, +so they decide to streamline the process. So: + +#. The Bugzilla administrator creates a flag type called blocking2.0 for bugs + in your product. It shows up on the :guilabel:`Show Bug` screen as the text + :guilabel:`blocking2.0` with a drop-down box next to it. The drop-down box + contains four values: an empty space, ``?``, ``-``, and ``+``. + +#. The developer sets the flag to ``?``. + +#. The manager sees the :guilabel:`blocking2.0` + flag with a ``?`` value. + +#. If the manager thinks the feature should go into the product + before version 2.0 can be released, they set the flag to + ``+``. Otherwise, they set it to ``-``. + +#. Now, every Bugzilla user who looks at the bug knows whether or + not the bug needs to be fixed before release of version 2.0. + +.. _flags-about: + +About Flags +----------- + +Flags can have four values: + +``?`` + A user is requesting that a status be set. (Think of it as 'A question is being asked'.) + +``-`` + The status has been set negatively. (The question has been answered ``no``.) + +``+`` + The status has been set positively. + (The question has been answered ``yes``.) + +``_`` + ``unset`` actually shows up as a blank space. This just means that nobody + has expressed an opinion (or asked someone else to express an opinion) + about the matter covered by this flag. + +.. _flag-askto: + +Flag Requests +------------- + +If a flag has been defined as :guilabel:`requestable`, and a user has enough +privileges to request it (see below), the user can set the flag's status to +``?``. This status indicates that someone (a.k.a. "the requester") is asking +someone else to set the flag to either ``+`` or ``-``. + +If a flag has been defined as :guilabel:`specifically requestable`, +a text box will appear next to the flag into which the requester may +enter a Bugzilla username. That named person (a.k.a. "the requestee") +will receive an email notifying them of the request, and pointing them +to the bug/attachment in question. + +If a flag has *not* been defined as :guilabel:`specifically requestable`, +then no such text box will appear. A request to set this flag cannot be made +of any specific individual; these requests are open for anyone to answer. In +Bugzilla this is known as "asking the wind". A requester may ask the wind on +any flag simply by leaving the text box blank. + +.. _flag-types: + +.. _flag-type-attachment: + +Attachment Flags +---------------- + +There are two types of flags: bug flags and attachment flags. + +Attachment flags are used to ask a question about a specific +attachment on a bug. + +Many Bugzilla installations use this to +request that one developer review another +developer's code before they check it in. They attach the code to +a bug report, and then set a flag on that attachment called +:guilabel:`review` to +:guilabel:`review? reviewer@example.com`. +reviewer\@example.com is then notified by email that +they have to check out that attachment and approve it or deny it. + +For a Bugzilla user, attachment flags show up in three places: + +#. On the list of attachments in the :guilabel:`Show Bug` + screen, you can see the current state of any flags that + have been set to ``?``, ``+``, or ``-``. You can see who asked about + the flag (the requester), and who is being asked (the + requestee). + +#. When you edit an attachment, you can + see any settable flag, along with any flags that have + already been set. The :guilabel:`Edit Attachment` + screen is where you set flags to ``?``, ``-``, ``+``, or unset them. + +#. Requests are listed in the :guilabel:`Request Queue`, which + is accessible from the :guilabel:`My Requests` link (if you are + logged in) or :guilabel:`Requests` link (if you are logged out) + visible on all pages. + +.. _flag-type-bug: + +Bug Flags +--------- + +Bug flags are used to set a status on the bug itself. You can +see Bug Flags in the :guilabel:`Show Bug` and :guilabel:`Requests` +screens, as described above. + +Only users with enough privileges (see below) may set flags on bugs. +This doesn't necessarily include the assignee, reporter, or users with the +:group:`editbugs` permission. diff --git a/docs/en/xml/Bugzilla-Guide.xml b/docs/en/xml/Bugzilla-Guide.xml deleted file mode 100644 index d77d14e27..000000000 --- a/docs/en/xml/Bugzilla-Guide.xml +++ /dev/null @@ -1,174 +0,0 @@ -<?xml version="1.0"?> -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" [ - <!ENTITY % myents SYSTEM "bugzilla.ent"> - %myents; - -<!-- Include macros --> -<!ENTITY about SYSTEM "about.xml"> -<!ENTITY conventions SYSTEM "conventions.xml"> -<!ENTITY doc-index SYSTEM "index.xml"> -<!ENTITY gfdl SYSTEM "gfdl.xml"> -<!ENTITY glossary SYSTEM "glossary.xml"> -<!ENTITY installation SYSTEM "installation.xml"> -<!ENTITY administration SYSTEM "administration.xml"> -<!ENTITY security SYSTEM "security.xml"> -<!ENTITY using SYSTEM "using.xml"> -<!ENTITY index SYSTEM "index.xml"> -<!ENTITY customization SYSTEM "customization.xml"> -<!ENTITY troubleshooting SYSTEM "troubleshooting.xml"> -<!ENTITY patches SYSTEM "patches.xml"> -<!ENTITY modules SYSTEM "modules.xml"> - -<!-- Things to change for a stable release: - * bz-ver to current stable - * bz-nexver to next stable - * bz-date to the release date - * landfillbase to the branch install - * Remove the BZ-DEVEL comments - - COMPILE DOCS AND CHECKIN - - Also, tag and tarball before completing - * bz-ver to devel version - - For a devel release, simple bump bz-ver and bz-date ---> - -<!ENTITY bz-ver "4.2.11"> -<!ENTITY bz-nextver "4.4"> -<!ENTITY bz-date "2014-10-06"> -<!ENTITY current-year "2014"> - -<!ENTITY landfillbase "http://landfill.bugzilla.org/bugzilla-4.2-branch/"> -<!ENTITY bz "http://www.bugzilla.org/"> -<!ENTITY bzg-bugs "<ulink url='https://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla&component=Documentation'>Bugzilla Documentation</ulink>"> -<!ENTITY mysql "http://www.mysql.com/"> - -<!ENTITY min-perl-ver "5.8.1"> -]> - - -<!-- Coding standards for this document - -* Other than the GFDL, please use the "section" tag instead of "sect1", - "sect2", etc. -* Use Entities to include files for new chapters in Bugzilla-Guide.xml. -* Try to use Entities for frequently-used passages of text as well. -* Ensure all documents compile cleanly to HTML after modification. - The warning, "DTDDECL catalog types not supported" is normal. -* Try to index important terms wherever possible. -* Use "glossterm" whenever you introduce a new term. -* Follow coding standards at http://www.tldp.org, and - check out the KDE guidelines (they are nice, too) - http://i18n.kde.org/doc/markup.html -* All tags should be lowercase. -* Please use sensible spacing. The comments at the very end of each - file define reasonable defaults for PSGML mode in EMACS. -* Double-indent tags, use double spacing whenever possible, and - try to avoid clutter and feel free to waste space in the code to make it - more readable. - ---> - -<book id="index"> - -<!-- Header --> - - <bookinfo> - <title>The Bugzilla Guide - &bz-ver; - Release</title> - - <authorgroup> - <corpauthor>The Bugzilla Team</corpauthor> - </authorgroup> - - <pubdate>&bz-date;</pubdate> - - <abstract> - <para> - This is the documentation for Bugzilla, a - bug-tracking system from mozilla.org. - Bugzilla is an enterprise-class piece of software - that tracks millions of bugs and issues for hundreds of - organizations around the world. - </para> - - <para> - The most current version of this document can always be found on the - <ulink url="http://www.bugzilla.org/docs/">Bugzilla - Documentation Page</ulink>. - </para> - - </abstract> - - <keywordset> - <keyword>Bugzilla</keyword> - <keyword>Guide</keyword> - <keyword>installation</keyword> - <keyword>FAQ</keyword> - <keyword>administration</keyword> - <keyword>integration</keyword> - <keyword>MySQL</keyword> - <keyword>Mozilla</keyword> - <keyword>webtools</keyword> - </keywordset> - </bookinfo> - -<!-- About This Guide --> -&about; - -<!-- Installing Bugzilla --> -&installation; - -<!-- Administering Bugzilla --> -&administration; - -<!-- Securing Bugzilla --> -&security; - -<!-- Using Bugzilla --> -&using; - -<!-- Customizing Bugzilla --> -&customization; - -<!-- Appendix: Troubleshooting --> -&troubleshooting; - -<!-- Appendix: Custom Patches --> -&patches; - -<!-- Appendix: Manually Installing Perl Modules --> -&modules; - -<!-- Appendix: GNU Free Documentation License --> -&gfdl; - -<!-- Glossary --> -&glossary; - -<!-- Index --> -&index; - - -</book> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/about.xml b/docs/en/xml/about.xml deleted file mode 100644 index a6cebe0e0..000000000 --- a/docs/en/xml/about.xml +++ /dev/null @@ -1,215 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ -<!ENTITY conventions SYSTEM "conventions.xml"> ] > --> - -<chapter id="about"> -<title>About This Guide</title> - - <section id="copyright"> - <title>Copyright Information</title> - - <para>This document is copyright (c) 2000-¤t-year; by the various - Bugzilla contributors who wrote it.</para> - - <blockquote> - <para> - Permission is granted to copy, distribute and/or modify this - document under the terms of the GNU Free Documentation - License, Version 1.1 or any later version published by the - Free Software Foundation; with no Invariant Sections, no - Front-Cover Texts, and with no Back-Cover Texts. A copy of - the license is included in <xref linkend="gfdl"/>. - </para> - </blockquote> - <para> - If you have any questions regarding this document, its - copyright, or publishing this document in non-electronic form, - please contact the Bugzilla Team. - </para> - </section> - - <section id="disclaimer"> - <title>Disclaimer</title> - <para> - No liability for the contents of this document can be accepted. - Follow the instructions herein at your own risk. - This document may contain errors - and inaccuracies that may damage your system, cause your partner - to leave you, your boss to fire you, your cats to - pee on your furniture and clothing, and global thermonuclear - war. Proceed with caution. - </para> - <para> - Naming of particular products or brands should not be seen as - endorsements, with the exception of the term "GNU/Linux". We - wholeheartedly endorse the use of GNU/Linux; it is an extremely - versatile, stable, - and robust operating system that offers an ideal operating - environment for Bugzilla. - </para> - <para> - Although the Bugzilla development team has taken great care to - ensure that all exploitable bugs have been fixed, security holes surely - exist in any piece of code. Great care should be taken both in - the installation and usage of this software. The Bugzilla development - team members assume no liability for your use of Bugzilla. You have - the source code, and are responsible for auditing it yourself to ensure - your security needs are met. - </para> - </section> - -<!-- Section 2: New Versions --> - - <section id="newversions"> - <title>New Versions</title> - <para> - This is the &bz-ver; version of The Bugzilla Guide. It is so named - to match the current version of Bugzilla. - <!-- BZ-DEVEL --> This version of the guide, like its associated Bugzilla version, is a - development version.<!-- /BZ-DEVEL --> - </para> - <para> - The latest version of this guide can always be found at <ulink - url="http://www.bugzilla.org/docs/"/>. However, you should read - the version which came with the Bugzilla release you are using. - </para> - - <para> - In addition, there are Bugzilla template localization projects in - <ulink url="http://www.bugzilla.org/download/#localizations">several languages</ulink>. - They may have translated documentation available. If you would like to - volunteer to translate the Guide into additional languages, please visit the - <ulink url="https://wiki.mozilla.org/Bugzilla:L10n">Bugzilla L10n team</ulink> - page. - </para> - </section> - - <section id="credits"> - <title>Credits</title> - <para> - The people listed below have made enormous contributions to the - creation of this Guide, through their writing, dedicated hacking efforts, - numerous e-mail and IRC support sessions, and overall excellent - contribution to the Bugzilla community: - </para> - - <!-- TODO: This is evil... there has to be a valid way to get this look --> - <variablelist> - <varlistentry> - <term>Matthew P. Barnson <email>mbarnson@sisna.com</email></term> - <listitem> - <para>for the Herculean task of pulling together the Bugzilla Guide - and shepherding it to 2.14. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Terry Weissman <email>terry@mozilla.org</email></term> - <listitem> - <para>for initially writing Bugzilla and creating the README upon - which the UNIX installation documentation is largely based. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Tara Hernandez <email>tara@tequilarists.org</email></term> - <listitem> - <para>for keeping Bugzilla development going strong after Terry left - mozilla.org and for running landfill. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Dave Lawrence <email>dkl@redhat.com</email></term> - <listitem> - <para>for providing insight into the key differences between Red - Hat's customized Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Dawn Endico <email>endico@mozilla.org</email></term> - <listitem> - <para>for being a hacker extraordinaire and putting up with Matthew's - incessant questions and arguments on irc.mozilla.org in #mozwebtools - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Jacob Steenhagen <email>jake@bugzilla.org</email></term> - <listitem> - <para>for taking over documentation during the 2.17 development - period. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Dave Miller <email>justdave@bugzilla.org</email></term> - <listitem> - <para>for taking over as project lead when Tara stepped down and - continually pushing for the documentation to be the best it can be. - </para> - </listitem> - </varlistentry> - - </variablelist> - - - <para> - Thanks also go to the following people for significant contributions - to this documentation: - <simplelist type="inline"> - <member>Kevin Brannen</member> - <member>Vlad Dascalu</member> - <member>Ben FrantzDale</member> - <member>Eric Hanson</member> - <member>Zach Lipton</member> - <member>Gervase Markham</member> - <member>Andrew Pearson</member> - <member>Joe Robins</member> - <member>Spencer Smith</member> - <member>Ron Teitelbaum</member> - <member>Shane Travis</member> - <member>Martin Wulffeld</member> - </simplelist>. - </para> - - <para> - Also, thanks are due to the members of the - <ulink url="news://news.mozilla.org/mozilla.support.bugzilla"> - mozilla.support.bugzilla</ulink> - newsgroup (and its predecessor, netscape.public.mozilla.webtools). - Without your discussions, insight, suggestions, and patches, - this could never have happened. - </para> - </section> - - <!-- conventions used here (didn't want to give it a chapter of its own) --> -&conventions; - </chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: --> - diff --git a/docs/en/xml/administration.xml b/docs/en/xml/administration.xml deleted file mode 100644 index 8ba95da9e..000000000 --- a/docs/en/xml/administration.xml +++ /dev/null @@ -1,3199 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> -<chapter id="administration"> - <title>Administering Bugzilla</title> - - <section id="parameters"> - <title>Bugzilla Configuration</title> - - <para> - Bugzilla is configured by changing various parameters, accessed - from the "Parameters" link in the Administration page (the - Administration page can be found by clicking the "Administration" - link in the footer). The parameters are divided into several categories, - accessed via the menu on the left. Following is a description of the - different categories and important parameters within those categories. - </para> - - <section id="param-requiredsettings"> - <title>Required Settings</title> - - <para> - The core required parameters for any Bugzilla installation are set - here. These parameters must be set before a new Bugzilla installation - can be used. Administrators should review this list before - deploying a new Bugzilla installation. - </para> - - <indexterm> - <primary>checklist</primary> - </indexterm> - - <variablelist> - - <varlistentry> - <term> - maintainer - </term> - <listitem> - <para> - Email address of the person - responsible for maintaining this Bugzilla installation. - The address need not be that of a valid Bugzilla account. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - urlbase - </term> - <listitem> - <para> - Defines the fully qualified domain name and web - server path to this Bugzilla installation. - </para> - <para> - For example, if the Bugzilla query page is - <filename>http://www.foo.com/bugzilla/query.cgi</filename>, - the <quote>urlbase</quote> should be set - to <filename>http://www.foo.com/bugzilla/</filename>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - docs_urlbase - </term> - <listitem> - <para> - Defines path to the Bugzilla documentation. This can be a fully - qualified domain name, or a path relative to "urlbase". - </para> - <para> - For example, if the "Bugzilla Configuration" page - of the documentation is - <filename>http://www.foo.com/bugzilla/docs/html/parameters.html</filename>, - set the <quote>docs_urlbase</quote> - to <filename>http://www.foo.com/bugzilla/docs/html/</filename>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - sslbase - </term> - <listitem> - <para> - Defines the fully qualified domain name and web - server path for HTTPS (SSL) connections to this Bugzilla installation. - </para> - <para> - For example, if the Bugzilla main page is - <filename>https://www.foo.com/bugzilla/index.cgi</filename>, - the <quote>sslbase</quote> should be set - to <filename>https://www.foo.com/bugzilla/</filename>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - ssl_redirect - </term> - <listitem> - <para> - If enabled, Bugzilla will force HTTPS (SSL) connections, by - automatically redirecting any users who try to use a non-SSL - connection. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - cookiedomain - </term> - <listitem> - <para> - Defines the domain for Bugzilla cookies. This is typically left blank. - If there are multiple hostnames that point to the same webserver, which - require the same cookie, then this parameter can be utilized. For - example, If your website is at - <filename>https://www.foo.com/</filename>, setting this to - <filename>.foo.com/</filename> will also allow - <filename>bar.foo.com/</filename> to access Bugzilla cookies. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - cookiepath - </term> - <listitem> - <para> - Defines a path, relative to the web server root, that Bugzilla - cookies will be restricted to. For example, if the - <command>urlbase</command> is set to - <filename>http://www.foo.com/bugzilla/</filename>, the - <command>cookiepath</command> should be set to - <filename>/bugzilla/</filename>. Setting it to "/" will allow all sites - served by this web server or virtual host to read Bugzilla cookies. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - utf8 - </term> - <listitem> - <para> - Determines whether to use UTF-8 (Unicode) encoding for all text in - Bugzilla. New installations should set this to true to avoid character - encoding problems. Existing databases should set this to true only - after the data has been converted from existing legacy character - encoding to UTF-8, using the - <filename>contrib/recode.pl</filename> script. - </para> - <note> - <para> - If you turn this parameter from "off" to "on", you must re-run - <filename>checksetup.pl</filename> immediately afterward. - </para> - </note> - </listitem> - </varlistentry> - - <varlistentry> - <term> - shutdownhtml - </term> - <listitem> - <para> - If there is any text in this field, this Bugzilla installation will - be completely disabled and this text will appear instead of all - Bugzilla pages for all users, including Admins. Used in the event - of site maintenance or outage situations. - </para> - <note> - <para> - Although regular log-in capability is disabled while - <command>shutdownhtml</command> - is enabled, safeguards are in place to protect the unfortunate - admin who loses connection to Bugzilla. Should this happen to you, - go directly to the <filename>editparams.cgi</filename> (by typing - the URL in manually, if necessary). Doing this will prompt you to - log in, and your name/password will be accepted here (but nowhere - else). - </para> - </note> - </listitem> - </varlistentry> - - <varlistentry> - <term> - announcehtml - </term> - <listitem> - <para> - Any text in this field will be displayed at the top of every HTML - page in this Bugzilla installation. The text is not wrapped in any - tags. For best results, wrap the text in a <quote><div></quote> - tag. Any style attributes from the CSS can be applied. For example, - to make the text green inside of a red box, add <quote>id=message</quote> - to the <quote><div></quote> tag. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - proxy_url - </term> - <listitem> - <para> - If this Bugzilla installation is behind a proxy, enter the proxy - information here to enable Bugzilla to access the Internet. Bugzilla - requires Internet access to utilize the - <command>upgrade_notification</command> parameter (below). If the - proxy requires authentication, use the syntax: - <filename>http://user:pass@proxy_url/</filename>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - upgrade_notification - </term> - <listitem> - <para> - Enable or disable a notification on the homepage of this Bugzilla - installation when a newer version of Bugzilla is available. This - notification is only visible to administrators. Choose "disabled", - to turn off the notification. Otherwise, choose which version of - Bugzilla you want to be notified about: "development_snapshot" is the - latest release on the trunk; "latest_stable_release" is the most - recent release available on the most recent stable branch; - "stable_branch_release" the most recent release on the branch - this installation is based on. - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="param-admin-policies"> - <title>Administrative Policies</title> - <para> - This page contains parameters for basic administrative functions. - Options include whether to allow the deletion of bugs and users, - and whether to allow users to change their email address. - </para> - </section> - - <section id="param-user-authentication"> - <title>User Authentication</title> - <para> - This page contains the settings that control how this Bugzilla - installation will do its authentication. Choose what authentication - mechanism to use (the Bugzilla database, or an external source such - as LDAP), and set basic behavioral parameters. For example, choose - whether to require users to login to browse bugs, the management - of authentication cookies, and the regular expression used to - validate email addresses. Some parameters are highlighted below. - </para> - - <variablelist> - - <varlistentry> - <term> - emailregexp - </term> - <listitem> - <para> - Defines the regular expression used to validate email addresses - used for login names. The default attempts to match fully - qualified email addresses (i.e. 'user@example.com'). Some - Bugzilla installations allow only local user names (i.e 'user' - instead of 'user@example.com'). In that case, the - <command>emailsuffix</command> parameter should be used to define - the email domain. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - emailsuffix - </term> - <listitem> - <para> - This string is appended to login names when actually sending - email to a user. For example, - If <command>emailregexp</command> has been set to allow - local usernames, - then this parameter would contain the email domain for all users - (i.e. '@example.com'). - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="param-attachments"> - <title>Attachments</title> - <para> - This page allows for setting restrictions and other parameters - regarding attachments to bugs. For example, control size limitations - and whether to allow pointing to external files via a URI. - </para> - </section> - - <section id="param-bug-change-policies"> - <title>Bug Change Policies</title> - <para> - Set policy on default behavior for bug change events. For example, - choose which status to set a bug to when it is marked as a duplicate, - and choose whether to allow bug reporters to set the priority or - target milestone. Also allows for configuration of what changes - should require the user to make a comment, described below. - </para> - - <variablelist> - - <varlistentry> - <term> - commenton* - </term> - <listitem> - <para> - All these fields allow you to dictate what changes can pass - without comment, and which must have a comment from the - person who changed them. Often, administrators will allow - users to add themselves to the CC list, accept bugs, or - change the Status Whiteboard without adding a comment as to - their reasons for the change, yet require that most other - changes come with an explanation. - </para> - - <para> - Set the "commenton" options according to your site policy. It - is a wise idea to require comments when users resolve, reassign, or - reopen bugs at the very least. - </para> - - <note> - <para> - It is generally far better to require a developer comment - when resolving bugs than not. Few things are more annoying to bug - database users than having a developer mark a bug "fixed" without - any comment as to what the fix was (or even that it was truly - fixed!) - </para> - </note> - </listitem> - </varlistentry> - <varlistentry> - <term> - noresolveonopenblockers - </term> - <listitem> - <para> - This option will prevent users from resolving bugs as FIXED if - they have unresolved dependencies. Only the FIXED resolution - is affected. Users will be still able to resolve bugs to - resolutions other than FIXED if they have unresolved dependent - bugs. - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="param-bugfields"> - <title>Bug Fields</title> - <para> - The parameters in this section determine the default settings of - several Bugzilla fields for new bugs, and also control whether - certain fields are used. For example, choose whether to use the - "target milestone" field or the "status whiteboard" field. - </para> - - <variablelist> - - <varlistentry> - <term> - useqacontact - </term> - <listitem> - <para> - This allows you to define an email address for each component, - in addition to that of the default assignee, who will be sent - carbon copies of incoming bugs. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - usestatuswhiteboard - </term> - <listitem> - <para> - This defines whether you wish to have a free-form, overwritable field - associated with each bug. The advantage of the Status Whiteboard is - that it can be deleted or modified with ease, and provides an - easily-searchable field for indexing some bugs that have some trait - in common. - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="param-bugmoving"> - <title>Bug Moving</title> - <para> - This page controls whether this Bugzilla installation allows certain - users to move bugs to an external database. If bug moving is enabled, - there are a number of parameters that control bug moving behaviors. - For example, choose which users are allowed to move bugs, the location - of the external database, and the default product and component that - bugs moved <emphasis>from</emphasis> other bug databases to this - Bugzilla installation are assigned to. - </para> - - </section> - - <section id="param-dependency-graphs"> - <title>Dependency Graphs</title> - <para> - This page has one parameter that sets the location of a Web Dot - server, or of the Web Dot binary on the local system, that is used - to generate dependency graphs. Web Dot is a CGI program that creates - images from <filename>.dot</filename> graphic description files. If - no Web Dot server or binary is specified, then dependency graphs will - be disabled. - </para> - </section> - - <section id="param-group-security"> - <title>Group Security</title> - <para> - Bugzilla allows for the creation of different groups, with the - ability to restrict the visibility of bugs in a group to a set of - specific users. Specific products can also be associated with - groups, and users restricted to only see products in their groups. - Several parameters are described in more detail below. Most of the - configuration of groups and their relationship to products is done - on the "Groups" and "Product" pages of the "Administration" area. - The options on this page control global default behavior. - For more information on Groups and Group Security, see - <xref linkend="groups"/> - </para> - - <variablelist> - - <varlistentry> - <term> - makeproductgroups - </term> - <listitem> - <para> - Determines whether or not to automatically create groups - when new products are created. If this is on, the groups will be - used for querying bugs. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - usevisibilitygroups - </term> - <listitem> - <para> - If selected, user visibility will be restricted to members of - groups, as selected in the group configuration settings. - Each user-defined group can be allowed to see members of selected - other groups. - For details on configuring groups (including the visibility - restrictions) see <xref linkend="edit-groups"/>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - querysharegroup - </term> - <listitem> - <para> - The name of the group of users who are allowed to share saved - searches with one another. For more information on using - saved searches, see <xref linkend="savedsearches"/>. - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="bzldap"> - <title>LDAP Authentication</title> - - <para>LDAP authentication is a module for Bugzilla's plugin - authentication architecture. This page contains all the parameters - necessary to configure Bugzilla for use with LDAP authentication. - </para> - - <para> - The existing authentication - scheme for Bugzilla uses email addresses as the primary user ID, and a - password to authenticate that user. All places within Bugzilla that - require a user ID (e.g assigning a bug) use the email - address. The LDAP authentication builds on top of this scheme, rather - than replacing it. The initial log-in is done with a username and - password for the LDAP directory. Bugzilla tries to bind to LDAP using - those credentials and, if successful, tries to map this account to a - Bugzilla account. If an LDAP mail attribute is defined, the value of this - attribute is used, otherwise the "emailsuffix" parameter is appended to LDAP - username to form a full email address. If an account for this address - already exists in the Bugzilla installation, it will log in to that account. - If no account for that email address exists, one is created at the time - of login. (In this case, Bugzilla will attempt to use the "displayName" - or "cn" attribute to determine the user's full name.) After - authentication, all other user-related tasks are still handled by email - address, not LDAP username. For example, bugs are still assigned by - email address and users are still queried by email address. - </para> - - <caution> - <para>Because the Bugzilla account is not created until the first time - a user logs in, a user who has not yet logged is unknown to Bugzilla. - This means they cannot be used as an assignee or QA contact (default or - otherwise), added to any CC list, or any other such operation. One - possible workaround is the <filename>bugzilla_ldapsync.rb</filename> - script in the - <glossterm linkend="gloss-contrib"> - <filename class="directory">contrib</filename></glossterm> - directory. Another possible solution is fixing - <ulink url="https://bugzilla.mozilla.org/show_bug.cgi?id=201069">bug - 201069</ulink>. - </para> - </caution> - - <para>Parameters required to use LDAP Authentication:</para> - - <variablelist> - <varlistentry id="param-user_verify_class_for_ldap"> - <term>user_verify_class</term> - <listitem> - <para>If you want to list <quote>LDAP</quote> here, - make sure to have set up the other parameters listed below. - Unless you have other (working) authentication methods listed as - well, you may otherwise not be able to log back in to Bugzilla once - you log out. - If this happens to you, you will need to manually edit - <filename>data/params</filename> and set user_verify_class to - <quote>DB</quote>. - </para> - </listitem> - </varlistentry> - - <varlistentry id="param-LDAPserver"> - <term>LDAPserver</term> - <listitem> - <para>This parameter should be set to the name (and optionally the - port) of your LDAP server. If no port is specified, it assumes - the default LDAP port of 389. - </para> - <para>For example: <quote>ldap.company.com</quote> - or <quote>ldap.company.com:3268</quote> - </para> - <para>You can also specify a LDAP URI, so as to use other - protocols, such as LDAPS or LDAPI. If port was not specified in - the URI, the default is either 389 or 636 for 'LDAP' and 'LDAPS' - schemes respectively. - </para> - <tip> - <para> - In order to use SSL with LDAP, specify a URI with "ldaps://". - This will force the use of SSL over port 636. - </para> - </tip> - <para>For example, normal LDAP: - <quote>ldap://ldap.company.com</quote>, LDAP over SSL: - <quote>ldaps://ldap.company.com</quote> or LDAP over a UNIX - domain socket <quote>ldapi://%2fvar%2flib%2fldap_sock</quote>. - </para> - </listitem> - </varlistentry> - - <varlistentry id="param-LDAPbinddn"> - <term>LDAPbinddn [Optional]</term> - <listitem> - <para>Some LDAP servers will not allow an anonymous bind to search - the directory. If this is the case with your configuration you - should set the LDAPbinddn parameter to the user account Bugzilla - should use instead of the anonymous bind. - </para> - <para>Ex. <quote>cn=default,cn=user:password</quote></para> - </listitem> - </varlistentry> - - <varlistentry id="param-LDAPBaseDN"> - <term>LDAPBaseDN</term> - <listitem> - <para>The LDAPBaseDN parameter should be set to the location in - your LDAP tree that you would like to search for email addresses. - Your uids should be unique under the DN specified here. - </para> - <para>Ex. <quote>ou=People,o=Company</quote></para> - </listitem> - </varlistentry> - - <varlistentry id="param-LDAPuidattribute"> - <term>LDAPuidattribute</term> - <listitem> - <para>The LDAPuidattribute parameter should be set to the attribute - which contains the unique UID of your users. The value retrieved - from this attribute will be used when attempting to bind as the - user to confirm their password. - </para> - <para>Ex. <quote>uid</quote></para> - </listitem> - </varlistentry> - - <varlistentry id="param-LDAPmailattribute"> - <term>LDAPmailattribute</term> - <listitem> - <para>The LDAPmailattribute parameter should be the name of the - attribute which contains the email address your users will enter - into the Bugzilla login boxes. - </para> - <para>Ex. <quote>mail</quote></para> - </listitem> - </varlistentry> - </variablelist> - - </section> - - <section id="bzradius"> - <title>RADIUS Authentication</title> - - <para> - RADIUS authentication is a module for Bugzilla's plugin - authentication architecture. This page contains all the parameters - necessary for configuring Bugzilla to use RADIUS authentication. - </para> - <note> - <para> - Most caveats that apply to LDAP authentication apply to RADIUS - authentication as well. See <xref linkend="bzldap"/> for details. - </para> - </note> - - <para>Parameters required to use RADIUS Authentication:</para> - - <variablelist> - <varlistentry id="param-user_verify_class_for_radius"> - <term>user_verify_class</term> - <listitem> - <para>If you want to list <quote>RADIUS</quote> here, - make sure to have set up the other parameters listed below. - Unless you have other (working) authentication methods listed as - well, you may otherwise not be able to log back in to Bugzilla once - you log out. - If this happens to you, you will need to manually edit - <filename>data/params</filename> and set user_verify_class to - <quote>DB</quote>. - </para> - </listitem> - </varlistentry> - - <varlistentry id="param-RADIUS_server"> - <term>RADIUS_server</term> - <listitem> - <para>This parameter should be set to the name (and optionally the - port) of your RADIUS server. - </para> - </listitem> - </varlistentry> - - <varlistentry id="param-RADIUS_secret"> - <term>RADIUS_secret</term> - <listitem> - <para>This parameter should be set to the RADIUS server's secret. - </para> - </listitem> - </varlistentry> - - <varlistentry id="param-RADIUS_email_suffix"> - <term>RADIUS_email_suffix</term> - <listitem> - <para>Bugzilla needs an e-mail address for each user account. - Therefore, it needs to determine the e-mail address corresponding - to a RADIUS user. - Bugzilla offers only a simple way to do this: it can concatenate - a suffix to the RADIUS user name to convert it into an e-mail - address. - You can specify this suffix in the RADIUS_email_suffix parameter. - </para> - <para>If this simple solution does not work for you, you'll - probably need to modify - <filename>Bugzilla/Auth/Verify/RADIUS.pm</filename> to match your - requirements. - </para> - </listitem> - </varlistentry> - </variablelist> - - </section> - - <section id="param-email"> - <title>Email</title> - <para> - This page contains all of the parameters for configuring how - Bugzilla deals with the email notifications it sends. See below - for a summary of important options. - </para> - - <variablelist> - - <varlistentry> - <term> - mail_delivery_method - </term> - <listitem> - <para> - This is used to specify how email is sent, or if it is sent at - all. There are several options included for different MTAs, - along with two additional options that disable email sending. - "Test" does not send mail, but instead saves it in - <filename>data/mailer.testfile</filename> for later review. - "None" disables email sending entirely. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - mailfrom - </term> - <listitem> - <para> - This is the email address that will appear in the "From" field - of all emails sent by this Bugzilla installation. Some email - servers require mail to be from a valid email address, therefore - it is recommended to choose a valid email address here. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - smtpserver - </term> - <listitem> - <para> - This is the SMTP server address, if the <quote>mail_delivery_method</quote> - parameter is set to SMTP. Use "localhost" if you have a local MTA - running, otherwise use a remote SMTP server. Append ":" and the port - number, if a non-default port is needed. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - smtp_username - </term> - <listitem> - <para> - Username to use for SASL authentication to the SMTP server. Leave - this parameter empty if your server does not require authentication. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - smtp_password - </term> - <listitem> - <para> - Password to use for SASL authentication to the SMTP server. This - parameter will be ignored if the <quote>smtp_username</quote> - parameter is left empty. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - smtp_ssl - </term> - <listitem> - <para> - Enable SSL support for connection to the SMTP server. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - smtp_debug - </term> - <listitem> - <para> - This parameter allows you to enable detailed debugging output. - Log messages are printed the web server's error log. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - whinedays - </term> - <listitem> - <para> - Set this to the number of days you want to let bugs go - in the CONFIRMED state before notifying people they have - untouched new bugs. If you do not plan to use this feature, simply - do not set up the whining cron job described in the installation - instructions, or set this value to "0" (never whine). - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - globalwatcher - </term> - <listitem> - <para> - This allows you to define specific users who will - receive notification each time a new bug in entered, or when - an existing bug changes, according to the normal groupset - permissions. It may be useful for sending notifications to a - mailing-list, for instance. - </para> - </listitem> - </varlistentry> - - </variablelist> - - </section> - - <section id="param-patchviewer"> - <title>Patch Viewer</title> - <para> - This page contains configuration parameters for the CVS server, - Bonsai server and LXR server that Bugzilla will use to enable the - features of the Patch Viewer. Bonsai is a tool that enables queries - to a CVS tree. LXR is a tool that can cross reference and index source - code. - </para> - </section> - - <section id="param-querydefaults"> - <title>Query Defaults</title> - <para> - This page controls the default behavior of Bugzilla in regards to - several aspects of querying bugs. Options include what the default - query options are, what the "My Bugs" page returns, whether users - can freely add bugs to the quip list, and how many duplicate bugs are - needed to add a bug to the "most frequently reported" list. - </para> - </section> - - <section id="param-shadowdatabase"> - <title>Shadow Database</title> - <para> - This page controls whether a shadow database is used, and all the - parameters associated with the shadow database. Versions of Bugzilla - prior to 3.2 used the MyISAM table type, which supports - only table-level write locking. With MyISAM, any time someone is making a change to - a bug, the entire table is locked until the write operation is complete. - Locking for write also blocks reads until the write is complete. - </para> - <para> - The <quote>shadowdb</quote> parameter was designed to get around - this limitation. While only a single user is allowed to write to - a table at a time, reads can continue unimpeded on a read-only - shadow copy of the database. - </para> - - <note> - <para> - As of version 3.2, Bugzilla no longer uses the MyISAM table type. - Instead, InnoDB is used, which can do transaction-based locking. - Therefore, the limitations the Shadow Database feature was designed - to workaround no longer exist. - </para> - </note> - - </section> - - <section id="admin-usermatching"> - <title>User Matching</title> - <para> - The settings on this page control how users are selected and queried - when adding a user to a bug. For example, users need to be selected - when choosing who the bug is assigned to, adding to the CC list or - selecting a QA contact. With the "usemenuforusers" parameter, it is - possible to configure Bugzilla to - display a list of users in the fields instead of an empty text field. - This should only be used in Bugzilla installations with a small number - of users. If users are selected via a text box, this page also - contains parameters for how user names can be queried and matched - when entered. - </para> - <para> - Another setting called 'ajax_user_autocompletion' enables certain - user fields to display a list of matched user names as a drop down after typing - a few characters. Note that it is recommended to use mod_perl when - enabling 'ajax_user_autocompletion'. - </para> - </section> - - </section> - - <section id="useradmin"> - <title>User Administration</title> - - <section id="defaultuser"> - <title>Creating the Default User</title> - - <para>When you first run checksetup.pl after installing Bugzilla, it - will prompt you for the administrative username (email address) and - password for this "super user". If for some reason you delete - the "super user" account, re-running checksetup.pl will again prompt - you for this username and password.</para> - - <tip> - <para>If you wish to add more administrative users, add them to - the "admin" group and, optionally, edit the tweakparams, editusers, - creategroups, editcomponents, and editkeywords groups to add the - entire admin group to those groups (which is the case by default). - </para> - </tip> - </section> - - <section id="manageusers"> - <title>Managing Other Users</title> - - <section id="user-account-search"> - <title>Searching for existing users</title> - - <para> - If you have <quote>editusers</quote> privileges or if you are allowed - to grant privileges for some groups, the <quote>Users</quote> link - will appear in the Administration page. - </para> - - <para> - The first screen is a search form to search for existing user - accounts. You can run searches based either on the user ID, real - name or login name (i.e. the email address, or just the first part - of the email address if the "emailsuffix" parameter is set). - The search can be conducted - in different ways using the listbox to the right of the text entry - box. You can match by case-insensitive substring (the default), - regular expression, a <emphasis>reverse</emphasis> regular expression - match (which finds every user name which does NOT match the regular - expression), or the exact string if you know exactly who you are - looking for. The search can be restricted to users who are in a - specific group. By default, the restriction is turned off. - </para> - - <para> - The search returns a list of - users matching your criteria. User properties can be edited by clicking - the login name. The Account History of a user can be viewed by clicking - the "View" link in the Account History column. The Account History - displays changes that have been made to the user account, the time of - the change and the user who made the change. For example, the Account - History page will display details of when a user was added or removed - from a group. - </para> - </section> - - <section id="createnewusers"> - <title>Creating new users</title> - - <section id="self-registration"> - <title>Self-registration</title> - - <para> - By default, users can create their own user accounts by clicking the - <quote>New Account</quote> link at the bottom of each page (assuming - they aren't logged in as someone else already). If you want to disable - this self-registration, or if you want to restrict who can create his - own user account, you have to edit the <quote>createemailregexp</quote> - parameter in the <quote>Configuration</quote> page, see - <xref linkend="parameters" />. - </para> - </section> - - <section id="user-account-creation"> - <title>Accounts created by an administrator</title> - - <para> - Users with <quote>editusers</quote> privileges, such as administrators, - can create user accounts for other users: - </para> - - <orderedlist> - <listitem> - <para>After logging in, click the "Users" link at the footer of - the query page, and then click "Add a new user".</para> - </listitem> - - <listitem> - <para>Fill out the form presented. This page is self-explanatory. - When done, click "Submit".</para> - - <note> - <para>Adding a user this way will <emphasis>not</emphasis> - send an email informing them of their username and password. - While useful for creating dummy accounts (watchers which - shuttle mail to another system, for instance, or email - addresses which are a mailing list), in general it is - preferable to log out and use the <quote>New Account</quote> - button to create users, as it will pre-populate all the - required fields and also notify the user of her account name - and password.</para> - </note> - </listitem> - </orderedlist> - </section> - </section> - - <section id="modifyusers"> - <title>Modifying Users</title> - - <para>Once you have found your user, you can change the following - fields:</para> - - <itemizedlist> - <listitem> - <para> - <emphasis>Login Name</emphasis>: - This is generally the user's full email address. However, if you - are using the <quote>emailsuffix</quote> parameter, this may - just be the user's login name. Note that users can now change their - login names themselves (to any valid email address). - </para> - </listitem> - - <listitem> - <para> - <emphasis>Real Name</emphasis>: The user's real name. Note that - Bugzilla does not require this to create an account.</para> - </listitem> - - <listitem> - <para> - <emphasis>Password</emphasis>: - You can change the user's password here. Users can automatically - request a new password, so you shouldn't need to do this often. - If you want to disable an account, see Disable Text below. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Bugmail Disabled</emphasis>: - Mark this checkbox to disable bugmail and whinemail completely - for this account. This checkbox replaces the data/nomail file - which existed in older versions of Bugzilla. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Disable Text</emphasis>: - If you type anything in this box, including just a space, the - user is prevented from logging in, or making any changes to - bugs via the web interface. - The HTML you type in this box is presented to the user when - they attempt to perform these actions, and should explain - why the account was disabled. - </para> - <para> - Users with disabled accounts will continue to receive - mail from Bugzilla; furthermore, they will not be able - to log in themselves to change their own preferences and - stop it. If you want an account (disabled or active) to - stop receiving mail, simply check the - <quote>Bugmail Disabled</quote> checkbox above. - </para> - <note> - <para> - Even users whose accounts have been disabled can still - submit bugs via the e-mail gateway, if one exists. - The e-mail gateway should <emphasis>not</emphasis> be - enabled for secure installations of Bugzilla. - </para> - </note> - <warning> - <para> - Don't disable all the administrator accounts! - </para> - </warning> - </listitem> - - <listitem> - <para> - <emphasis><groupname></emphasis>: - If you have created some groups, e.g. "securitysensitive", then - checkboxes will appear here to allow you to add users to, or - remove them from, these groups. The first checkbox gives the - user the ability to add and remove other users as members of - this group. The second checkbox adds the user himself as a member - of the group. - </para> - </listitem> - - <listitem> - <para> - <emphasis>canconfirm</emphasis>: - This field is only used if you have enabled the "unconfirmed" - status. If you enable this for a user, - that user can then move bugs from "Unconfirmed" to a "Confirmed" - status (e.g.: "New" status).</para> - </listitem> - - <listitem> - <para> - <emphasis>creategroups</emphasis>: - This option will allow a user to create and destroy groups in - Bugzilla.</para> - </listitem> - - <listitem> - <para> - <emphasis>editbugs</emphasis>: - Unless a user has this bit set, they can only edit those bugs - for which they are the assignee or the reporter. Even if this - option is unchecked, users can still add comments to bugs. - </para> - </listitem> - - <listitem> - <para> - <emphasis>editcomponents</emphasis>: - This flag allows a user to create new products and components, - as well as modify and destroy those that have no bugs associated - with them. If a product or component has bugs associated with it, - those bugs must be moved to a different product or component - before Bugzilla will allow them to be destroyed. - </para> - </listitem> - - <listitem> - <para> - <emphasis>editkeywords</emphasis>: - If you use Bugzilla's keyword functionality, enabling this - feature allows a user to create and destroy keywords. As always, - the keywords for existing bugs containing the keyword the user - wishes to destroy must be changed before Bugzilla will allow it - to die.</para> - </listitem> - - <listitem> - <para> - <emphasis>editusers</emphasis>: - This flag allows a user to do what you're doing right now: edit - other users. This will allow those with the right to do so to - remove administrator privileges from other users or grant them to - themselves. Enable with care.</para> - </listitem> - - - <listitem> - <para> - <emphasis>tweakparams</emphasis>: - This flag allows a user to change Bugzilla's Params - (using <filename>editparams.cgi</filename>.)</para> - </listitem> - - <listitem> - <para> - <emphasis><productname></emphasis>: - This allows an administrator to specify the products - in which a user can see bugs. If you turn on the - <quote>makeproductgroups</quote> parameter in - the Group Security Panel in the Parameters page, - then Bugzilla creates one group per product (at the time you create - the product), and this group has exactly the same name as the - product itself. Note that for products that already exist when - the parameter is turned on, the corresponding group will not be - created. The user must still have the <quote>editbugs</quote> - privilege to edit bugs in these products.</para> - </listitem> - </itemizedlist> - </section> - - <section id="user-account-deletion"> - <title>Deleting Users</title> - <para> - If the <quote>allowuserdeletion</quote> parameter is turned on, see - <xref linkend="parameters" />, then you can also delete user accounts. - Note that this is most of the time not the best thing to do. If only - a warning in a yellow box is displayed, then the deletion is safe. - If a warning is also displayed in a red box, then you should NOT try - to delete the user account, else you will get referential integrity - problems in your database, which can lead to unexpected behavior, - such as bugs not appearing in bug lists anymore, or data displaying - incorrectly. You have been warned! - </para> - </section> - - <section id="impersonatingusers"> - <title>Impersonating Users</title> - - <para> - There may be times when an administrator would like to do something as - another user. The <command>sudo</command> feature may be used to do - this. - </para> - - <note> - <para> - To use the sudo feature, you must be in the - <emphasis>bz_sudoers</emphasis> group. By default, all - administrators are in this group.</para> - </note> - - <para> - If you have access to this feature, you may start a session by - going to the Edit Users page, Searching for a user and clicking on - their login. You should see a link below their login name titled - "Impersonate this user". Click on the link. This will take you - to a page where you will see a description of the feature and - instructions for using it. After reading the text, simply - enter the login of the user you would like to impersonate, provide - a short message explaining why you are doing this, and press the - button.</para> - - <para> - As long as you are using this feature, everything you do will be done - as if you were logged in as the user you are impersonating.</para> - - <warning> - <para> - The user you are impersonating will not be told about what you are - doing. If you do anything that results in mail being sent, that - mail will appear to be from the user you are impersonating. You - should be extremely careful while using this feature.</para> - </warning> - </section> - </section> - </section> - - <section id="classifications" xreflabel="Classifications"> - <title>Classifications</title> - - <para>Classifications tend to be used in order to group several related - products into one distinct entity.</para> - - <para>The classifications layer is disabled by default; it can be turned - on or off using the useclassification parameter, - in the <emphasis>Bug Fields</emphasis> section of the edit parameters screen.</para> - - <para>Access to the administration of classifications is controlled using - the <emphasis>editclassifications</emphasis> system group, which defines - a privilege for creating, destroying, and editing classifications.</para> - - <para>When activated, classifications will introduce an additional - step when filling bugs (dedicated to classification selection), and they - will also appear in the advanced search form.</para> - </section> - - <section id="products" xreflabel="Products"> - <title>Products</title> - - <para> - <glossterm linkend="gloss-product" baseform="product"> - Products</glossterm> typically represent real-world - shipping products. Products can be given - <xref linkend="classifications"/>. - For example, if a company makes computer games, - they could have a classification of "Games", and a separate - product for each game. This company might also have a - <quote>Common</quote> product for units of technology used - in multiple games, and perhaps a few special products that - represent items that are not actually shipping products - (for example, "Website", or "Administration"). - </para> - - <para> - Many of Bugzilla's settings are configurable on a per-product - basis. The number of <quote>votes</quote> available to - users is set per-product, as is the number of votes - required to move a bug automatically from the UNCONFIRMED - status to the CONFIRMED status. - </para> - - <para> - When creating or editing products the following options are - available: - </para> - - <variablelist> - - <varlistentry> - <term> - Product - </term> - <listitem> - <para> - The name of the product - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Description - </term> - <listitem> - <para> - A brief description of the product - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Default milestone - </term> - <listitem> - <para> - Select the default milestone for this product. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Closed for bug entry - </term> - <listitem> - <para> - Select this box to prevent new bugs from being - entered against this product. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Maximum votes per person - </term> - <listitem> - <para> - Maximum votes a user is allowed to give for this - product - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Maximum votes a person can put on a single bug - </term> - <listitem> - <para> - Maximum votes a user is allowed to give for this - product in a single bug - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Confirmation threshold - </term> - <listitem> - <para> - Number of votes needed to automatically remove any - bug against this product from the UNCONFIRMED state - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Version - </term> - <listitem> - <para> - Specify which version of the product bugs will be - entered against. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - Create chart datasets for this product - </term> - <listitem> - <para> - Select to make chart datasets available for this product. - </para> - </listitem> - </varlistentry> - - </variablelist> - - <para> - When editing a product there is also a link to edit Group Access Controls, - see <xref linkend="product-group-controls"/>. - </para> - - <section id="create-product"> - <title>Creating New Products</title> - - <para> - To create a new product: - </para> - - <orderedlist> - <listitem> - <para> - Select <quote>Administration</quote> from the footer and then - choose <quote>Products</quote> from the main administration page. - </para> - </listitem> - - <listitem> - <para> - Select the <quote>Add</quote> link in the bottom right. - </para> - </listitem> - - <listitem> - <para> - Enter the name of the product and a description. The - Description field may contain HTML. - </para> - </listitem> - - <listitem> - <para> - When the product is created, Bugzilla will give a message - stating that a component must be created before any bugs can - be entered against the new product. Follow the link to create - a new component. See <xref linkend="components"/> for more - information. - </para> - </listitem> - </orderedlist> - - </section> - - <section id="edit-products"> - <title>Editing Products</title> - - <para> - To edit an existing product, click the "Products" link from the - "Administration" page. If the 'useclassification' parameter is - turned on, a table of existing classifications is displayed, - including an "Unclassified" category. The table indicates how many products - are in each classification. Click on the classification name to see its - products. If the 'useclassification' parameter is not in use, the table - lists all products directly. The product table summarizes the information - about the product defined - when the product was created. Click on the product name to edit these - properties, and to access links to other product attributes such as the - product's components, versions, milestones, and group access controls. - </para> - - </section> - - <section id="comps-vers-miles-products"> - <title>Adding or Editing Components, Versions and Target Milestones</title> - <para> - To edit existing, or add new, Components, Versions or Target Milestones - to a Product, select the "Edit Components", "Edit Versions" or "Edit - Milestones" links from the "Edit Product" page. A table of existing - Components, Versions or Milestones is displayed. Click on a item name - to edit the properties of that item. Below the table is a link to add - a new Component, Version or Milestone. - </para> - <para> - For more information on components, see <xref linkend="components"/>. - </para> - <para> - For more information on versions, see <xref linkend="versions"/>. - </para> - <para> - For more information on milestones, see <xref linkend="milestones"/>. - </para> - </section> - - <section id="product-group-controls"> - <title>Assigning Group Controls to Products</title> - - <para> - On the <quote>Edit Product</quote> page, there is a link called - <quote>Edit Group Access Controls</quote>. The settings on this page - control the relationship of the groups to the product being edited. - </para> - - <para> - Group Access Controls are an important aspect of using groups for - isolating products and restricting access to bugs filed against those - products. For more information on groups, including how to create, edit - add users to, and alter permission of, see <xref linkend="groups"/>. - </para> - - <para> - After selecting the "Edit Group Access Controls" link from the "Edit - Product" page, a table containing all user-defined groups for this - Bugzilla installation is displayed. The system groups that are created - when Bugzilla is installed are not applicable to Group Access Controls. - Below is description of what each of these fields means. - </para> - - <para> - Groups may be applicable (e.g bugs in this product can be associated - with this group) , default (e.g. bugs in this product are in this group - by default), and mandatory (e.g. bugs in this product must be associated - with this group) for each product. Groups can also control access - to bugs for a given product, or be used to make bugs for a product - totally read-only unless the group restrictions are met. The best way to - understand these relationships is by example. See - <xref linkend="group-control-examples"/> for examples of - product and group relationships. - </para> - - <note> - <para> - Products and Groups are not limited to a one-to-one relationship. - Multiple groups can be associated with the same product, and groups - can be associated with more than one product. - </para> - </note> - - <para> - If any group has <emphasis>Entry</emphasis> selected, then the - product will restrict bug entry to only those users - who are members of <emphasis>all</emphasis> the groups with - <emphasis>Entry</emphasis> selected. - </para> - - <para> - If any group has <emphasis>Canedit</emphasis> selected, - then the product will be read-only for any users - who are not members of <emphasis>all</emphasis> of the groups with - <emphasis>Canedit</emphasis> selected. <emphasis>Only</emphasis> users who - are members of all the <emphasis>Canedit</emphasis> groups - will be able to edit bugs for this product. This is an additional - restriction that enables finer-grained control over products rather - than just all-or-nothing access levels. - </para> - - <para> - The following settings let you - choose privileges on a <emphasis>per-product basis</emphasis>. - This is a convenient way to give privileges to - some users for some products only, without having - to give them global privileges which would affect - all products. - </para> - - <para> - Any group having <emphasis>editcomponents</emphasis> - selected allows users who are in this group to edit all - aspects of this product, including components, milestones - and versions. - </para> - - <para> - Any group having <emphasis>canconfirm</emphasis> selected - allows users who are in this group to confirm bugs - in this product. - </para> - - <para> - Any group having <emphasis>editbugs</emphasis> selected allows - users who are in this group to edit all fields of - bugs in this product. - </para> - - <para> - The <emphasis>MemberControl</emphasis> and - <emphasis>OtherControl</emphasis> are used in tandem to determine which - bugs will be placed in this group. The only allowable combinations of - these two parameters are listed in a table on the "Edit Group Access Controls" - page. Consult this table for details on how these fields can be used. - Examples of different uses are described below. - </para> - - <section id="group-control-examples"> - <title>Common Applications of Group Controls</title> - - <para> - The use of groups is best explained by providing examples that illustrate - configurations for common use cases. The examples follow a common syntax: - <emphasis>Group: Entry, MemberControl, OtherControl, CanEdit, - EditComponents, CanConfirm, EditBugs</emphasis>. Where "Group" is the name - of the group being edited for this product. The other fields all - correspond to the table on the "Edit Group Access Controls" page. If any - of these options are not listed, it means they are not checked. - </para> - - <para> - Basic Product/Group Restriction - </para> - - <para> - Suppose there is a product called "Bar". The - "Bar" product can only have bugs entered against it by users in the - group "Foo". Additionally, bugs filed against product "Bar" must stay - restricted to users to "Foo" at all times. Furthermore, only members - of group "Foo" can edit bugs filed against product "Bar", even if other - users could see the bug. This arrangement would achieved by the - following: - </para> - - <programlisting> -Product Bar: -foo: ENTRY, MANDATORY/MANDATORY, CANEDIT - </programlisting> - - <para> - Perhaps such strict restrictions are not needed for product "Bar". A - more lenient way to configure product "Bar" and group "Foo" would be: - </para> - - <programlisting> -Product Bar: -foo: ENTRY, SHOWN/SHOWN, EDITCOMPONENTS, CANCONFIRM, EDITBUGS - </programlisting> - - <para> - The above indicates that for product "Bar", members of group "Foo" can - enter bugs. Any one with permission to edit a bug against product "Bar" - can put the bug - in group "Foo", even if they themselves are not in "Foo". Anyone in group - "Foo" can edit all aspects of the components of product "Bar", can confirm - bugs against product "Bar", and can edit all fields of any bug against - product "Bar". - </para> - - <para> - General User Access With Security Group - </para> - - <para> - To permit any user to file bugs against "Product A", - and to permit any user to submit those bugs into a - group called "Security": - </para> - - <programlisting> -Product A: -security: SHOWN/SHOWN - </programlisting> - - <para> - General User Access With A Security Product - </para> - - <para> - To permit any user to file bugs against product called "Security" - while keeping those bugs from becoming visible to anyone - outside the group "SecurityWorkers" (unless a member of the - "SecurityWorkers" group removes that restriction): - </para> - - <programlisting> -Product Security: -securityworkers: DEFAULT/MANDATORY - </programlisting> - - <para> - Product Isolation With a Common Group - </para> - - <para> - To permit users of "Product A" to access the bugs for - "Product A", users of "Product B" to access the bugs for - "Product B", and support staff, who are members of the "Support - Group" to access both, three groups are needed: - </para> - - <orderedlist> - - <listitem> - <para>Support Group: Contains members of the support staff.</para> - </listitem> - - <listitem> - <para>AccessA Group: Contains users of product A and the Support group.</para> - </listitem> - - <listitem> - <para>AccessB Group: Contains users of product B and the Support group.</para> - </listitem> - - </orderedlist> - - <para> - Once these three groups are defined, the product group controls - can be set to: - </para> - - <programlisting> -Product A: -AccessA: ENTRY, MANDATORY/MANDATORY -Product B: -AccessB: ENTRY, MANDATORY/MANDATORY - </programlisting> - - <para> - Perhaps the "Support Group" wants more control. For example, - the "Support Group" could be permitted to make bugs inaccessible to - users of both groups "AccessA" and "AccessB". - Then, the "Support Group" could be permitted to publish - bugs relevant to all users in a third product (let's call it - "Product Common") that is read-only - to anyone outside the "Support Group". In this way the "Support Group" - could control bugs that should be seen by both groups. - That configuration would be: - </para> - - <programlisting> -Product A: -AccessA: ENTRY, MANDATORY/MANDATORY -Support: SHOWN/NA -Product B: -AccessB: ENTRY, MANDATORY/MANDATORY -Support: SHOWN/NA -Product Common: -Support: ENTRY, DEFAULT/MANDATORY, CANEDIT - </programlisting> - - <para> - Make a Product Read Only - </para> - - <para> - Sometimes a product is retired and should no longer have - new bugs filed against it (for example, an older version of a software - product that is no longer supported). A product can be made read-only - by creating a group called "readonly" and adding products to the - group as needed: - </para> - - <programlisting> -Product A: -ReadOnly: ENTRY, NA/NA, CANEDIT - </programlisting> - - <note> - <para> - For more information on Groups outside of how they relate to products - see <xref linkend="groups"/>. - </para> - </note> - - </section> - - </section> - - </section> - - <section id="components" xreflabel="Components"> - <title>Components</title> - - <para>Components are subsections of a Product. E.g. the computer game - you are designing may have a "UI" - component, an "API" component, a "Sound System" component, and a - "Plugins" component, each overseen by a different programmer. It - often makes sense to divide Components in Bugzilla according to the - natural divisions of responsibility within your Product or - company.</para> - - <para> - Each component has a default assignee and (if you turned it on in the parameters), - a QA Contact. The default assignee should be the primary person who fixes bugs in - that component. The QA Contact should be the person who will ensure - these bugs are completely fixed. The Assignee, QA Contact, and Reporter - will get email when new bugs are created in this Component and when - these bugs change. Default Assignee and Default QA Contact fields only - dictate the - <emphasis>default assignments</emphasis>; - these can be changed on bug submission, or at any later point in - a bug's life.</para> - - <para>To create a new Component:</para> - - <orderedlist> - <listitem> - <para>Select the <quote>Edit components</quote> link - from the <quote>Edit product</quote> page</para> - </listitem> - - <listitem> - <para>Select the <quote>Add</quote> link in the bottom right.</para> - </listitem> - - <listitem> - <para>Fill out the <quote>Component</quote> field, a - short <quote>Description</quote>, the - <quote>Default Assignee</quote>, <quote>Default CC List</quote> - and <quote>Default QA Contact</quote> (if enabled). - The <quote>Component Description</quote> field may contain a - limited subset of HTML tags. The <quote>Default Assignee</quote> - field must be a login name already existing in the Bugzilla database. - </para> - </listitem> - </orderedlist> - </section> - - <section id="versions"> - <title>Versions</title> - - <para>Versions are the revisions of the product, such as "Flinders - 3.1", "Flinders 95", and "Flinders 2000". Version is not a multi-select - field; the usual practice is to select the earliest version known to have - the bug. - </para> - - <para>To create and edit Versions:</para> - - <orderedlist> - <listitem> - <para>From the "Edit product" screen, select "Edit Versions"</para> - </listitem> - - <listitem> - <para>You will notice that the product already has the default - version "undefined". Click the "Add" link in the bottom right.</para> - </listitem> - - <listitem> - <para>Enter the name of the Version. This field takes text only. - Then click the "Add" button.</para> - </listitem> - - </orderedlist> - </section> - - <section id="milestones"> - <title>Milestones</title> - - <para>Milestones are "targets" that you plan to get a bug fixed by. For - example, you have a bug that you plan to fix for your 3.0 release, it - would be assigned the milestone of 3.0.</para> - - <note> - <para>Milestone options will only appear for a Product if you turned - on the "usetargetmilestone" parameter in the "Bug Fields" tab of the - "Parameters" page. - </para> - </note> - - <para>To create new Milestones, and set Default Milestones:</para> - - <orderedlist> - <listitem> - <para>Select "Edit milestones" from the "Edit product" page.</para> - </listitem> - - <listitem> - <para>Select "Add" in the bottom right corner.</para> - </listitem> - - <listitem> - <para>Enter the name of the Milestone in the "Milestone" field. You - can optionally set the "sortkey", which is a positive or negative - number (-32768 to 32767) that defines where in the list this particular - milestone appears. This is because milestones often do not - occur in alphanumeric order For example, "Future" might be - after "Release 1.2". Select "Add".</para> - </listitem> - </orderedlist> - </section> - - <section id="flags-overview"> - <title>Flags</title> - - <para> - Flags are a way to attach a specific status to a bug or attachment, - either <quote>+</quote> or <quote>-</quote>. The meaning of these symbols depends on the text - the flag itself, but contextually they could mean pass/fail, - accept/reject, approved/denied, or even a simple yes/no. If your site - allows requestable flags, then users may set a flag to <quote>?</quote> as a - request to another user that they look at the bug/attachment, and set - the flag to its correct status. - </para> - - <section id="flags-simpleexample"> - <title>A Simple Example</title> - - <para> - A developer might want to ask their manager, - <quote>Should we fix this bug before we release version 2.0?</quote> - They might want to do this for a <emphasis>lot</emphasis> of bugs, - so it would be nice to streamline the process... - </para> - <para> - In Bugzilla, it would work this way: - <orderedlist> - <listitem> - <para> - The Bugzilla administrator creates a flag type called - <quote>blocking2.0</quote> that shows up on all bugs in - your product. - </para> - - <para> - It shows up on the <quote>Show Bug</quote> screen - as the text <quote>blocking2.0</quote> with a drop-down box next - to it. The drop-down box contains four values: an empty space, - <quote>?</quote>, <quote>-</quote>, and <quote>+</quote>. - </para> - </listitem> - <listitem> - <para>The developer sets the flag to <quote>?</quote>.</para> - </listitem> - <listitem> - <para> - The manager sees the <computeroutput>blocking2.0</computeroutput> - flag with a <quote>?</quote> value. - </para> - </listitem> - <listitem> - <para> - If the manager thinks the feature should go into the product - before version 2.0 can be released, he sets the flag to - <quote>+</quote>. Otherwise, he sets it to <quote>-</quote>. - </para> - </listitem> - <listitem> - <para> - Now, every Bugzilla user who looks at the bug knows whether or - not the bug needs to be fixed before release of version 2.0. - </para> - </listitem> - </orderedlist> - </para> - - </section> - - <section id="flags-about"> - <title>About Flags</title> - - <section id="flag-values"> - <title>Values</title> - <para> - Flags can have three values: - <variablelist> - <varlistentry> - <term><computeroutput>?</computeroutput></term> - <listitem><simpara> - A user is requesting that a status be set. (Think of it as 'A question is being asked'.) - </simpara></listitem> - </varlistentry> - <varlistentry> - <term><computeroutput>-</computeroutput></term> - <listitem><simpara> - The status has been set negatively. (The question has been answered <quote>no</quote>.) - </simpara></listitem> - </varlistentry> - <varlistentry> - <term><computeroutput>+</computeroutput></term> - <listitem><simpara> - The status has been set positively. - (The question has been answered <quote>yes</quote>.) - </simpara></listitem> - </varlistentry> - </variablelist> - </para> - <para> - Actually, there's a fourth value a flag can have -- - <quote>unset</quote> -- which shows up as a blank space. This - just means that nobody has expressed an opinion (or asked - someone else to express an opinion) about this bug or attachment. - </para> - </section> - </section> - - <section id="flag-askto"> - <title>Using flag requests</title> - <para> - If a flag has been defined as 'requestable', and a user has enough privileges - to request it (see below), the user can set the flag's status to <quote>?</quote>. - This status indicates that someone (a.k.a. <quote>the requester</quote>) is asking - someone else to set the flag to either <quote>+</quote> or <quote>-</quote>. - </para> - <para> - If a flag has been defined as 'specifically requestable', - a text box will appear next to the flag into which the requester may - enter a Bugzilla username. That named person (a.k.a. <quote>the requestee</quote>) - will receive an email notifying them of the request, and pointing them - to the bug/attachment in question. - </para> - <para> - If a flag has <emphasis>not</emphasis> been defined as 'specifically requestable', - then no such text-box will appear. A request to set this flag cannot be made of - any specific individual, but must be asked <quote>to the wind</quote>. - A requester may <quote>ask the wind</quote> on any flag simply by leaving the text-box blank. - </para> - </section> - - <section id="flag-types"> - <title>Two Types of Flags</title> - - <para> - Flags can go in two places: on an attachment, or on a bug. - </para> - - <section id="flag-type-attachment"> - <title>Attachment Flags</title> - - <para> - Attachment flags are used to ask a question about a specific - attachment on a bug. - </para> - <para> - Many Bugzilla installations use this to - request that one developer <quote>review</quote> another - developer's code before they check it in. They attach the code to - a bug report, and then set a flag on that attachment called - <quote>review</quote> to - <computeroutput>review?boss@domain.com</computeroutput>. - boss@domain.com is then notified by email that - he has to check out that attachment and approve it or deny it. - </para> - - <para> - For a Bugzilla user, attachment flags show up in three places: - <orderedlist> - <listitem> - <para> - On the list of attachments in the <quote>Show Bug</quote> - screen, you can see the current state of any flags that - have been set to ?, +, or -. You can see who asked about - the flag (the requester), and who is being asked (the - requestee). - </para> - </listitem> - <listitem> - <para> - When you <quote>Edit</quote> an attachment, you can - see any settable flag, along with any flags that have - already been set. This <quote>Edit Attachment</quote> - screen is where you set flags to ?, -, +, or unset them. - </para> - </listitem> - <listitem> - <para> - Requests are listed in the <quote>Request Queue</quote>, which - is accessible from the <quote>My Requests</quote> link (if you are - logged in) or <quote>Requests</quote> link (if you are logged out) - visible in the footer of all pages. - </para> - </listitem> - </orderedlist> - </para> - - </section> - - <section id="flag-type-bug"> - <title>Bug Flags</title> - - <para> - Bug flags are used to set a status on the bug itself. You can - see Bug Flags in the <quote>Show Bug</quote> and <quote>Requests</quote> - screens, as described above. - </para> - <para> - Only users with enough privileges (see below) may set flags on bugs. - This doesn't necessarily include the assignee, reporter, or users with the - <computeroutput>editbugs</computeroutput> permission. - </para> - </section> - - </section> - - <section id="flags-admin"> - <title>Administering Flags</title> - - <para> - If you have the <quote>editcomponents</quote> permission, you can - edit Flag Types from the main administration page. Clicking the - <quote>Flags</quote> link will bring you to the <quote>Administer - Flag Types</quote> page. Here, you can select whether you want - to create (or edit) a Bug flag, or an Attachment flag. - </para> - <para> - No matter which you choose, the interface is the same, so we'll - just go over it once. - </para> - - <section id="flags-edit"> - <title>Editing a Flag</title> - <para> - To edit a flag's properties, just click the flag's name. - That will take you to the same - form as described below (<xref linkend="flags-create"/>). - </para> - </section> - - <section id="flags-create"> - <title>Creating a Flag</title> - - <para> - When you click on the <quote>Create a Flag Type for...</quote> - link, you will be presented with a form. Here is what the fields in - the form mean: - </para> - - <section id="flags-create-field-name"> - <title>Name</title> - <para> - This is the name of the flag. This will be displayed - to Bugzilla users who are looking at or setting the flag. - The name may contain any valid Unicode characters except commas - and spaces. - </para> - </section> - - <section id="flags-create-field-description"> - <title>Description</title> - <para> - The description describes the flag in more detail. It is visible - in a tooltip when hovering over a flag either in the <quote>Show Bug</quote> - or <quote>Edit Attachment</quote> pages. This field can be as - long as you like, and can contain any character you want. - </para> - </section> - - <section id="flags-create-field-category"> - <title>Category</title> - - <para> - Default behaviour for a newly-created flag is to appear on - products and all components, which is why <quote>__Any__:__Any__</quote> - is already entered in the <quote>Inclusions</quote> box. - If this is not your desired behaviour, you must either set some - exclusions (for products on which you don't want the flag to appear), - or you must remove <quote>__Any__:__Any__</quote> from the Inclusions box - and define products/components specifically for this flag. - </para> - - <para> - To create an Inclusion, select a Product from the top drop-down box. - You may also select a specific component from the bottom drop-down box. - (Setting <quote>__Any__</quote> for Product translates to, - <quote>all the products in this Bugzilla</quote>. - Selecting <quote>__Any__</quote> in the Component field means - <quote>all components in the selected product.</quote>) - Selections made, press <quote>Include</quote>, and your - Product/Component pairing will show up in the <quote>Inclusions</quote> box on the right. - </para> - - <para> - To create an Exclusion, the process is the same; select a Product from the - top drop-down box, select a specific component if you want one, and press - <quote>Exclude</quote>. The Product/Component pairing will show up in the - <quote>Exclusions</quote> box on the right. - </para> - - <para> - This flag <emphasis>will</emphasis> and <emphasis>can</emphasis> be set for any - products/components that appearing in the <quote>Inclusions</quote> box - (or which fall under the appropriate <quote>__Any__</quote>). - This flag <emphasis>will not</emphasis> appear (and therefore cannot be set) on - any products appearing in the <quote>Exclusions</quote> box. - <emphasis> IMPORTANT: Exclusions override inclusions.</emphasis> - </para> - - <para> - You may select a Product without selecting a specific Component, - but you can't select a Component without a Product, or to select a - Component that does not belong to the named Product. If you do so, - Bugzilla will display an error message, even if all your products - have a component by that name. - </para> - - <para><emphasis>Example:</emphasis> Let's say you have a product called - <quote>Jet Plane</quote> that has thousands of components. You want - to be able to ask if a problem should be fixed in the next model of - plane you release. We'll call the flag <quote>fixInNext</quote>. - But, there's one component in <quote>Jet Plane,</quote> - called <quote>Pilot.</quote> It doesn't make sense to release a - new pilot, so you don't want to have the flag show up in that component. - So, you include <quote>Jet Plane:__Any__</quote> and you exclude - <quote>Jet Plane:Pilot</quote>. - </para> - </section> - - <section id="flags-create-field-sortkey"> - <title>Sort Key</title> - <para> - Flags normally show up in alphabetical order. If you want them to - show up in a different order, you can use this key set the order on each flag. - Flags with a lower sort key will appear before flags with a higher - sort key. Flags that have the same sort key will be sorted alphabetically, - but they will still be after flags with a lower sort key, and before flags - with a higher sort key. - </para> - <para> - <emphasis>Example:</emphasis> I have AFlag (Sort Key 100), BFlag (Sort Key 10), - CFlag (Sort Key 10), and DFlag (Sort Key 1). These show up in - the order: DFlag, BFlag, CFlag, AFlag. - </para> - </section> - - <section id="flags-create-field-active"> - <title>Active</title> - <para> - Sometimes, you might want to keep old flag information in the - Bugzilla database, but stop users from setting any new flags of this type. - To do this, uncheck <quote>active</quote>. Deactivated - flags will still show up in the UI if they are ?, +, or -, but they - may only be cleared (unset), and cannot be changed to a new value. - Once a deactivated flag is cleared, it will completely disappear from a - bug/attachment, and cannot be set again. - </para> - </section> - - <section id="flags-create-field-requestable"> - <title>Requestable</title> - <para> - New flags are, by default, <quote>requestable</quote>, meaning that they - offer users the <quote>?</quote> option, as well as <quote>+</quote> - and <quote>-</quote>. - To remove the ? option, uncheck <quote>requestable</quote>. - </para> - </section> - - <section id="flags-create-field-specific"> - <title>Specifically Requestable</title> - <para> - By default this box is checked for new flags, meaning that users may make - flag requests of specific individuals. Unchecking this box will remove the - text box next to a flag; if it is still requestable, then requests may - only be made <quote>to the wind.</quote> Removing this after specific - requests have been made will not remove those requests; that data will - stay in the database (though it will no longer appear to the user). - </para> - </section> - - <section id="flags-create-field-multiplicable"> - <title>Multiplicable</title> - <para> - Any flag with <quote>Multiplicable</quote> set (default for new flags is 'on') - may be set more than once. After being set once, an unset flag - of the same type will appear below it with <quote>addl.</quote> (short for - <quote>additional</quote>) before the name. There is no limit to the number of - times a Multiplicable flags may be set on the same bug/attachment. - </para> - </section> - - <section id="flags-create-field-cclist"> - <title>CC List</title> - - <para> - If you want certain users to be notified every time this flag is - set to ?, -, +, or unset, add them here. This is a comma-separated - list of email addresses that need not be restricted to Bugzilla usernames. - </para> - </section> - - <section id="flags-create-grant-group"> - <title>Grant Group</title> - <para> - When this field is set to some given group, only users in the group - can set the flag to <quote>+</quote> and <quote>-</quote>. This - field does not affect who can request or cancel the flag. For that, - see the <quote>Request Group</quote> field below. If this field - is left blank, all users can set or delete this flag. This field is - useful for restricting which users can approve or reject requests. - </para> - </section> - - <section id="flags-create-request-group"> - <title>Request Group</title> - <para> - When this field is set to some given group, only users in the group - can request or cancel this flag. Note that this field has no effect - if the <quote>grant group</quote> field is empty. You can set the - value of this field to a different group, but both fields have to be - set to a group for this field to have an effect. - </para> - </section> - </section> <!-- flags-create --> - - <section id="flags-delete"> - <title>Deleting a Flag</title> - - <para> - When you are at the <quote>Administer Flag Types</quote> screen, - you will be presented with a list of Bug flags and a list of Attachment - Flags. - </para> - <para> - To delete a flag, click on the <quote>Delete</quote> link next to - the flag description. - </para> - <warning> - <para> - Once you delete a flag, it is <emphasis>gone</emphasis> from - your Bugzilla. All the data for that flag will be deleted. - Everywhere that flag was set, it will disappear, - and you cannot get that data back. If you want to keep flag data, - but don't want anybody to set any new flags or change current flags, - unset <quote>active</quote> in the flag Edit form. - </para> - </warning> - </section> - - </section> <!-- flags-admin --> - - <!-- XXX We should add a "Uses of Flags" section, here, with examples. --> - - </section> <!-- flags --> - - <section id="keywords"> - <title>Keywords</title> - - <para> - The administrator can define keywords which can be used to tag and - categorise bugs. For example, the keyword "regression" is commonly used. - A company might have a policy stating all regressions - must be fixed by the next release - this keyword can make tracking those - bugs much easier. - </para> - <para> - Keywords are global, rather than per-product. If the administrator changes - a keyword currently applied to any bugs, the keyword cache must be rebuilt - using the <xref linkend="sanitycheck"/> script. Currently keywords can not - be marked obsolete to prevent future usage. - </para> - <para> - Keywords can be created, edited or deleted by clicking the "Keywords" - link in the admin page. There are two fields for each keyword - the keyword - itself and a brief description. Once created, keywords can be selected - and applied to individual bugs in that bug's "Details" section. - </para> - </section> - - <section id="custom-fields"> - <title>Custom Fields</title> - - <para> - The release of Bugzilla 3.0 added the ability to create Custom Fields. - Custom Fields are treated like any other field - they can be set in bugs - and used for search queries. Administrators should keep in mind that - adding too many fields can make the user interface more complicated and - harder to use. Custom Fields should be added only when necessary and with - careful consideration. - </para> - <tip> - <para> - Before adding a Custom Field, make sure that Bugzilla can not already - do the desired behavior. Many Bugzilla options are not enabled by - default, and many times Administrators find that simply enabling - certain options that already exist is sufficient. - </para> - </tip> - <para> - Administrators can manage Custom Fields using the - <quote>Custom Fields</quote> link on the Administration page. The Custom - Fields administration page displays a list of Custom Fields, if any exist, - and a link to "Add a new custom field". - </para> - - <section id="add-custom-fields"> - <title>Adding Custom Fields</title> - - <para> - To add a new Custom Field, click the "Add a new custom field" link. This - page displays several options for the new field, described below. - </para> - - <para> - The following attributes must be set for each new custom field: - <itemizedlist> - <listitem> - <para> - <emphasis>Name:</emphasis> - The name of the field in the database, used internally. This name - MUST begin with <quote>cf_</quote> to prevent confusion with - standard fields. If this string is omitted, it will - be automatically added to the name entered. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Description:</emphasis> - A brief string which is used as the label for this Custom Field. - That is the string that users will see, and should be - short and explicit. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Type:</emphasis> - The type of field to create. There are - several types available: - <variablelist> - <varlistentry> - <term>Bug ID:</term> - <listitem> - <para> - A field where you can enter the ID of another bug from - the same Bugzilla installation. To point to a bug in a remote - installation, use the See Also field instead. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Large Text Box:</term> - <listitem> - <para> - A multiple line box for entering free text. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Free Text:</term> - <listitem> - <para> - A single line box for entering free text. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Multiple-Selection Box:</term> - <listitem> - <para> - A list box where multiple options - can be selected. After creating this field, it must be edited - to add the selection options. See - <xref linkend="edit-values-list" /> for information about - editing legal values. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Drop Down:</term> - <listitem> - <para> - A list box where only one option can be selected. - After creating this field, it must be edited to add the - selection options. See - <xref linkend="edit-values-list" /> for information about - editing legal values. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Date/Time:</term> - <listitem> - <para> - A date field. This field appears with a - calendar widget for choosing the date. - </para> - </listitem> - </varlistentry> - </variablelist> - </para> - </listitem> - - <listitem> - <para> - <emphasis>Sortkey:</emphasis> - Integer that determines in which order Custom Fields are - displayed in the User Interface, especially when viewing a bug. - Fields with lower values are displayed first. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Reverse Relationship Description:</emphasis> - When the custom field is of type <quote>Bug ID</quote>, you can - enter text here which will be used as label in the referenced - bug to list bugs which point to it. This gives you the ability - to have a mutual relationship between two bugs. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Can be set on bug creation:</emphasis> - Boolean that determines whether this field can be set on - bug creation. If not selected, then a bug must be created - before this field can be set. See <xref linkend="bugreports" /> - for information about filing bugs. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Displayed in bugmail for new bugs:</emphasis> - Boolean that determines whether the value set on this field - should appear in bugmail when the bug is filed. This attribute - has no effect if the field cannot be set on bug creation. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Is obsolete:</emphasis> - Boolean that determines whether this field should - be displayed at all. Obsolete Custom Fields are hidden. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Is mandatory:</emphasis> - Boolean that determines whether this field must be set. - For single and multi-select fields, this means that a (non-default) - value must be selected, and for text and date fields, some text - must be entered. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Field only appears when:</emphasis> - A custom field can be made visible when some criteria is met. - For instance, when the bug belongs to one or more products, - or when the bug is of some given severity. If left empty, then - the custom field will always be visible, in all bugs. - </para> - </listitem> - - <listitem> - <para> - <emphasis>Field that controls the values that appear in this field:</emphasis> - When the custom field is of type <quote>Drop Down</quote> or - <quote>Multiple-Selection Box</quote>, you can restrict the - availability of the values of the custom field based on the - value of another field. This criteria is independent of the - criteria used in the <quote>Field only appears when</quote> - setting. For instance, you may decide that some given value - <quote>valueY</quote> is only available when the bug status - is RESOLVED while the value <quote>valueX</quote> should - always be listed. - Once you have selected the field which should control the - availability of the values of this custom field, you can - edit values of this custom field to set the criteria, see - <xref linkend="edit-values-list" />. - </para> - </listitem> - </itemizedlist> - </para> - </section> - - <section id="edit-custom-fields"> - <title>Editing Custom Fields</title> - - <para> - As soon as a Custom Field is created, its name and type cannot be - changed. If this field is a drop down menu, its legal values can - be set as described in <xref linkend="edit-values-list" />. All - other attributes can be edited as described above. - </para> - </section> - - <section id="delete-custom-fields"> - <title>Deleting Custom Fields</title> - - <para> - Only custom fields which are marked as obsolete, and which never - have been used, can be deleted completely (else the integrity - of the bug history would be compromised). For custom fields marked - as obsolete, a "Delete" link will appear in the <quote>Action</quote> - column. If the custom field has been used in the past, the deletion - will be rejected. But marking the field as obsolete is sufficient - to hide it from the user interface entirely. - </para> - </section> - </section> - - <section id="edit-values"> - <title>Legal Values</title> - - <para> - Legal values for the operating system, platform, bug priority and - severity, custom fields of type <quote>Drop Down</quote> and - <quote>Multiple-Selection Box</quote> (see <xref linkend="custom-fields" />), - as well as the list of valid bug statuses and resolutions can be - customized from the same interface. You can add, edit, disable and - remove values which can be used with these fields. - </para> - - <section id="edit-values-list"> - <title>Viewing/Editing legal values</title> - <para> - Editing legal values requires <quote>admin</quote> privileges. - Select "Field Values" from the Administration page. A list of all - fields, both system fields and Custom Fields, for which legal values - can be edited appears. Click a field name to edit its legal values. - </para> - <para> - There is no limit to how many values a field can have, but each value - must be unique to that field. The sortkey is important to display these - values in the desired order. - </para> - <para> - When the availability of the values of a custom field is controlled - by another field, you can select from here which value of the other field - must be set for the value of the custom field to appear. - </para> - </section> - - <section id="edit-values-delete"> - <title>Deleting legal values</title> - <para> - Legal values from Custom Fields can be deleted, but only if the - following two conditions are respected: - </para> - - <orderedlist> - <listitem> - <para>The value is not used by default for the field.</para> - </listitem> - - <listitem> - <para>No bug is currently using this value.</para> - </listitem> - </orderedlist> - - <para> - If any of these conditions is not respected, the value cannot be deleted. - The only way to delete these values is to reassign bugs to another value - and to set another value as default for the field. - </para> - </section> - </section> - - <section id="bug_status_workflow"> - <title>Bug Status Workflow</title> - - <para> - The bug status workflow is no longer hardcoded but can be freely customized - from the web interface. Only one bug status cannot be renamed nor deleted, - UNCONFIRMED, but the workflow involving it is free. The configuration - page displays all existing bug statuses twice, first on the left for bug - statuses we come from and on the top for bug statuses we move to. - If the checkbox is checked, then the transition between the two bug statuses - is legal, else it's forbidden independently of your privileges. The bug status - used for the "duplicate_or_move_bug_status" parameter must be part of the - workflow as that is the bug status which will be used when duplicating or - moving a bug, so it must be available from each bug status. - </para> - <para> - When the workflow is set, the "View Current Triggers" link below the table - lets you set which transitions require a comment from the user. - </para> - </section> - - <section id="voting"> - <title>Voting</title> - - <para>All of the code for voting in Bugzilla has been moved into an - extension, called "Voting", in the <filename>extensions/Voting/</filename> - directory. To enable it, you must remove the <filename>disabled</filename> - file from that directory, and run <filename>checksetup.pl</filename>.</para> - - <para>Voting allows users to be given a pot of votes which they can allocate - to bugs, to indicate that they'd like them fixed. - This allows developers to gauge - user need for a particular enhancement or bugfix. By allowing bugs with - a certain number of votes to automatically move from "UNCONFIRMED" to - "CONFIRMED", users of the bug system can help high-priority bugs garner - attention so they don't sit for a long time awaiting triage.</para> - - <para>To modify Voting settings:</para> - - <orderedlist> - <listitem> - <para>Navigate to the "Edit product" screen for the Product you - wish to modify</para> - </listitem> - - <listitem> - <para><emphasis>Maximum Votes per person</emphasis>: - Setting this field to "0" disables voting.</para> - </listitem> - - <listitem> - <para><emphasis>Maximum Votes a person can put on a single - bug</emphasis>: - It should probably be some number lower than the - "Maximum votes per person". Don't set this field to "0" if - "Maximum votes per person" is non-zero; that doesn't make - any sense.</para> - </listitem> - - <listitem> - <para><emphasis>Number of votes a bug in this product needs to - automatically get out of the UNCONFIRMED state</emphasis>: - Setting this field to "0" disables the automatic move of - bugs from UNCONFIRMED to CONFIRMED. - </para> - </listitem> - - <listitem> - <para>Once you have adjusted the values to your preference, click - "Update".</para> - </listitem> - </orderedlist> - </section> - - <section id="quips"> - <title>Quips</title> - - <para> - Quips are small text messages that can be configured to appear - next to search results. A Bugzilla installation can have its own specific - quips. Whenever a quip needs to be displayed, a random selection - is made from the pool of already existing quips. - </para> - - <para> - Quip submission is controlled by the <emphasis>quip_list_entry_control</emphasis> - parameter. It has several possible values: open, moderated, or closed. - In order to enable quips approval you need to set this parameter to - "moderated". In this way, users are free to submit quips for addition - but an administrator must explicitly approve them before they are - actually used. - </para> - - <para> - In order to see the user interface for the quips, it is enough to click - on a quip when it is displayed together with the search results. Or - it can be seen directly in the browser by visiting the quips.cgi URL - (prefixed with the usual web location of the Bugzilla installation). - Once the quip interface is displayed, it is enough to click the - "view and edit the whole quip list" in order to see the administration - page. A page with all the quips available in the database will - be displayed. - </para> - - <para> - Next to each quip there is a checkbox, under the - "Approved" column. Quips who have this checkbox checked are - already approved and will appear next to the search results. - The ones that have it unchecked are still preserved in the - database but they will not appear on search results pages. - User submitted quips have initially the checkbox unchecked. - </para> - - <para> - Also, there is a delete link next to each quip, - which can be used in order to permanently delete a quip. - </para> - - <para> - Display of quips is controlled by the <emphasis>display_quips</emphasis> - user preference. Possible values are "on" and "off". - </para> - </section> - - <section id="groups"> - <title>Groups and Group Security</title> - - <para> - Groups allow for separating bugs into logical divisions. - Groups are typically used - to isolate bugs that should only be seen by certain people. For - example, a company might create a different group for each one of its customers - or partners. Group permissions could be set so that each partner or customer would - only have access to their own bugs. Or, groups might be used to create - variable access controls for different departments within an organization. - Another common use of groups is to associate groups with products, - creating isolation and access control on a per-product basis. - </para> - - <para> - Groups and group behaviors are controlled in several places: - </para> - - <orderedlist> - - <listitem> - <para> - The group configuration page. To view or edit existing groups, or to - create new groups, access the "Groups" link from the "Administration" - page. This section of the manual deals primarily with the aspect of - group controls accessed on this page. - </para> - </listitem> - - <listitem> - <para> - Global configuration parameters. Bugzilla has several parameters - that control the overall default group behavior and restriction - levels. For more information on the parameters that control - group behavior globally, see <xref linkend="param-group-security"/>. - </para> - - </listitem> - - <listitem> - <para> - Product association with groups. Most of the functionality of groups - and group security is controlled at the product level. Some aspects - of group access controls for products are discussed in this section, - but for more detail see <xref linkend="product-group-controls"/>. - </para> - </listitem> - - <listitem> - <para> - Group access for users. See <xref linkend="users-and-groups"/> for - details on how users are assigned group access. - </para> - </listitem> - - </orderedlist> - - <para> - Group permissions are such that if a bug belongs to a group, only members - of that group can see the bug. If a bug is in more than one group, only - members of <emphasis>all</emphasis> the groups that the bug is in can see - the bug. For information on granting read-only access to certain people and - full edit access to others, see <xref linkend="product-group-controls"/>. - </para> - - <note> - <para> - By default, bugs can also be seen by the Assignee, the Reporter, and - by everyone on the CC List, regardless of whether or not the bug would - typically be viewable by them. Visibility to the Reporter and CC List can - be overridden (on a per-bug basis) by bringing up the bug, finding the - section that starts with <quote>Users in the roles selected below...</quote> - and un-checking the box next to either 'Reporter' or 'CC List' (or both). - </para> - </note> - - <section id="create-groups"> - <title>Creating Groups</title> - - <para> - To create a new group, follow the steps below: - </para> - - <orderedlist> - - <listitem> - <para> - Select the <quote>Administration</quote> link in the page footer, - and then select the <quote>Groups</quote> link from the - Administration page. - </para> - </listitem> - - <listitem> - <para> - A table of all the existing groups is displayed. Below the table is a - description of all the fields. To create a new group, select the - <quote>Add Group</quote> link under the table of existing groups. - </para> - </listitem> - - <listitem> - <para> - There are five fields to fill out. These fields are documented below - the form. Choose a name and description for the group. Decide whether - this group should be used for bugs (in all likelihood this should be - selected). Optionally, choose a regular expression that will - automatically add any matching users to the group, and choose an - icon that will help identify user comments for the group. The regular - expression can be useful, for example, to automatically put all users - from the same company into one group (if the group is for a specific - customer or partner). - </para> - <note> - <para> - If <quote>User RegExp</quote> is filled out, users whose email - addresses match the regular expression will automatically be - members of the group as long as their email addresses continue - to match the regular expression. If their email address changes - and no longer matches the regular expression, they will be removed - from the group. Versions 2.16 and older of Bugzilla did not automatically - remove users who's email addresses no longer matched the RegExp. - </para> - </note> - <warning> - <para> - If specifying a domain in the regular expression, end - the regexp with a "$". Otherwise, when granting access to - "@mycompany\.com", access will also be granted to - 'badperson@mycompany.com.cracker.net'. Use the syntax, - '@mycompany\.com$' for the regular expression. - </para> - </warning> - </listitem> - - <listitem> - <para> - After the new group is created, it can be edited for additional options. - The "Edit Group" page allows for specifying other groups that should be included - in this group and which groups should be permitted to add and delete - users from this group. For more details, see <xref linkend="edit-groups"/>. - </para> - </listitem> - </orderedlist> - - </section> - - <section id="edit-groups"> - <title>Editing Groups and Assigning Group Permissions</title> - - <para> - To access the "Edit Groups" page, select the - <quote>Administration</quote> link in the page footer, - and then select the <quote>Groups</quote> link from the Administration page. - A table of all the existing groups is displayed. Click on a group name - you wish to edit or control permissions for. - </para> - - <para> - The "Edit Groups" page contains the same five fields present when - creating a new group. Below that are two additional sections, "Group - Permissions," and "Mass Remove". The "Mass Remove" option simply removes - all users from the group who match the regular expression entered. The - "Group Permissions" section requires further explanation. - </para> - - <para> - The "Group Permissions" section on the "Edit Groups" page contains four sets - of permissions that control the relationship of this group to other - groups. If the 'usevisibilitygroups' parameter is in use (see - <xref linkend="parameters"/>) two additional sets of permissions are displayed. - Each set consists of two select boxes. On the left, a select box - with a list of all existing groups. On the right, a select box listing - all groups currently selected for this permission setting (this box will - be empty for new groups). The way these controls allow groups to relate - to one another is called <emphasis>inheritance</emphasis>. - Each of the six permissions is described below. - </para> - - <variablelist> - - <varlistentry> - - <term> - <emphasis>Groups That Are a Member of This Group</emphasis> - </term> - - <listitem> - <para> - Members of any groups selected here will automatically have - membership in this group. In other words, members of any selected - group will inherit membership in this group. - </para> - </listitem> - - </varlistentry> - - <varlistentry> - - <term> - <emphasis>Groups That This Group Is a Member Of</emphasis> - </term> - - <listitem> - <para> - Members of this group will inherit membership to any group - selected here. For example, suppose the group being edited is - an Admin group. If there are two products (Product1 and Product2) - and each product has its - own group (Group1 and Group2), and the Admin group - should have access to both products, - simply select both Group1 and Group2 here. - </para> - </listitem> - - </varlistentry> - - <varlistentry> - - <term> - <emphasis>Groups That Can Grant Membership in This Group</emphasis> - </term> - - <listitem> - <para> - The members of any group selected here will be able add users - to this group, even if they themselves are not in this group. - </para> - </listitem> - - </varlistentry> - - <varlistentry> - - <term> - <emphasis>Groups That This Group Can Grant Membership In</emphasis> - </term> - - <listitem> - <para> - Members of this group can add users to any group selected here, - even if they themselves are not in the selected groups. - </para> - </listitem> - - </varlistentry> - - <varlistentry> - - <term> - <emphasis>Groups That Can See This Group</emphasis> - </term> - - <listitem> - <para> - Members of any selected group can see the users in this group. - This setting is only visible if the 'usevisibilitygroups' parameter - is enabled on the Bugzilla Configuration page. See - <xref linkend="parameters"/> for information on configuring Bugzilla. - </para> - </listitem> - - </varlistentry> - - <varlistentry> - - <term> - <emphasis>Groups That This Group Can See</emphasis> - </term> - - <listitem> - <para> - Members of this group can see members in any of the selected groups. - This setting is only visible if the 'usevisibilitygroups' parameter - is enabled on the the Bugzilla Configuration page. See - <xref linkend="parameters"/> for information on configuring Bugzilla. - </para> - </listitem> - - </varlistentry> - - </variablelist> - - </section> - - <section id="users-and-groups"> - <title>Assigning Users to Groups</title> - - <para> - A User can become a member of a group in several ways: - </para> - - <orderedlist> - - <listitem> - <para> - The user can be explicitly placed in the group by editing - the user's profile. This can be done by accessing the "Users" page - from the "Administration" page. Use the search form to find the user - you want to edit group membership for, and click on their email - address in the search results to edit their profile. The profile - page lists all the groups, and indicates if the user is a member of - the group either directly or indirectly. More information on indirect - group membership is below. For more details on User administration, - see <xref linkend="useradmin"/>. - </para> - </listitem> - - <listitem> - <para> - The group can include another group of which the user is - a member. This is indicated by square brackets around the checkbox - next to the group name in the user's profile. - See <xref linkend="edit-groups"/> for details on group inheritance. - </para> - </listitem> - - <listitem> - <para> - The user's email address can match the regular expression - that has been specified to automatically grant membership to - the group. This is indicated by "*" around the check box by the - group name in the user's profile. - See <xref linkend="create-groups"/> for details on - the regular expression option when creating groups. - </para> - </listitem> - - </orderedlist> - - </section> - - <section> - <title>Assigning Group Controls to Products</title> - - <para> - The primary functionality of groups is derived from the relationship of - groups to products. The concepts around segregating access to bugs with - product group controls can be confusing. For details and examples on this - topic, see <xref linkend="product-group-controls" />. - </para> - - </section> - </section> - - <section id="sanitycheck"> - <title>Checking and Maintaining Database Integrity</title> - - <para> - Over time it is possible for the Bugzilla database to become corrupt - or to have anomalies. - This could happen through normal usage of Bugzilla, manual database - administration outside of the Bugzilla user interface, or from some - other unexpected event. Bugzilla includes a "Sanity Check" script that - can perform several basic database checks, and repair certain problems or - inconsistencies. - </para> - <para> - To run the "Sanity Check" script, log in as an Administrator and click the - "Sanity Check" link in the admin page. Any problems that are found will be - displayed in red letters. If the script is capable of fixing a problem, - it will present a link to initiate the fix. If the script can not - fix the problem it will require manual database administration or recovery. - </para> - <para> - The "Sanity Check" script can also be run from the command line via the perl - script <filename>sanitycheck.pl</filename>. The script can also be run as - a <command>cron</command> job. Results will be delivered by email. - </para> - <para> - The "Sanity Check" script should be run on a regular basis as a matter of - best practice. - </para> - <warning> - <para> - The "Sanity Check" script is no substitute for a competent database - administrator. It is only designed to check and repair basic database - problems. - </para> - </warning> - - </section> - - -</chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/conventions.xml b/docs/en/xml/conventions.xml deleted file mode 100644 index 70e6624f7..000000000 --- a/docs/en/xml/conventions.xml +++ /dev/null @@ -1,164 +0,0 @@ -<!-- <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> -<section id="conventions"> - <title>Document Conventions</title> - - <indexterm zone="conventions"> - <primary>conventions</primary> - </indexterm> - - <para>This document uses the following conventions:</para> - - <informaltable frame="none"> - <tgroup cols="2"> - <thead> - <row> - <entry>Descriptions</entry> - - <entry>Appearance</entry> - </row> - </thead> - - <tbody> - <row> - <entry>Caution</entry> - - <entry> - <caution> - <para>Don't run with scissors!</para> - </caution> - </entry> - </row> - - <row> - <entry>Hint or Tip</entry> - - <entry> - <tip> - <para>For best results... </para> - </tip> - </entry> - </row> - - <row> - <entry>Note</entry> - - <entry> - <note> - <para>Dear John...</para> - </note> - </entry> - </row> - - <row> - <entry>Warning</entry> - - <entry> - <warning> - <para>Read this or the cat gets it.</para> - </warning> - </entry> - </row> - - <row> - <entry>File or directory name</entry> - - <entry> - <filename>filename</filename> - </entry> - </row> - - <row> - <entry>Command to be typed</entry> - - <entry> - <command>command</command> - </entry> - </row> - - <row> - <entry>Application name</entry> - - <entry> - <application>application</application> - </entry> - </row> - - <row> - <entry> - Normal user's prompt under bash shell</entry> - - <entry>bash$</entry> - </row> - - <row> - <entry> - Root user's prompt under bash shell</entry> - - <entry>bash#</entry> - </row> - - <row> - <entry> - Normal user's prompt under tcsh shell</entry> - - <entry>tcsh$</entry> - </row> - - <row> - <entry>Environment variables</entry> - - <entry> - <envar>VARIABLE</envar> - </entry> - </row> - - <row> - <entry>Term found in the glossary</entry> - - <entry> - <glossterm linkend="gloss-bugzilla">Bugzilla</glossterm> - </entry> - </row> - - <row> - <entry>Code example</entry> - - <entry> - <programlisting><sgmltag class="starttag">para</sgmltag> -Beginning and end of paragraph -<sgmltag class="endtag">para</sgmltag></programlisting> - </entry> - </row> - </tbody> - </tgroup> - </informaltable> - - <para> - This documentation is maintained in DocBook 4.1.2 XML format. - Changes are best submitted as plain text or XML diffs, attached - to a bug filed in the &bzg-bugs; component. - </para> - -</section> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/customization.xml b/docs/en/xml/customization.xml deleted file mode 100644 index c1524e07d..000000000 --- a/docs/en/xml/customization.xml +++ /dev/null @@ -1,600 +0,0 @@ -<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> -<chapter id="customization"> - <title>Customizing Bugzilla</title> - - <section id="extensions"> - <title>Bugzilla Extensions</title> - - <para> - One of the best ways to customize Bugzilla is by writing a Bugzilla - Extension. Bugzilla Extensions let you modify both the code and - UI of Bugzilla in a way that can be distributed to other Bugzilla - users and ported forward to future versions of Bugzilla with minimal - effort. - </para> - - <para> - See the <ulink url="api/Bugzilla/Extension.html">Bugzilla Extension - documentation</ulink> for information on how to write an Extension. - </para> - </section> - - <section id="cust-skins"> - <title>Custom Skins</title> - - <para> - Bugzilla allows you to have multiple skins. These are custom CSS and possibly - also custom images for Bugzilla. To create a new custom skin, you have two - choices: - <itemizedlist> - <listitem> - <para> - Make a single CSS file, and put it in the - <filename>skins/contrib</filename> directory. - </para> - </listitem> - <listitem> - <para> - Make a directory that contains all the same CSS file - names as <filename>skins/standard/</filename>, and put - your directory in <filename>skins/contrib/</filename>. - </para> - </listitem> - </itemizedlist> - </para> - - <para> - After you put the file or the directory there, make sure to run checksetup.pl - so that it can reset the file permissions correctly. - </para> - <para> - After you have installed the new skin, it will show up as an option in the - user's General Preferences. If you would like to force a particular skin on all - users, just select it in the Default Preferences and then uncheck "Enabled" on - the preference. - </para> - </section> - - <section id="cust-templates"> - <title>Template Customization</title> - - <para> - Administrators can configure the look and feel of Bugzilla without - having to edit Perl files or face the nightmare of massive merge - conflicts when they upgrade to a newer version in the future. - </para> - - <para> - Templatization also makes localized versions of Bugzilla possible, - for the first time. It's possible to have Bugzilla's UI language - determined by the user's browser. More information is available in - <xref linkend="template-http-accept"/>. - </para> - - <section id="template-directory"> - <title>Template Directory Structure</title> - <para> - The template directory structure starts with top level directory - named <filename>template</filename>, which contains a directory - for each installed localization. The next level defines the - language used in the templates. Bugzilla comes with English - templates, so the directory name is <filename>en</filename>, - and we will discuss <filename>template/en</filename> throughout - the documentation. Below <filename>template/en</filename> is the - <filename>default</filename> directory, which contains all the - standard templates shipped with Bugzilla. - </para> - - <warning> - <para> - A directory <filename>data/templates</filename> also exists; - this is where Template Toolkit puts the compiled versions of - the templates from either the default or custom directories. - <emphasis>Do not</emphasis> directly edit the files in this - directory, or all your changes will be lost the next time - Template Toolkit recompiles the templates. - </para> - </warning> - </section> - - <section id="template-method"> - <title>Choosing a Customization Method</title> - <para> - If you want to edit Bugzilla's templates, the first decision - you must make is how you want to go about doing so. There are two - choices, and which you use depends mainly on the scope of your - modifications, and the method you plan to use to upgrade Bugzilla. - </para> - - <para> - The first method of making customizations is to directly edit the - templates found in <filename>template/en/default</filename>. - This is probably the best way to go about it if you are going to - be upgrading Bugzilla through Bzr, because if you then execute - a <command>bzr update</command>, any changes you have made will - be merged automagically with the updated versions. - </para> - - <note> - <para> - If you use this method, and Bzr conflicts occur during an - update, the conflicted templates (and possibly other parts - of your installation) will not work until they are resolved. - </para> - </note> - - <para> - The second method is to copy the templates to be modified - into a mirrored directory structure under - <filename>template/en/custom</filename>. Templates in this - directory structure automatically override any identically-named - and identically-located templates in the - <filename>default</filename> directory. - </para> - - <note> - <para> - The <filename>custom</filename> directory does not exist - at first and must be created if you want to use it. - </para> - </note> - - <para> - The second method of customization should be used if you - use the overwriting method of upgrade, because otherwise - your changes will be lost. This method may also be better if - you are using the Bzr method of upgrading and are going to make major - changes, because it is guaranteed that the contents of this directory - will not be touched during an upgrade, and you can then decide whether - to continue using your own templates, or make the effort to merge your - changes into the new versions by hand. - </para> - - <para> - Using this method, your installation may break if incompatible - changes are made to the template interface. Such changes should - be documented in the release notes, provided you are using a - stable release of Bugzilla. If you use using unstable code, you will - need to deal with this one yourself, although if possible the changes - will be mentioned before they occur in the deprecations section of the - previous stable release's release notes. - </para> - - <note> - <para> - Regardless of which method you choose, it is recommended that - you run <command>./checksetup.pl</command> after - editing any templates in the <filename>template/en/default</filename> - directory, and after creating or editing any templates in the - <filename>custom</filename> directory. - </para> - </note> - - <warning> - <para> - It is <emphasis>required</emphasis> that you run - <command>./checksetup.pl</command> after creating a new - template in the <filename>custom</filename> directory. Failure - to do so will raise an incomprehensible error message. - </para> - </warning> - </section> - - <section id="template-edit"> - <title>How To Edit Templates</title> - - <note> - <para> - If you are making template changes that you intend on submitting back - for inclusion in standard Bugzilla, you should read the relevant - sections of the - <ulink url="http://www.bugzilla.org/docs/developer.html">Developers' - Guide</ulink>. - </para> - </note> - - <para> - The syntax of the Template Toolkit language is beyond the scope of - this guide. It's reasonably easy to pick up by looking at the current - templates; or, you can read the manual, available on the - <ulink url="http://www.template-toolkit.org">Template Toolkit home - page</ulink>. - </para> - - <para> - One thing you should take particular care about is the need - to properly HTML filter data that has been passed into the template. - This means that if the data can possibly contain special HTML characters - such as <, and the data was not intended to be HTML, they need to be - converted to entity form, i.e. &lt;. You use the 'html' filter in the - Template Toolkit to do this (or the 'uri' filter to encode special - characters in URLs). If you forget, you may open up your installation - to cross-site scripting attacks. - </para> - - <para> - Editing templates is a good way of doing a <quote>poor man's custom - fields</quote>. - For example, if you don't use the Status Whiteboard, but want to have - a free-form text entry box for <quote>Build Identifier</quote>, - then you can just - edit the templates to change the field labels. It's still be called - status_whiteboard internally, but your users don't need to know that. - </para> - - </section> - - - <section id="template-formats"> - <title>Template Formats and Types</title> - - <para> - Some CGI's have the ability to use more than one template. For example, - <filename>buglist.cgi</filename> can output itself as RDF, or as two - formats of HTML (complex and simple). The mechanism that provides this - feature is extensible. - </para> - - <para> - Bugzilla can support different types of output, which again can have - multiple formats. In order to request a certain type, you can append - the &ctype=<contenttype> (such as rdf or html) to the - <filename><cginame>.cgi</filename> URL. If you would like to - retrieve a certain format, you can use the &format=<format> - (such as simple or complex) in the URL. - </para> - - <para> - To see if a CGI supports multiple output formats and types, grep the - CGI for <quote>get_format</quote>. If it's not present, adding - multiple format/type support isn't too hard - see how it's done in - other CGIs, e.g. config.cgi. - </para> - - <para> - To make a new format template for a CGI which supports this, - open a current template for - that CGI and take note of the INTERFACE comment (if present.) This - comment defines what variables are passed into this template. If - there isn't one, I'm afraid you'll have to read the template and - the code to find out what information you get. - </para> - - <para> - Write your template in whatever markup or text style is appropriate. - </para> - - <para> - You now need to decide what content type you want your template - served as. The content types are defined in the - <filename>Bugzilla/Constants.pm</filename> file in the - <filename>contenttypes</filename> - constant. If your content type is not there, add it. Remember - the three- or four-letter tag assigned to your content type. - This tag will be part of the template filename. - </para> - - <note> - <para> - After adding or changing a content type, it's suitable to edit - <filename>Bugzilla/Constants.pm</filename> in order to reflect - the changes. Also, the file should be kept up to date after an - upgrade if content types have been customized in the past. - </para> - </note> - - <para> - Save the template as <filename><stubname>-<formatname>.<contenttypetag>.tmpl</filename>. - Try out the template by calling the CGI as - <filename><cginame>.cgi?format=<formatname>&ctype=<type></filename> . - </para> - </section> - - - <section id="template-specific"> - <title>Particular Templates</title> - - <para> - There are a few templates you may be particularly interested in - customizing for your installation. - </para> - - <para> - <command>index.html.tmpl</command>: - This is the Bugzilla front page. - </para> - - <para> - <command>global/header.html.tmpl</command>: - This defines the header that goes on all Bugzilla pages. - The header includes the banner, which is what appears to users - and is probably what you want to edit instead. However the - header also includes the HTML HEAD section, so you could for - example add a stylesheet or META tag by editing the header. - </para> - - <para> - <command>global/banner.html.tmpl</command>: - This contains the <quote>banner</quote>, the part of the header - that appears - at the top of all Bugzilla pages. The default banner is reasonably - barren, so you'll probably want to customize this to give your - installation a distinctive look and feel. It is recommended you - preserve the Bugzilla version number in some form so the version - you are running can be determined, and users know what docs to read. - </para> - - <para> - <command>global/footer.html.tmpl</command>: - This defines the footer that goes on all Bugzilla pages. Editing - this is another way to quickly get a distinctive look and feel for - your Bugzilla installation. - </para> - - <para> - <command>global/variables.none.tmpl</command>: - This defines a list of terms that may be changed in order to - <quote>brand</quote> the Bugzilla instance In this way, terms - like <quote>bugs</quote> can be replaced with <quote>issues</quote> - across the whole Bugzilla installation. The name - <quote>Bugzilla</quote> and other words can be customized as well. - </para> - - <para> - <command>list/table.html.tmpl</command>: - This template controls the appearance of the bug lists created - by Bugzilla. Editing this template allows per-column control of - the width and title of a column, the maximum display length of - each entry, and the wrap behaviour of long entries. - For long bug lists, Bugzilla inserts a 'break' every 100 bugs by - default; this behaviour is also controlled by this template, and - that value can be modified here. - </para> - - <para> - <command>bug/create/user-message.html.tmpl</command>: - This is a message that appears near the top of the bug reporting page. - By modifying this, you can tell your users how they should report - bugs. - </para> - - <para> - <command>bug/process/midair.html.tmpl</command>: - This is the page used if two people submit simultaneous changes to the - same bug. The second person to submit their changes will get this page - to tell them what the first person did, and ask if they wish to - overwrite those changes or go back and revisit the bug. The default - title and header on this page read "Mid-air collision detected!" If - you work in the aviation industry, or other environment where this - might be found offensive (yes, we have true stories of this happening) - you'll want to change this to something more appropriate for your - environment. - </para> - - <para> - <command>bug/create/create.html.tmpl</command> and - <command>bug/create/comment.txt.tmpl</command>: - You may not wish to go to the effort of creating custom fields in - Bugzilla, yet you want to make sure that each bug report contains - a number of pieces of important information for which there is not - a special field. The bug entry system has been designed in an - extensible fashion to enable you to add arbitrary HTML widgets, - such as drop-down lists or textboxes, to the bug entry page - and have their values appear formatted in the initial comment. - A hidden field that indicates the format should be added inside - the form in order to make the template functional. Its value should - be the suffix of the template filename. For example, if the file - is called <filename>create-cust.html.tmpl</filename>, then - <programlisting><input type="hidden" name="format" value="cust"></programlisting> - should be used inside the form. - </para> - - <para> - An example of this is the mozilla.org - <ulink url="http://landfill.bugzilla.org/bugzilla-tip/enter_bug.cgi?product=WorldControl&format=guided">guided - bug submission form</ulink>. The code for this comes with the Bugzilla - distribution as an example for you to copy. It can be found in the - files - <filename>create-guided.html.tmpl</filename> and - <filename>comment-guided.html.tmpl</filename>. - </para> - - <para> - So to use this feature, create a custom template for - <filename>enter_bug.cgi</filename>. The default template, on which you - could base it, is - <filename>custom/bug/create/create.html.tmpl</filename>. - Call it <filename>create-<formatname>.html.tmpl</filename>, and - in it, add widgets for each piece of information you'd like - collected - such as a build number, or set of steps to reproduce. - </para> - - <para> - Then, create a template like - <filename>custom/bug/create/comment.txt.tmpl</filename>, and call it - <filename>comment-<formatname>.txt.tmpl</filename>. This - template should reference the form fields you have created using - the syntax <filename>[% form.<fieldname> %]</filename>. When a - bug report is - submitted, the initial comment attached to the bug report will be - formatted according to the layout of this template. - </para> - - <para> - For example, if your custom enter_bug template had a field - <programlisting><input type="text" name="buildid" size="30"></programlisting> - and then your comment.txt.tmpl had - <programlisting>BuildID: [% form.buildid %]</programlisting> - then something like - <programlisting>BuildID: 20020303</programlisting> - would appear in the initial comment. - </para> - </section> - - - <section id="template-http-accept"> - <title>Configuring Bugzilla to Detect the User's Language</title> - - <para>Bugzilla honours the user's Accept: HTTP header. You can install - templates in other languages, and Bugzilla will pick the most appropriate - according to a priority order defined by you. Many - language templates can be obtained from <ulink - url="http://www.bugzilla.org/download.html#localizations"/>. Instructions - for submitting new languages are also available from that location. - </para> - </section> - - </section> - - <section id="cust-change-permissions"> - <title>Customizing Who Can Change What</title> - - <warning> - <para> - This feature should be considered experimental; the Bugzilla code you - will be changing is not stable, and could change or move between - versions. Be aware that if you make modifications as outlined here, - you may have - to re-make them or port them if Bugzilla changes internally between - versions, and you upgrade. - </para> - </warning> - - <para> - Companies often have rules about which employees, or classes of employees, - are allowed to change certain things in the bug system. For example, - only the bug's designated QA Contact may be allowed to VERIFY the bug. - Bugzilla has been - designed to make it easy for you to write your own custom rules to define - who is allowed to make what sorts of value transition. - </para> - - <para> - By default, assignees, QA owners and users - with <emphasis>editbugs</emphasis> privileges can edit all fields of bugs, - except group restrictions (unless they are members of the groups they - are trying to change). Bug reporters also have the ability to edit some - fields, but in a more restrictive manner. Other users, without - <emphasis>editbugs</emphasis> privileges, can not edit - bugs, except to comment and add themselves to the CC list. - </para> - - <para> - For maximum flexibility, customizing this means editing Bugzilla's Perl - code. This gives the administrator complete control over exactly who is - allowed to do what. The relevant method is called - <filename>check_can_change_field()</filename>, - and is found in <filename>Bug.pm</filename> in your - Bugzilla/ directory. If you open that file and search for - <quote>sub check_can_change_field</quote>, you'll find it. - </para> - - <para> - This function has been carefully commented to allow you to see exactly - how it works, and give you an idea of how to make changes to it. - Certain marked sections should not be changed - these are - the <quote>plumbing</quote> which makes the rest of the function work. - In between those sections, you'll find snippets of code like: - <programlisting> # Allow the assignee to change anything. - if ($ownerid eq $whoid) { - return 1; - }</programlisting> - It's fairly obvious what this piece of code does. - </para> - - <para> - So, how does one go about changing this function? Well, simple changes - can be made just by removing pieces - for example, if you wanted to - prevent any user adding a comment to a bug, just remove the lines marked - <quote>Allow anyone to change comments.</quote> If you don't want the - Reporter to have any special rights on bugs they have filed, just - remove the entire section that deals with the Reporter. - </para> - - <para> - More complex customizations are not much harder. Basically, you add - a check in the right place in the function, i.e. after all the variables - you are using have been set up. So, don't look at $ownerid before - $ownerid has been obtained from the database. You can either add a - positive check, which returns 1 (allow) if certain conditions are true, - or a negative check, which returns 0 (deny.) E.g.: - <programlisting> if ($field eq "qacontact") { - if (Bugzilla->user->in_group("quality_assurance")) { - return 1; - } - else { - return 0; - } - }</programlisting> - This says that only users in the group "quality_assurance" can change - the QA Contact field of a bug. - </para> - - <para> - Getting more weird: - <programlisting><![CDATA[ if (($field eq "priority") && - (Bugzilla->user->email =~ /.*\@example\.com$/)) - { - if ($oldvalue eq "P1") { - return 1; - } - else { - return 0; - } - }]]></programlisting> - This says that if the user is trying to change the priority field, - and their email address is @example.com, they can only do so if the - old value of the field was "P1". Not very useful, but illustrative. - </para> - - <warning> - <para> - If you are modifying <filename>process_bug.cgi</filename> in any - way, do not change the code that is bounded by DO_NOT_CHANGE blocks. - Doing so could compromise security, or cause your installation to - stop working entirely. - </para> - </warning> - - <para> - For a list of possible field names, look at the bugs table in the - database. If you need help writing custom rules for your organization, - ask in the newsgroup. - </para> - </section> - - <section id="integration"> - <title>Integrating Bugzilla with Third-Party Tools</title> - - <para> - Many utilities and applications can integrate with Bugzilla, - either on the client- or server-side. None of them are maintained - by the Bugzilla community, nor are they tested during our - QA tests, so use them at your own risk. They are listed at - <ulink url="https://wiki.mozilla.org/Bugzilla:Addons" />. - </para> - </section> - -</chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/gfdl.xml b/docs/en/xml/gfdl.xml deleted file mode 100644 index 03dd89c49..000000000 --- a/docs/en/xml/gfdl.xml +++ /dev/null @@ -1,445 +0,0 @@ -<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> -<appendix id="gfdl"> - <title>GNU Free Documentation License</title> - -<!-- - GNU Project - Free Software Foundation (FSF) --> -<!-- LINK REV="made" HREF="mailto:webmasters@gnu.org" --> -<!-- section> - <title>GNU Free Documentation License</title --> - <para>Version 1.1, March 2000</para> - - <blockquote> - <para>Copyright (C) 2000 Free Software Foundation, Inc. 51 Franklin Street, - Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and - distribute verbatim copies of this license document, but changing it is - not allowed.</para> - </blockquote> - - <section label="0" id="gfdl-0"> - <title>Preamble</title> - - <para>The purpose of this License is to make a manual, textbook, or other - written document "free" in the sense of freedom: to assure everyone the - effective freedom to copy and redistribute it, with or without modifying - it, either commercially or noncommercially. Secondarily, this License - preserves for the author and publisher a way to get credit for their - work, while not being considered responsible for modifications made by - others.</para> - - <para>This License is a kind of "copyleft", which means that derivative - works of the document must themselves be free in the same sense. It - complements the GNU General Public License, which is a copyleft license - designed for free software.</para> - - <para>We have designed this License in order to use it for manuals for - free software, because free software needs free documentation: a free - program should come with manuals providing the same freedoms that the - software does. But this License is not limited to software manuals; it - can be used for any textual work, regardless of subject matter or whether - it is published as a printed book. We recommend this License principally - for works whose purpose is instruction or reference.</para> - </section> - - <section label="1" id="gfdl-1"> - <title>Applicability and Definition</title> - - <para>This License applies to any manual or other work that contains a - notice placed by the copyright holder saying it can be distributed under - the terms of this License. The "Document", below, refers to any such - manual or work. Any member of the public is a licensee, and is addressed - as "you".</para> - - <para>A "Modified Version" of the Document means any work containing the - Document or a portion of it, either copied verbatim, or with - modifications and/or translated into another language.</para> - - <para>A "Secondary Section" is a named appendix or a front-matter section - of the Document that deals exclusively with the relationship of the - publishers or authors of the Document to the Document's overall subject - (or to related matters) and contains nothing that could fall directly - within that overall subject. (For example, if the Document is in part a - textbook of mathematics, a Secondary Section may not explain any - mathematics.) The relationship could be a matter of historical connection - with the subject or with related matters, or of legal, commercial, - philosophical, ethical or political position regarding them.</para> - - <para>The "Invariant Sections" are certain Secondary Sections whose - titles are designated, as being those of Invariant Sections, in the - notice that says that the Document is released under this License.</para> - - <para>The "Cover Texts" are certain short passages of text that are - listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says - that the Document is released under this License.</para> - - <para>A "Transparent" copy of the Document means a machine-readable copy, - represented in a format whose specification is available to the general - public, whose contents can be viewed and edited directly and - straightforwardly with generic text editors or (for images composed of - pixels) generic paint programs or (for drawings) some widely available - drawing editor, and that is suitable for input to text formatters or for - automatic translation to a variety of formats suitable for input to text - formatters. A copy made in an otherwise Transparent file format whose - markup has been designed to thwart or discourage subsequent modification - by readers is not Transparent. A copy that is not "Transparent" is called - "Opaque".</para> - - <para>Examples of suitable formats for Transparent copies include plain - ASCII without markup, Texinfo input format, LaTeX input format, SGML or - XML using a publicly available DTD, and standard-conforming simple HTML - designed for human modification. Opaque formats include PostScript, PDF, - proprietary formats that can be read and edited only by proprietary word - processors, SGML or XML for which the DTD and/or processing tools are not - generally available, and the machine-generated HTML produced by some word - processors for output purposes only.</para> - - <para>The "Title Page" means, for a printed book, the title page itself, - plus such following pages as are needed to hold, legibly, the material - this License requires to appear in the title page. For works in formats - which do not have any title page as such, "Title Page" means the text - near the most prominent appearance of the work's title, preceding the - beginning of the body of the text.</para> - </section> - - <section label="2" id="gfdl-2"> - <title>Verbatim Copying</title> - - <para>You may copy and distribute the Document in any medium, either - commercially or noncommercially, provided that this License, the - copyright notices, and the license notice saying this License applies to - the Document are reproduced in all copies, and that you add no other - conditions whatsoever to those of this License. You may not use technical - measures to obstruct or control the reading or further copying of the - copies you make or distribute. However, you may accept compensation in - exchange for copies. If you distribute a large enough number of copies - you must also follow the conditions in section 3.</para> - - <para>You may also lend copies, under the same conditions stated above, - and you may publicly display copies.</para> - </section> - - <section label="3" id="gfdl-3"> - <title>Copying in Quantity</title> - - <para>If you publish printed copies of the Document numbering more than - 100, and the Document's license notice requires Cover Texts, you must - enclose the copies in covers that carry, clearly and legibly, all these - Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts - on the back cover. Both covers must also clearly and legibly identify you - as the publisher of these copies. The front cover must present the full - title with all words of the title equally prominent and visible. You may - add other material on the covers in addition. Copying with changes - limited to the covers, as long as they preserve the title of the Document - and satisfy these conditions, can be treated as verbatim copying in other - respects.</para> - - <para>If the required texts for either cover are too voluminous to fit - legibly, you should put the first ones listed (as many as fit reasonably) - on the actual cover, and continue the rest onto adjacent pages.</para> - - <para>If you publish or distribute Opaque copies of the Document - numbering more than 100, you must either include a machine-readable - Transparent copy along with each Opaque copy, or state in or with each - Opaque copy a publicly-accessible computer-network location containing a - complete Transparent copy of the Document, free of added material, which - the general network-using public has access to download anonymously at no - charge using public-standard network protocols. If you use the latter - option, you must take reasonably prudent steps, when you begin - distribution of Opaque copies in quantity, to ensure that this - Transparent copy will remain thus accessible at the stated location until - at least one year after the last time you distribute an Opaque copy - (directly or through your agents or retailers) of that edition to the - public.</para> - - <para>It is requested, but not required, that you contact the authors of - the Document well before redistributing any large number of copies, to - give them a chance to provide you with an updated version of the - Document.</para> - </section> - - <section label="4" id="gfdl-4"> - <title>Modifications</title> - - <para>You may copy and distribute a Modified Version of the Document - under the conditions of sections 2 and 3 above, provided that you release - the Modified Version under precisely this License, with the Modified - Version filling the role of the Document, thus licensing distribution and - modification of the Modified Version to whoever possesses a copy of it. - In addition, you must do these things in the Modified Version:</para> - - <orderedlist numeration="upperalpha"> - <listitem> - <para>Use in the Title Page (and on the covers, if any) a title - distinct from that of the Document, and from those of previous - versions (which should, if there were any, be listed in the History - section of the Document). You may use the same title as a previous - version if the original publisher of that version gives - permission.</para> - </listitem> - - <listitem> - <para>List on the Title Page, as authors, one or more persons or - entities responsible for authorship of the modifications in the - Modified Version, together with at least five of the principal - authors of the Document (all of its principal authors, if it has less - than five).</para> - </listitem> - - <listitem> - <para>State on the Title page the name of the publisher of the - Modified Version, as the publisher.</para> - </listitem> - - <listitem> - <para>Preserve all the copyright notices of the Document.</para> - </listitem> - - <listitem> - <para>Add an appropriate copyright notice for your modifications - adjacent to the other copyright notices.</para> - </listitem> - - <listitem> - <para>Include, immediately after the copyright notices, a license - notice giving the public permission to use the Modified Version under - the terms of this License, in the form shown in the Addendum - below.</para> - </listitem> - - <listitem> - <para>Preserve in that license notice the full lists of Invariant - Sections and required Cover Texts given in the Document's license - notice.</para> - </listitem> - - <listitem> - <para>Include an unaltered copy of this License.</para> - </listitem> - - <listitem> - <para>Preserve the section entitled "History", and its title, and add - to it an item stating at least the title, year, new authors, and - publisher of the Modified Version as given on the Title Page. If - there is no section entitled "History" in the Document, create one - stating the title, year, authors, and publisher of the Document as - given on its Title Page, then add an item describing the Modified - Version as stated in the previous sentence.</para> - </listitem> - - <listitem> - <para>Preserve the network location, if any, given in the Document - for public access to a Transparent copy of the Document, and likewise - the network locations given in the Document for previous versions it - was based on. These may be placed in the "History" section. You may - omit a network location for a work that was published at least four - years before the Document itself, or if the original publisher of the - version it refers to gives permission.</para> - </listitem> - - <listitem> - <para>In any section entitled "Acknowledgements" or "Dedications", - preserve the section's title, and preserve in the section all the - substance and tone of each of the contributor acknowledgements and/or - dedications given therein.</para> - </listitem> - - <listitem> - <para>Preserve all the Invariant Sections of the Document, unaltered - in their text and in their titles. Section numbers or the equivalent - are not considered part of the section titles.</para> - </listitem> - - <listitem> - <para>Delete any section entitled "Endorsements". Such a section may - not be included in the Modified Version.</para> - </listitem> - - <listitem> - <para>Do not retitle any existing section as "Endorsements" or to - conflict in title with any Invariant Section.</para> - </listitem> - </orderedlist> - - <para>If the Modified Version includes new front-matter sections or - appendices that qualify as Secondary Sections and contain no material - copied from the Document, you may at your option designate some or all of - these sections as invariant. To do this, add their titles to the list of - Invariant Sections in the Modified Version's license notice. These titles - must be distinct from any other section titles.</para> - - <para>You may add a section entitled "Endorsements", provided it contains - nothing but endorsements of your Modified Version by various parties--for - example, statements of peer review or that the text has been approved by - an organization as the authoritative definition of a standard.</para> - - <para>You may add a passage of up to five words as a Front-Cover Text, - and a passage of up to 25 words as a Back-Cover Text, to the end of the - list of Cover Texts in the Modified Version. Only one passage of - Front-Cover Text and one of Back-Cover Text may be added by (or through - arrangements made by) any one entity. If the Document already includes a - cover text for the same cover, previously added by you or by arrangement - made by the same entity you are acting on behalf of, you may not add - another; but you may replace the old one, on explicit permission from the - previous publisher that added the old one.</para> - - <para>The author(s) and publisher(s) of the Document do not by this - License give permission to use their names for publicity for or to assert - or imply endorsement of any Modified Version.</para> - </section> - - <section label="5" id="gfdl-5"> - <title>Combining Documents</title> - - <para>You may combine the Document with other documents released under - this License, under the terms defined in section 4 above for modified - versions, provided that you include in the combination all of the - Invariant Sections of all of the original documents, unmodified, and list - them all as Invariant Sections of your combined work in its license - notice.</para> - - <para>The combined work need only contain one copy of this License, and - multiple identical Invariant Sections may be replaced with a single copy. - If there are multiple Invariant Sections with the same name but different - contents, make the title of each such section unique by adding at the end - of it, in parentheses, the name of the original author or publisher of - that section if known, or else a unique number. Make the same adjustment - to the section titles in the list of Invariant Sections in the license - notice of the combined work.</para> - - <para>In the combination, you must combine any sections entitled - "History" in the various original documents, forming one section entitled - "History"; likewise combine any sections entitled "Acknowledgements", and - any sections entitled "Dedications". You must delete all sections - entitled "Endorsements."</para> - </section> - - <section label="6" id="gfdl-6"> - <title>Collections of Documents</title> - - <para>You may make a collection consisting of the Document and other - documents released under this License, and replace the individual copies - of this License in the various documents with a single copy that is - included in the collection, provided that you follow the rules of this - License for verbatim copying of each of the documents in all other - respects.</para> - - <para>You may extract a single document from such a collection, and - distribute it individually under this License, provided you insert a copy - of this License into the extracted document, and follow this License in - all other respects regarding verbatim copying of that document.</para> - </section> - - <section label="7" id="gfdl-7"> - <title>Aggregation with Independent Works</title> - - <para>A compilation of the Document or its derivatives with other - separate and independent documents or works, in or on a volume of a - storage or distribution medium, does not as a whole count as a Modified - Version of the Document, provided no compilation copyright is claimed for - the compilation. Such a compilation is called an "aggregate", and this - License does not apply to the other self-contained works thus compiled - with the Document, on account of their being thus compiled, if they are - not themselves derivative works of the Document.</para> - - <para>If the Cover Text requirement of section 3 is applicable to these - copies of the Document, then if the Document is less than one quarter of - the entire aggregate, the Document's Cover Texts may be placed on covers - that surround only the Document within the aggregate. Otherwise they must - appear on covers around the whole aggregate.</para> - </section> - - <section label="8" id="gfdl-8"> - <title>Translation</title> - - <para>Translation is considered a kind of modification, so you may - distribute translations of the Document under the terms of section 4. - Replacing Invariant Sections with translations requires special - permission from their copyright holders, but you may include translations - of some or all Invariant Sections in addition to the original versions of - these Invariant Sections. You may include a translation of this License - provided that you also include the original English version of this - License. In case of a disagreement between the translation and the - original English version of this License, the original English version - will prevail.</para> - </section> - - <section label="9" id="gfdl-9"> - <title>Termination</title> - - <para>You may not copy, modify, sublicense, or distribute the Document - except as expressly provided for under this License. Any other attempt to - copy, modify, sublicense or distribute the Document is void, and will - automatically terminate your rights under this License. However, parties - who have received copies, or rights, from you under this License will not - have their licenses terminated so long as such parties remain in full - compliance.</para> - </section> - - <section label="10" id="gfdl-10"> - <title>Future Revisions of this License</title> - - <para>The Free Software Foundation may publish new, revised versions of - the GNU Free Documentation License from time to time. Such new versions - will be similar in spirit to the present version, but may differ in - detail to address new problems or concerns. See - <ulink url="http://www.gnu.org/copyleft/"/>.</para> - - <para>Each version of the License is given a distinguishing version - number. If the Document specifies that a particular numbered version of - this License "or any later version" applies to it, you have the option of - following the terms and conditions either of that specified version or of - any later version that has been published (not as a draft) by the Free - Software Foundation. If the Document does not specify a version number of - this License, you may choose any version ever published (not as a draft) - by the Free Software Foundation.</para> - </section> - - <section label="" id="gfdl-howto"> - <title>How to use this License for your documents</title> - - <para>To use this License in a document you have written, include a copy - of the License in the document and put the following copyright and - license notices just after the title page:</para> - - <blockquote> - <para>Copyright (c) YEAR YOUR NAME. Permission is granted to copy, - distribute and/or modify this document under the terms of the GNU Free - Documentation License, Version 1.1 or any later version published by - the Free Software Foundation; with the Invariant Sections being LIST - THEIR TITLES, with the Front-Cover Texts being LIST, and with the - Back-Cover Texts being LIST. A copy of the license is included in the - section entitled "GNU Free Documentation License".</para> - </blockquote> - - <para>If you have no Invariant Sections, write "with no Invariant - Sections" instead of saying which ones are invariant. If you have no - Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover - Texts being LIST"; likewise for Back-Cover Texts.</para> - - <para>If your document contains nontrivial examples of program code, we - recommend releasing these examples in parallel under your choice of free - software license, such as the GNU General Public License, to permit their - use in free software.</para> - </section> -</appendix> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/glossary.xml b/docs/en/xml/glossary.xml deleted file mode 100644 index aef3ab395..000000000 --- a/docs/en/xml/glossary.xml +++ /dev/null @@ -1,548 +0,0 @@ -<!-- <!DOCTYPE glossary PUBLIC "-//OASIS//DTD DocBook V4.1//EN" > --> -<glossary id="glossary"> - <glossdiv> - <title>0-9, high ascii</title> - - <glossentry id="gloss-htaccess"> - <glossterm>.htaccess</glossterm> - - <glossdef> - <para>Apache web server, and other NCSA-compliant web servers, - observe the convention of using files in directories called - <filename>.htaccess</filename> - - to restrict access to certain files. In Bugzilla, they are used - to keep secret files which would otherwise - compromise your installation - e.g. the - <filename>localconfig</filename> - file contains the password to your database. - curious.</para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-a"> - <title>A</title> - - <glossentry id="gloss-apache"> - <glossterm>Apache</glossterm> - - <glossdef> - <para>In this context, Apache is the web server most commonly used - for serving up Bugzilla - pages. Contrary to popular belief, the apache web server has nothing - to do with the ancient and noble Native American tribe, but instead - derived its name from the fact that it was - <quote>a patchy</quote> - version of the original - <acronym>NCSA</acronym> - world-wide-web server.</para> - - <variablelist> - <title>Useful Directives when configuring Bugzilla</title> - - <varlistentry> - <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#addhandler">AddHandler</ulink></computeroutput></term> - <listitem> - <para>Tell Apache that it's OK to run CGI scripts.</para> - </listitem> - </varlistentry> - <varlistentry> - <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#allowoverride">AllowOverride</ulink></computeroutput></term> - <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#options">Options</ulink></computeroutput></term> - <listitem> - <para>These directives are used to tell Apache many things about - the directory they apply to. For Bugzilla's purposes, we need - them to allow script execution and <filename>.htaccess</filename> - overrides. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/mod_dir.html#directoryindex">DirectoryIndex</ulink></computeroutput></term> - <listitem> - <para>Used to tell Apache what files are indexes. If you can - not add <filename>index.cgi</filename> to the list of valid files, - you'll need to set <computeroutput>$index_html</computeroutput> to - 1 in <filename>localconfig</filename> so - <command>./checksetup.pl</command> will create an - <filename>index.html</filename> that redirects to - <filename>index.cgi</filename>. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term><computeroutput><ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#scriptinterpretersource">ScriptInterpreterSource</ulink></computeroutput></term> - <listitem> - <para>Used when running Apache on windows so the shebang line - doesn't have to be changed in every Bugzilla script. - </para> - </listitem> - </varlistentry> - </variablelist> - - <para>For more information about how to configure Apache for Bugzilla, - see <xref linkend="http-apache"/>. - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-b"> - <title>B</title> - - <glossentry> - <glossterm>Bug</glossterm> - - <glossdef> - <para>A - <quote>bug</quote> - - in Bugzilla refers to an issue entered into the database which has an - associated number, assignments, comments, etc. Some also refer to a - <quote>tickets</quote> - or - <quote>issues</quote>; - in the context of Bugzilla, they are synonymous.</para> - </glossdef> - </glossentry> - - <glossentry> - <glossterm>Bug Number</glossterm> - - <glossdef> - <para>Each Bugzilla bug is assigned a number that uniquely identifies - that bug. The bug associated with a bug number can be pulled up via a - query, or easily from the very front page by typing the number in the - "Find" box.</para> - </glossdef> - </glossentry> - - <glossentry id="gloss-bugzilla"> - <glossterm>Bugzilla</glossterm> - - <glossdef> - <para>Bugzilla is the world-leading free software bug tracking system. - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-c"> - <title>C</title> - - <glossentry id="gloss-cgi"> - <glossterm>Common Gateway Interface</glossterm> - <acronym>CGI</acronym> - <glossdef> - <para><acronym>CGI</acronym> is an acronym for Common Gateway Interface. This is - a standard for interfacing an external application with a web server. Bugzilla - is an example of a <acronym>CGI</acronym> application. - </para> - </glossdef> - </glossentry> - - <glossentry id="gloss-component"> - <glossterm>Component</glossterm> - - <glossdef> - <para>A Component is a subsection of a Product. It should be a narrow - category, tailored to your organization. All Products must contain at - least one Component (and, as a matter of fact, creating a Product - with no Components will create an error in Bugzilla).</para> - </glossdef> - </glossentry> - - <glossentry id="gloss-cpan"> - <glossterm>Comprehensive Perl Archive Network</glossterm> - <acronym>CPAN</acronym> - - <!-- TODO: Rewrite def for CPAN --> - <glossdef> - <para> - <acronym>CPAN</acronym> - - stands for the - <quote>Comprehensive Perl Archive Network</quote>. - CPAN maintains a large number of extremely useful - <glossterm>Perl</glossterm> - modules - encapsulated chunks of code for performing a - particular task.</para> - </glossdef> - </glossentry> - - <glossentry id="gloss-contrib"> - <glossterm><filename class="directory">contrib</filename></glossterm> - - <glossdef> - <para>The <filename class="directory">contrib</filename> directory is - a location to put scripts that have been contributed to Bugzilla but - are not a part of the official distribution. These scripts are written - by third parties and may be in languages other than perl. For those - that are in perl, there may be additional modules or other requirements - than those of the official distribution. - <note> - <para>Scripts in the <filename class="directory">contrib</filename> - directory are not officially supported by the Bugzilla team and may - break in between versions. - </para> - </note> - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-d"> - <title>D</title> - - <glossentry id="gloss-daemon"> - <glossterm>daemon</glossterm> - - <glossdef> - <para>A daemon is a computer program which runs in the background. In - general, most daemons are started at boot time via System V init - scripts, or through RC scripts on BSD-based systems. - <glossterm>mysqld</glossterm>, - the MySQL server, and - <glossterm>apache</glossterm>, - a web server, are generally run as daemons.</para> - </glossdef> - </glossentry> - - <glossentry id="gloss-dos"> - <glossterm>DOS Attack</glossterm> - - <glossdef> - <para>A DOS, or Denial of Service attack, is when a user attempts to - deny access to a web server by repeatedly accessing a page or sending - malformed requests to a webserver. A D-DOS, or - Distributed Denial of Service attack, is when these requests come - from multiple sources at the same time. Unfortunately, these are much - more difficult to defend against. - </para> - </glossdef> - </glossentry> - - </glossdiv> - - <glossdiv id="gloss-g"> - <title>G</title> - - <glossentry id="gloss-groups"> - <glossterm>Groups</glossterm> - - <glossdef> - <para>The word - <quote>Groups</quote> - - has a very special meaning to Bugzilla. Bugzilla's main security - mechanism comes by placing users in groups, and assigning those - groups certain privileges to view bugs in particular - <glossterm>Products</glossterm> - in the - <glossterm>Bugzilla</glossterm> - database.</para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-j"> - <title>J</title> - - <glossentry id="gloss-javascript"> - <glossterm>JavaScript</glossterm> - <glossdef> - <para>JavaScript is cool, we should talk about it. - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-m"> - <title>M</title> - - <glossentry id="gloss-mta"> - <glossterm>Message Transport Agent</glossterm> - <acronym>MTA</acronym> - - <glossdef> - <para>A Message Transport Agent is used to control the flow of email on a system. - The <ulink url="http://search.cpan.org/dist/Email-Send/lib/Email/Send.pm">Email::Send</ulink> - Perl module, which Bugzilla uses to send email, can be configured to - use many different underlying implementations for actually sending the - mail using the <option>mail_delivery_method</option> parameter. - </para> - </glossdef> - </glossentry> - - <glossentry id="gloss-mysql"> - <glossterm>MySQL</glossterm> - - <glossdef> - <para>MySQL is one of the supported - <glossterm linkend="gloss-rdbms">RDBMS</glossterm> for Bugzilla. MySQL - can be downloaded from <ulink url="http://www.mysql.com"/>. While you - should familiarize yourself with all of the documentation, some high - points are: - </para> - <variablelist> - <varlistentry> - <term><ulink url="http://www.mysql.com/doc/en/Backup.html">Backup</ulink></term> - <listitem> - <para>Methods for backing up your Bugzilla database. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term><ulink url="http://www.mysql.com/doc/en/Option_files.html">Option Files</ulink></term> - <listitem> - <para>Information about how to configure MySQL using - <filename>my.cnf</filename>. - </para> - </listitem> - </varlistentry> - <varlistentry> - <term><ulink url="http://www.mysql.com/doc/en/Privilege_system.html">Privilege System</ulink></term> - <listitem> - <para>Information about how to protect your MySQL server. - </para> - </listitem> - </varlistentry> - </variablelist> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-p"> - <title>P</title> - - <glossentry id="gloss-ppm"> - <glossterm>Perl Package Manager</glossterm> - <acronym>PPM</acronym> - - <glossdef> - <para><ulink url="http://aspn.activestate.com/ASPN/Downloads/ActivePerl/PPM/"/> - </para> - </glossdef> - </glossentry> - - <glossentry> - <glossterm id="gloss-product">Product</glossterm> - - <glossdef> - <para>A Product is a broad category of types of bugs, normally - representing a single piece of software or entity. In general, - there are several Components to a Product. A Product may define a - group (used for security) for all bugs entered into - its Components.</para> - </glossdef> - </glossentry> - - <glossentry> - <glossterm>Perl</glossterm> - - <glossdef> - <para>First written by Larry Wall, Perl is a remarkable program - language. It has the benefits of the flexibility of an interpreted - scripting language (such as shell script), combined with the speed - and power of a compiled language, such as C. - <glossterm>Bugzilla</glossterm> - - is maintained in Perl.</para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-q"> - <title>Q</title> - - <glossentry> - <glossterm>QA</glossterm> - - <glossdef> - <para> - <quote>QA</quote>, - <quote>Q/A</quote>, and - <quote>Q.A.</quote> - are short for - <quote>Quality Assurance</quote>. - In most large software development organizations, there is a team - devoted to ensuring the product meets minimum standards before - shipping. This team will also generally want to track the progress of - bugs over their life cycle, thus the need for the - <quote>QA Contact</quote> - - field in a bug.</para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-r"> - <title>R</title> - - <glossentry id="gloss-rdbms"> - <glossterm>Relational DataBase Management System</glossterm> - <acronym>RDBMS</acronym> - - <glossdef> - <para>A relational database management system is a database system - that stores information in tables that are related to each other. - </para> - </glossdef> - </glossentry> - - <glossentry id="gloss-regexp"> - <glossterm>Regular Expression</glossterm> - <acronym>regexp</acronym> - - <glossdef> - <para>A regular expression is an expression used for pattern matching. - <ulink url="http://perldoc.com/perl5.6/pod/perlre.html#Regular-Expressions">Documentation</ulink> - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-s"> - <title>S</title> - - <glossentry id="gloss-service"> - <glossterm>Service</glossterm> - - <glossdef> - <para>In Windows NT environment, a boot-time background application - is referred to as a service. These are generally managed through the - control panel while logged in as an account with - <quote>Administrator</quote> level capabilities. For more - information, consult your Windows manual or the MSKB. - </para> - </glossdef> - </glossentry> - - <glossentry> - <glossterm> - <acronym>SGML</acronym> - </glossterm> - - <glossdef> - <para> - <acronym>SGML</acronym> - - stands for - <quote>Standard Generalized Markup Language</quote>. - Created in the 1980's to provide an extensible means to maintain - documentation based upon content instead of presentation, - <acronym>SGML</acronym> - - has withstood the test of time as a robust, powerful language. - <glossterm> - <acronym>XML</acronym> - </glossterm> - - is the - <quote>baby brother</quote> - - of SGML; any valid - <acronym>XML</acronym> - - document it, by definition, a valid - <acronym>SGML</acronym> - - document. The document you are reading is written and maintained in - <acronym>SGML</acronym>, - and is also valid - <acronym>XML</acronym> - - if you modify the Document Type Definition.</para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-t"> - <title>T</title> - - <glossentry id="gloss-target-milestone" xreflabel="Target Milestone"> - <glossterm>Target Milestone</glossterm> - - <glossdef> - <para>Target Milestones are Product goals. They are configurable on a - per-Product basis. Most software development houses have a concept of - - <quote>milestones</quote> - - where the people funding a project expect certain functionality on - certain dates. Bugzilla facilitates meeting these milestones by - giving you the ability to declare by which milestone a bug will be - fixed, or an enhancement will be implemented.</para> - </glossdef> - </glossentry> - - <glossentry id="gloss-tcl"> - <glossterm>Tool Command Language</glossterm> - <acronym>TCL</acronym> - <glossdef> - <para>TCL is an open source scripting language available for Windows, - Macintosh, and Unix based systems. Bugzilla 1.0 was written in TCL but - never released. The first release of Bugzilla was 2.0, which was when - it was ported to perl. - </para> - </glossdef> - </glossentry> - </glossdiv> - - <glossdiv id="gloss-z"> - <title>Z</title> - - <glossentry id="gloss-zarro"> - <glossterm>Zarro Boogs Found</glossterm> - - <glossdef> - <para>This is just a goofy way of saying that there were no bugs - found matching your query. When asked to explain this message, - Terry had the following to say: - </para> - - <blockquote> - <attribution>Terry Weissman</attribution> - <para>I've been asked to explain this ... way back when, when - Netscape released version 4.0 of its browser, we had a release - party. Naturally, there had been a big push to try and fix every - known bug before the release. Naturally, that hadn't actually - happened. (This is not unique to Netscape or to 4.0; the same thing - has happened with every software project I've ever seen.) Anyway, - at the release party, T-shirts were handed out that said something - like "Netscape 4.0: Zarro Boogs". Just like the software, the - T-shirt had no known bugs. Uh-huh. - </para> - - <para>So, when you query for a list of bugs, and it gets no results, - you can think of this as a friendly reminder. Of *course* there are - bugs matching your query, they just aren't in the bugsystem yet... - </para> - </blockquote> - - </glossdef> - </glossentry> - </glossdiv> -</glossary> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> diff --git a/docs/en/xml/index.xml b/docs/en/xml/index.xml deleted file mode 100644 index 7fc1a4c14..000000000 --- a/docs/en/xml/index.xml +++ /dev/null @@ -1,21 +0,0 @@ -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - diff --git a/docs/en/xml/installation.xml b/docs/en/xml/installation.xml deleted file mode 100644 index d50462271..000000000 --- a/docs/en/xml/installation.xml +++ /dev/null @@ -1,2455 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> --> -<chapter id="installing-bugzilla"> - <title>Installing Bugzilla</title> - - <section id="installation"> - <title>Installation</title> - - <note> - <para>If you just want to <emphasis>use</emphasis> Bugzilla, - you do not need to install it. None of this chapter is relevant to - you. Ask your Bugzilla administrator for the URL to access it from - your web browser. - </para> - </note> - - <para>The Bugzilla server software is usually installed on Linux or - Solaris. - If you are installing on another OS, check <xref linkend="os-specific"/> - before you start your installation to see if there are any special - instructions. - </para> - - <para>This guide assumes that you have administrative access to the - Bugzilla machine. It not possible to - install and run Bugzilla itself without administrative access except - in the very unlikely event that every single prerequisite is - already installed. - </para> - - <warning> - <para>The installation process may make your machine insecure for - short periods of time. Make sure there is a firewall between you - and the Internet. - </para> - </warning> - - <para> - You are strongly recommended to make a backup of your system - before installing Bugzilla (and at regular intervals thereafter :-). - </para> - - <para>In outline, the installation proceeds as follows: - </para> - - <procedure> - <step> - <para><link linkend="install-perl">Install Perl</link> - (&min-perl-ver; or above) - </para> - </step> - <step> - <para><link linkend="install-database">Install a Database Engine</link> - </para> - </step> - <step> - <para><link linkend="install-webserver">Install a Webserver</link> - </para> - </step> - <step> - <para><link linkend="install-bzfiles">Install Bugzilla</link> - </para> - </step> - <step> - <para><link linkend="install-perlmodules">Install Perl modules</link> - </para> - </step> - <step> - <para> - <link linkend="install-MTA">Install a Mail Transfer Agent</link> - (Sendmail 8.7 or above, or an MTA that is Sendmail-compatible with at least this version) - </para> - </step> - <step> - <para>Configure all of the above. - </para> - </step> - </procedure> - - <section id="install-perl"> - <title>Perl</title> - - <para>Installed Version Test: <programlisting>perl -v</programlisting></para> - - <para>Any machine that doesn't have Perl on it is a sad machine indeed. - If you don't have it and your OS doesn't provide official packages, - visit <ulink url="http://www.perl.org"/>. - Although Bugzilla runs with Perl &min-perl-ver;, - it's a good idea to be using the latest stable version. - </para> - </section> - - <section id="install-database"> - <title>Database Engine</title> - - <para> - Bugzilla supports MySQL, PostgreSQL and Oracle as database servers. - You only require one of these systems to make use of Bugzilla. - </para> - - <section id="install-mysql"> - <title>MySQL</title> - <para>Installed Version Test: <programlisting>mysql -V</programlisting></para> - - <para> - If you don't have it and your OS doesn't provide official packages, - visit <ulink url="http://www.mysql.com"/>. You need MySQL version - &min-mysql-ver; or higher. - </para> - - <note> - <para> Many of the binary - versions of MySQL store their data files in - <filename class="directory">/var</filename>. - On some Unix systems, this is part of a smaller root partition, - and may not have room for your bug database. To change the data - directory, you have to build MySQL from source yourself, and - set it as an option to <filename>configure</filename>.</para> - </note> - - <para>If you install from something other than a packaging/installation - system, such as .rpm (RPM Package Manager), .deb (Debian Package), .exe - (Windows Executable), or .msi (Windows Installer), make sure the MySQL - server is started when the machine boots. - </para> - </section> - - <section id="install-pg"> - <title>PostgreSQL</title> - <para>Installed Version Test: <programlisting>psql -V</programlisting></para> - - <para> - If you don't have it and your OS doesn't provide official packages, - visit <ulink url="http://www.postgresql.org/"/>. You need PostgreSQL - version &min-pg-ver; or higher. - </para> - - <para>If you install from something other than a packaging/installation - system, such as .rpm (RPM Package Manager), .deb (Debian Package), .exe - (Windows Executable), or .msi (Windows Installer), make sure the - PostgreSQL server is started when the machine boots. - </para> - </section> - - <section id="install-oracle"> - <title>Oracle</title> - <para> - Installed Version Test: <programlisting>select * from v$version</programlisting> - (you first have to log in into your DB) - </para> - - <para> - If you don't have it and your OS doesn't provide official packages, - visit <ulink url="http://www.oracle.com/"/>. You need Oracle - version &min-oracle-ver; or higher. - </para> - - <para> - If you install from something other than a packaging/installation - system, such as .rpm (RPM Package Manager), .deb (Debian Package), .exe - (Windows Executable), or .msi (Windows Installer), make sure the - Oracle server is started when the machine boots. - </para> - </section> - </section> - - <section id="install-webserver"> - <title>Web Server</title> - - <para>Installed Version Test: view the default welcome page at - http://<your-machine>/</para> - - <para>You have freedom of choice here, pretty much any web server that - is capable of running <glossterm linkend="gloss-cgi">CGI</glossterm> - scripts will work. - However, we strongly recommend using the Apache web server - (either 1.3.x or 2.x), and - the installation instructions usually assume you are - using it. If you have got Bugzilla working using another web server, - please share your experiences with us by filing a bug in &bzg-bugs;. - </para> - - <para> - If you don't have Apache and your OS doesn't provide official packages, - visit <ulink url="http://httpd.apache.org/"/>. - </para> - - </section> - - <section id="install-bzfiles"> - <title>Bugzilla</title> - - <para> - <ulink url="http://www.bugzilla.org/download/">Download a Bugzilla tarball</ulink> - (or <ulink url="https://wiki.mozilla.org/Bugzilla:Bzr">check it out from Bzr</ulink>) - and place it in a suitable directory, accessible by the default web server user - (probably <quote>apache</quote> or <quote>www</quote>). - Good locations are either directly in the web server's document directories or - in <filename>/usr/local</filename> with a symbolic link to the web server's - document directories or an alias in the web server's configuration. - </para> - - <caution> - <para>The default Bugzilla distribution is NOT designed to be placed - in a <filename class="directory">cgi-bin</filename> directory. This - includes any directory which is configured using the - <option>ScriptAlias</option> directive of Apache. - </para> - </caution> - - <para>Once all the files are in a web accessible directory, make that - directory writable by your web server's user. This is a temporary step - until you run the - <filename>checksetup.pl</filename> - script, which locks down your installation.</para> - </section> - - <section id="install-perlmodules"> - <title>Perl Modules</title> - - <para>Bugzilla's installation process is based - on a script called <filename>checksetup.pl</filename>. - The first thing it checks is whether you have appropriate - versions of all the required - Perl modules. The aim of this section is to pass this check. - When it passes, proceed to <xref linkend="configuration"/>. - </para> - - <para> - At this point, you need to <filename>su</filename> to root. You should - remain as root until the end of the install. To check you have the - required modules, run: - </para> - - <screen><prompt>bash#</prompt> ./checksetup.pl --check-modules</screen> - - <para> - <filename>checksetup.pl</filename> will print out a list of the - required and optional Perl modules, together with the versions - (if any) installed on your machine. - The list of required modules is reasonably long; however, you - may already have several of them installed. - </para> - - <para> - The preferred way to install missing Perl modules is to use the package - manager provided by your operating system (e.g <quote>rpm</quote> or - <quote>yum</quote> on Linux distros, or <quote>ppm</quote> on Windows - if using ActivePerl, see <xref linkend="win32-perl-modules"/>). - If some Perl modules are still missing or are too old, then we recommend - using the <filename>install-module.pl</filename> script (doesn't work - with ActivePerl on Windows). If for some reason you really need to - install the Perl modules manually, see - <xref linkend="install-perlmodules-manual"/>. For instance, on Unix, - you invoke <filename>install-module.pl</filename> as follows: - </para> - - <screen><prompt>bash#</prompt> perl install-module.pl <modulename></screen> - - <tip> - <para>Many people complain that Perl modules will not install for - them. Most times, the error messages complain that they are missing a - file in - <quote>@INC</quote>. - Virtually every time, this error is due to permissions being set too - restrictively for you to compile Perl modules or not having the - necessary Perl development libraries installed on your system. - Consult your local UNIX systems administrator for help solving these - permissions issues; if you - <emphasis>are</emphasis> - the local UNIX sysadmin, please consult the newsgroup/mailing list - for further assistance or hire someone to help you out.</para> - </tip> - - <note> - <para>If you are using a package-based system, and attempting to install the - Perl modules from CPAN, you may need to install the "development" packages for - MySQL and GD before attempting to install the related Perl modules. The names of - these packages will vary depending on the specific distribution you are using, - but are often called <filename><packagename>-devel</filename>.</para> - </note> - - <para> - Here is a complete list of modules and their minimum versions. - Some modules have special installation notes, which follow. - </para> - - <para>Required Perl modules: - <orderedlist> - - <listitem> - <para> - CGI (&min-cgi-ver;) - </para> - </listitem> - - <listitem> - <para> - Date::Format (&min-date-format-ver;) - </para> - </listitem> - - <listitem> - <para> - DateTime (&min-datetime-ver;) - </para> - </listitem> - - <listitem> - <para> - DateTime::TimeZone (&min-datetime-timezone-ver;) - </para> - </listitem> - - <listitem> - <para> - DBI (&min-dbi-ver;) - </para> - </listitem> - - <listitem> - <para> - DBD::mysql (&min-dbd-mysql-ver;) if using MySQL - </para> - </listitem> - - <listitem> - <para> - DBD::Pg (&min-dbd-pg-ver;) if using PostgreSQL - </para> - </listitem> - - <listitem> - <para> - DBD::Oracle (&min-dbd-oracle-ver;) if using Oracle - </para> - </listitem> - - <listitem> - <para> - Digest::SHA (&min-digest-sha-ver;) - </para> - </listitem> - - <listitem> - <para> - Email::Send (&min-email-send-ver;) - </para> - </listitem> - - <listitem> - <para> - Email::MIME (&min-email-mime-ver;) - </para> - </listitem> - - <listitem> - <para> - Template (&min-template-ver;) - </para> - </listitem> - - <listitem> - <para> - URI (&min-uri-ver;) - </para> - </listitem> - </orderedlist> - - Optional Perl modules: - <orderedlist> - <listitem> - <para> - GD (&min-gd-ver;) for bug charting - </para> - </listitem> - - <listitem> - <para> - Template::Plugin::GD::Image - (&min-template-plugin-gd-image-ver;) for Graphical Reports - </para> - </listitem> - - <listitem> - <para> - Chart::Lines (&min-chart-lines-ver;) for bug charting - </para> - </listitem> - - <listitem> - <para> - GD::Graph (&min-gd-graph-ver;) for bug charting - </para> - </listitem> - - <listitem> - <para> - GD::Text (&min-gd-text-ver;) for bug charting - </para> - </listitem> - - <listitem> - <para> - XML::Twig (&min-xml-twig-ver;) for bug import/export - </para> - </listitem> - - <listitem> - <para> - MIME::Parser (&min-mime-parser-ver;) for bug import/export - </para> - </listitem> - - <listitem> - <para> - LWP::UserAgent - (&min-lwp-useragent-ver;) for Automatic Update Notifications - </para> - </listitem> - - <listitem> - <para> - PatchReader (&min-patchreader-ver;) for pretty HTML view of patches - </para> - </listitem> - - <listitem> - <para> - Net::LDAP - (&min-net-ldap-ver;) for LDAP Authentication - </para> - </listitem> - - <listitem> - <para> - Authen::SASL - (&min-authen-sasl-ver;) for SASL Authentication - </para> - </listitem> - - <listitem> - <para> - Authen::Radius - (&min-authen-radius-ver;) for RADIUS Authentication - </para> - </listitem> - - <listitem> - <para> - SOAP::Lite (&min-soap-lite-ver;) for the web service interface - </para> - </listitem> - - <listitem> - <para> - JSON::RPC - (&min-json-rpc-ver;) for the JSON-RPC interface - </para> - </listitem> - - <listitem> - <para> - Test::Taint - (&min-test-taint-ver;) for the web service interface - </para> - </listitem> - - <listitem> - <para> - HTML::Parser - (&min-html-parser-ver;) for More HTML in Product/Group Descriptions - </para> - </listitem> - - <listitem> - <para> - HTML::Scrubber - (&min-html-scrubber-ver;) for More HTML in Product/Group Descriptions - </para> - </listitem> - - <listitem> - <para> - Email::MIME::Attachment::Stripper - (&min-email-mime-attachment-stripper-ver;) for Inbound Email - </para> - </listitem> - - <listitem> - <para> - Email::Reply - (&min-email-reply-ver;) for Inbound Email - </para> - </listitem> - - <listitem> - <para> - TheSchwartz - (&min-theschwartz-ver;) for Mail Queueing - </para> - </listitem> - - <listitem> - <para> - Daemon::Generic - (&min-daemon-generic-ver;) for Mail Queueing - </para> - </listitem> - - <listitem> - <para> - mod_perl2 - (&min-mod_perl2-ver;) for mod_perl - </para> - </listitem> - </orderedlist> - </para> - </section> - - <section id="install-MTA"> - <title>Mail Transfer Agent (MTA)</title> - - <para> - Bugzilla is dependent on the availability of an e-mail system for its - user authentication and for other tasks. - </para> - - <note> - <para> - This is not entirely true. It is possible to completely disable - email sending, or to have Bugzilla store email messages in a - file instead of sending them. However, this is mainly intended - for testing, as disabling or diverting email on a production - machine would mean that users could miss important events (such - as bug changes or the creation of new accounts). - </para> - - <para> - For more information, see the <quote>mail_delivery_method</quote> parameter - in <xref linkend="parameters" />. - </para> - </note> - - <para> - On Linux, any Sendmail-compatible MTA (Mail Transfer Agent) will - suffice. Sendmail, Postfix, qmail and Exim are examples of common - MTAs. Sendmail is the original Unix MTA, but the others are easier to - configure, and therefore many people replace Sendmail with Postfix or - Exim. They are drop-in replacements, so Bugzilla will not - distinguish between them. - </para> - - <para> - If you are using Sendmail, version 8.7 or higher is required. - If you are using a Sendmail-compatible MTA, it must be congruent with - at least version 8.7 of Sendmail. - </para> - - <para> - Consult the manual for the specific MTA you choose for detailed - installation instructions. Each of these programs will have their own - configuration files where you must configure certain parameters to - ensure that the mail is delivered properly. They are implemented - as services, and you should ensure that the MTA is in the auto-start - list of services for the machine. - </para> - - <para> - If a simple mail sent with the command-line 'mail' program - succeeds, then Bugzilla should also be fine. - </para> - - </section> - <section id="using-mod_perl-with-bugzilla"> - <title>Installing Bugzilla on mod_perl</title> - <para>It is now possible to run the Bugzilla software under <literal>mod_perl</literal> on - Apache. <literal>mod_perl</literal> has some additional requirements to that of running - Bugzilla under <literal>mod_cgi</literal> (the standard and previous way).</para> - - <para>Bugzilla requires <literal>mod_perl</literal> to be installed, which can be - obtained from <ulink url="http://perl.apache.org"/> - Bugzilla requires - version &min-mod_perl2-ver; (AKA 2.0.0-RC5) to be installed.</para> - </section> - </section> - - <section id="configuration"> - <title>Configuration</title> - - <warning> - <para> - Poorly-configured MySQL and Bugzilla installations have - given attackers full access to systems in the past. Please take the - security parts of these guidelines seriously, even for Bugzilla - machines hidden away behind your firewall. Be certain to read - <xref linkend="security"/> for some important security tips. - </para> - </warning> - - <section id="localconfig"> - <title>localconfig</title> - - <para> - You should now run <filename>checksetup.pl</filename> again, this time - without the <literal>--check-modules</literal> switch. - </para> - <screen><prompt>bash#</prompt> ./checksetup.pl</screen> - <para> - This time, <filename>checksetup.pl</filename> should tell you that all - the correct modules are installed and will display a message about, and - write out a file called, <filename>localconfig</filename>. This file - contains the default settings for a number of Bugzilla parameters. - </para> - - <para> - Load this file in your editor. The only two values you - <emphasis>need</emphasis> to change are $db_driver and $db_pass, - respectively the type of the database and the password for - the user you will create for your database. Pick a strong - password (for simplicity, it should not contain single quote - characters) and put it here. $db_driver can be either 'mysql', - 'Pg', 'Oracle' or 'Sqlite'. - </para> - - <note> - <para> - In Oracle, <literal>$db_name</literal> should actually be - the SID name of your database (e.g. "XE" if you are using Oracle XE). - </para> - </note> - - <para> - You may need to change the value of - <emphasis>webservergroup</emphasis> if your web server does not - run in the "apache" group. On Debian, for example, Apache runs in - the "www-data" group. If you are going to run Bugzilla on a - machine where you do not have root access (such as on a shared web - hosting account), you will need to leave - <emphasis>webservergroup</emphasis> empty, ignoring the warnings - that <filename>checksetup.pl</filename> will subsequently display - every time it is run. - </para> - - <caution> - <para> - If you are using suexec, you should use your own primary group - for <emphasis>webservergroup</emphasis> rather than leaving it - empty, and see the additional directions in the suexec section - <xref linkend="suexec" />. - </para> - </caution> - - <para> - The other options in the <filename>localconfig</filename> file - are documented by their accompanying comments. If you have a slightly - non-standard database setup, you may wish to change one or more of - the other "$db_*" parameters. - </para> - </section> - - <section id="database-engine"> - <title>Database Server</title> - <para> - This section deals with configuring your database server for use - with Bugzilla. Currently, MySQL (<xref linkend="mysql"/>), - PostgreSQL (<xref linkend="postgresql"/>), Oracle (<xref linkend="oracle"/>) - and SQLite (<xref linkend="sqlite"/>) are available. - </para> - - <section id="database-schema"> - <title>Bugzilla Database Schema</title> - - <para> - The Bugzilla database schema is available at - <ulink url="http://www.ravenbrook.com/project/p4dti/tool/cgi/bugzilla-schema/">Ravenbrook</ulink>. - This very valuable tool can generate a written description of - the Bugzilla database schema for any version of Bugzilla. It - can also generate a diff between two versions to help someone - see what has changed. - </para> - </section> - - <section id="mysql"> - <title>MySQL</title> - - <caution> - <para> - MySQL's default configuration is insecure. - We highly recommend to run <filename>mysql_secure_installation</filename> - on Linux or the MySQL installer on Windows, and follow the instructions. - Important points to note are: - <orderedlist> - <listitem> - <para>Be sure that the root account has a secure password set.</para> - </listitem> - <listitem> - <para>Do not create an anonymous account, and if it exists, say "yes" - to remove it.</para> - </listitem> - <listitem> - <para>If your web server and MySQL server are on the same machine, - you should disable the network access.</para> - </listitem> - </orderedlist> - </para> - </caution> - - <section id="mysql-max-allowed-packet"> - <title>Allow large attachments and many comments</title> - - <para>By default, MySQL will only allow you to insert things - into the database that are smaller than 1MB. Attachments - may be larger than this. Also, Bugzilla combines all comments - on a single bug into one field for full-text searching, and the - combination of all comments on a single bug could in some cases - be larger than 1MB.</para> - - <para>To change MySQL's default, you need to edit your MySQL - configuration file, which is usually <filename>/etc/my.cnf</filename> - on Linux. We recommend that you allow at least 4MB packets by - adding the "max_allowed_packet" parameter to your MySQL - configuration in the "[mysqld]" section, like this:</para> - - <screen>[mysqld] -# Allow packets up to 4MB -max_allowed_packet=4M - </screen> - </section> - - <section> - <title>Allow small words in full-text indexes</title> - - <para>By default, words must be at least four characters in length - in order to be indexed by MySQL's full-text indexes. This causes - a lot of Bugzilla specific words to be missed, including "cc", - "ftp" and "uri".</para> - - <para>MySQL can be configured to index those words by setting the - ft_min_word_len param to the minimum size of the words to index. - This can be done by modifying the <filename>/etc/my.cnf</filename> - according to the example below:</para> - - <screen> [mysqld] - # Allow small words in full-text indexes - ft_min_word_len=2</screen> - - <para>Rebuilding the indexes can be done based on documentation found at - <ulink url="http://www.mysql.com/doc/en/Fulltext_Fine-tuning.html"/>. - </para> - </section> - - <section id="install-setupdatabase-adduser"> - <title>Add a user to MySQL</title> - - <para> - You need to add a new MySQL user for Bugzilla to use. - (It's not safe to have Bugzilla use the MySQL root account.) - The following instructions assume the defaults in - <filename>localconfig</filename>; if you changed those, - you need to modify the SQL command appropriately. You will - need the <replaceable>$db_pass</replaceable> password you - set in <filename>localconfig</filename> in - <xref linkend="localconfig"/>. - </para> - - <para> - We use an SQL <command>GRANT</command> command to create - a <quote>bugs</quote> user. This also restricts the - <quote>bugs</quote>user to operations within a database - called <quote>bugs</quote>, and only allows the account - to connect from <quote>localhost</quote>. Modify it to - reflect your setup if you will be connecting from another - machine or as a different user. - </para> - - <para> - Run the <filename>mysql</filename> command-line client and enter: - </para> - - <screen> - <prompt>mysql></prompt> GRANT SELECT, INSERT, - UPDATE, DELETE, INDEX, ALTER, CREATE, LOCK TABLES, - CREATE TEMPORARY TABLES, DROP, REFERENCES ON bugs.* - TO bugs@localhost IDENTIFIED BY '<replaceable>$db_pass</replaceable>'; - <prompt>mysql></prompt> FLUSH PRIVILEGES; - </screen> - </section> - - <section> - <title>Permit attachments table to grow beyond 4GB</title> - - <para> - By default, MySQL will limit the size of a table to 4GB. - This limit is present even if the underlying filesystem - has no such limit. To set a higher limit, follow these - instructions. - </para> - - <para> - After you have completed the rest of the installation (or at least the - database setup parts), you should run the <filename>MySQL</filename> - command-line client and enter the following, replacing <literal>$bugs_db</literal> - with your Bugzilla database name (<emphasis>bugs</emphasis> by default): - </para> - - <screen> - <prompt>mysql></prompt> use <replaceable>$bugs_db</replaceable> - <prompt>mysql></prompt> ALTER TABLE attachments - AVG_ROW_LENGTH=1000000, MAX_ROWS=20000; - </screen> - - <para> - The above command will change the limit to 20GB. Mysql will have - to make a temporary copy of your entire table to do this. Ideally, - you should do this when your attachments table is still small. - </para> - - <note> - <para> - This does not affect Big Files, attachments that are stored directly - on disk instead of in the database. - </para> - </note> - </section> - </section> - - <section id="postgresql"> - <title>PostgreSQL</title> - <section> - <title>Add a User to PostgreSQL</title> - - <para>You need to add a new user to PostgreSQL for the Bugzilla - application to use when accessing the database. The following instructions - assume the defaults in <filename>localconfig</filename>; if you - changed those, you need to modify the commands appropriately. You will - need the <replaceable>$db_pass</replaceable> password you - set in <filename>localconfig</filename> in - <xref linkend="localconfig"/>.</para> - - <para>On most systems, to create the user in PostgreSQL, you will need to - login as the root user, and then</para> - - <screen> <prompt>bash#</prompt> su - postgres</screen> - - <para>As the postgres user, you then need to create a new user: </para> - - <screen> <prompt>bash$</prompt> createuser -U postgres -dRSP bugs</screen> - - <para>When asked for a password, provide the password which will be set as - <replaceable>$db_pass</replaceable> in <filename>localconfig</filename>. - The created user will not be a superuser (-S) and will not be able to create - new users (-R). He will only have the ability to create databases (-d).</para> - </section> - - <section> - <title>Configure PostgreSQL</title> - - <para>Now, you will need to edit <filename>pg_hba.conf</filename> which is - usually located in <filename>/var/lib/pgsql/data/</filename>. In this file, - you will need to add a new line to it as follows:</para> - - <para> - <computeroutput>host all bugs 127.0.0.1 255.255.255.255 md5</computeroutput> - </para> - - <para>This means that for TCP/IP (host) connections, allow connections from - '127.0.0.1' to 'all' databases on this server from the 'bugs' user, and use - password authentication (md5) for that user.</para> - - <para>Now, you will need to restart PostgreSQL, but you will need to fully - stop and start the server rather than just restarting due to the possibility - of a change to <filename>postgresql.conf</filename>. After the server has - restarted, you will need to edit <filename>localconfig</filename>, finding - the <literal>$db_driver</literal> variable and setting it to - <literal>Pg</literal> and changing the password in <literal>$db_pass</literal> - to the one you picked previously, while setting up the account.</para> - </section> - </section> - - <section id="oracle"> - <title>Oracle</title> - <section> - <title>Create a New Tablespace</title> - - <para> - You can use the existing tablespace or create a new one for Bugzilla. - To create a new tablespace, run the following command: - </para> - - <programlisting> - CREATE TABLESPACE bugs - DATAFILE '<replaceable>$path_to_datafile</replaceable>' SIZE 500M - AUTOEXTEND ON NEXT 30M MAXSIZE UNLIMITED - </programlisting> - - <para> - Here, the name of the tablespace is 'bugs', but you can - choose another name. <replaceable>$path_to_datafile</replaceable> is - the path to the file containing your database, for instance - <filename>/u01/oradata/bugzilla.dbf</filename>. - The initial size of the database file is set in this example to 500 Mb, - with an increment of 30 Mb everytime we reach the size limit of the file. - </para> - </section> - - <section> - <title>Add a User to Oracle</title> - - <para> - The user name and password must match what you set in - <filename>localconfig</filename> (<literal>$db_user</literal> - and <literal>$db_pass</literal>, respectively). Here, we assume that - the user name is 'bugs' and the tablespace name is the same - as above. - </para> - - <programlisting> - CREATE USER bugs - IDENTIFIED BY "<replaceable>$db_pass</replaceable>" - DEFAULT TABLESPACE bugs - TEMPORARY TABLESPACE TEMP - PROFILE DEFAULT; - -- GRANT/REVOKE ROLE PRIVILEGES - GRANT CONNECT TO bugs; - GRANT RESOURCE TO bugs; - -- GRANT/REVOKE SYSTEM PRIVILEGES - GRANT UNLIMITED TABLESPACE TO bugs; - GRANT EXECUTE ON CTXSYS.CTX_DDL TO bugs; - </programlisting> - </section> - - <section> - <title>Configure the Web Server</title> - - <para> - If you use Apache, append these lines to <filename>httpd.conf</filename> - to set ORACLE_HOME and LD_LIBRARY_PATH. For instance: - </para> - - <programlisting> - SetEnv ORACLE_HOME /u01/app/oracle/product/10.2.0/ - SetEnv LD_LIBRARY_PATH /u01/app/oracle/product/10.2.0/lib/ - </programlisting> - - <para> - When this is done, restart your web server. - </para> - </section> - </section> - - <section id="sqlite"> - <title>SQLite</title> - - <caution> - <para> - Due to SQLite's <ulink url="http://sqlite.org/faq.html#q5">concurrency - limitations</ulink> we recommend SQLite only for small and development - Bugzilla installations. - </para> - </caution> - - <para> - No special configuration is required to run Bugzilla on SQLite. - The database will be stored in <filename>data/db/$db_name</filename>, - where <literal>$db_name</literal> is the database name defined - in <filename>localconfig</filename>. - </para> - </section> - </section> - - <section> - <title>checksetup.pl</title> - - <para> - Next, rerun <filename>checksetup.pl</filename>. It reconfirms - that all the modules are present, and notices the altered - localconfig file, which it assumes you have edited to your - satisfaction. It compiles the UI templates, - connects to the database using the 'bugs' - user you created and the password you defined, and creates the - 'bugs' database and the tables therein. - </para> - - <para> - After that, it asks for details of an administrator account. Bugzilla - can have multiple administrators - you can create more later - but - it needs one to start off with. - Enter the email address of an administrator, his or her full name, - and a suitable Bugzilla password. - </para> - - <para> - <filename>checksetup.pl</filename> will then finish. You may rerun - <filename>checksetup.pl</filename> at any time if you wish. - </para> - </section> - - - <section id="http"> - <title>Web server</title> - <para> - Configure your web server according to the instructions in the - appropriate section. (If it makes a difference in your choice, - the Bugzilla Team recommends Apache.) To check whether your web server - is correctly configured, try to access <filename>testagent.cgi</filename> - from your web server. If "OK" is displayed, then your configuration - is successful. Regardless of which web server - you are using, however, ensure that sensitive information is - not remotely available by properly applying the access controls in - <xref linkend="security-webserver-access"/>. You can run - <filename>testserver.pl</filename> to check if your web server serves - Bugzilla files as expected. - </para> - - <section id="http-apache"> - <title>Bugzilla using Apache</title> - <para>You have two options for running Bugzilla under Apache - - <link linkend="http-apache-mod_cgi">mod_cgi</link> (the default) and - <link linkend="http-apache-mod_perl">mod_perl</link> (new in Bugzilla - 2.23) - </para> - <section id="http-apache-mod_cgi"> - <title>Apache <productname>httpd</productname> with mod_cgi</title> - - <para> - To configure your Apache web server to work with Bugzilla while using - mod_cgi, do the following: - </para> - - <procedure> - <step> - <para> - Load <filename>httpd.conf</filename> in your editor. - In Fedora and Red Hat Linux, this file is found in - <filename class="directory">/etc/httpd/conf</filename>. - </para> - </step> - - <step> - <para> - Apache uses <computeroutput><Directory></computeroutput> - directives to permit fine-grained permission setting. Add the - following lines to a directive that applies to the location - of your Bugzilla installation. (If such a section does not - exist, you'll want to add one.) In this example, Bugzilla has - been installed at - <filename class="directory">/var/www/html/bugzilla</filename>. - </para> - - <programlisting> - <Directory /var/www/html/bugzilla> - AddHandler cgi-script .cgi - Options +Indexes +ExecCGI - DirectoryIndex index.cgi - AllowOverride Limit FileInfo Indexes - </Directory> - </programlisting> - - <para> - These instructions: allow apache to run .cgi files found - within the bugzilla directory; instructs the server to look - for a file called <filename>index.cgi</filename> if someone - only types the directory name into the browser; and allows - Bugzilla's <filename>.htaccess</filename> files to override - global permissions. - </para> - - <note> - <para> - It is possible to make these changes globally, or to the - directive controlling Bugzilla's parent directory (e.g. - <computeroutput><Directory /var/www/html/></computeroutput>). - Such changes would also apply to the Bugzilla directory... - but they would also apply to many other places where they - may or may not be appropriate. In most cases, including - this one, it is better to be as restrictive as possible - when granting extra access. - </para> - </note> - - <note> - <para> - On Windows, you may have to also add the - <computeroutput>ScriptInterpreterSource Registry-Strict</computeroutput> - line, see <link linkend="win32-http">Windows specific notes</link>. - </para> - </note> - </step> - - <step> - <para> - <filename>checksetup.pl</filename> can set tighter permissions - on Bugzilla's files and directories if it knows what group the - web server runs as. Find the <computeroutput>Group</computeroutput> - line in <filename>httpd.conf</filename>, place the value found - there in the <replaceable>$webservergroup</replaceable> variable - in <filename>localconfig</filename>, then rerun - <filename>checksetup.pl</filename>. - </para> - </step> - - <step> - <para> - Optional: If Bugzilla does not actually reside in the webspace - directory, but instead has been symbolically linked there, you - will need to add the following to the - <computeroutput>Options</computeroutput> line of the Bugzilla - <computeroutput><Directory></computeroutput> directive - (the same one as in the step above): - </para> - - <programlisting> - +FollowSymLinks - </programlisting> - - <para> - Without this directive, Apache will not follow symbolic links - to places outside its own directory structure, and you will be - unable to run Bugzilla. - </para> - </step> - </procedure> - </section> - <section id="http-apache-mod_perl"> - <title>Apache <productname>httpd</productname> with mod_perl</title> - - <para>Some configuration is required to make Bugzilla work with Apache - and mod_perl</para> - - <procedure> - <step> - <para> - Load <filename>httpd.conf</filename> in your editor. - In Fedora and Red Hat Linux, this file is found in - <filename class="directory">/etc/httpd/conf</filename>. - </para> - </step> - - <step> - <para>Add the following information to your httpd.conf file, substituting - where appropriate with your own local paths.</para> - - <note> - <para>This should be used instead of the <Directory> block - shown above. This should also be above any other <literal>mod_perl</literal> - directives within the <filename>httpd.conf</filename> and must be specified - in the order as below.</para> - </note> - <warning> - <para>You should also ensure that you have disabled <literal>KeepAlive</literal> - support in your Apache install when utilizing Bugzilla under mod_perl</para> - </warning> - - <programlisting> - PerlSwitches -w -T - PerlConfigRequire /var/www/html/bugzilla/mod_perl.pl - </programlisting> - </step> - - <step> - <para> - <filename>checksetup.pl</filename> can set tighter permissions - on Bugzilla's files and directories if it knows what group the - web server runs as. Find the <computeroutput>Group</computeroutput> - line in <filename>httpd.conf</filename>, place the value found - there in the <replaceable>$webservergroup</replaceable> variable - in <filename>localconfig</filename>, then rerun - <filename>checksetup.pl</filename>. - </para> - </step> - </procedure> - - <para>On restarting Apache, Bugzilla should now be running within the - mod_perl environment. Please ensure you have run checksetup.pl to set - permissions before you restart Apache.</para> - - <note> - <para>Please bear the following points in mind when looking at using - Bugzilla under mod_perl: - <itemizedlist> - <listitem> - <para> - mod_perl support in Bugzilla can take up a HUGE amount of RAM. You could be - looking at 30MB per httpd child, easily. Basically, you just need a lot of RAM. - The more RAM you can get, the better. mod_perl is basically trading RAM for - speed. At least 2GB total system RAM is recommended for running Bugzilla under - mod_perl. - </para> - </listitem> - <listitem> - <para> - Under mod_perl, you have to restart Apache if you make any manual change to - any Bugzilla file. You can't just reload--you have to actually - <emphasis>restart</emphasis> the server (as in make sure it stops and starts - again). You <emphasis>can</emphasis> change localconfig and the params file - manually, if you want, because those are re-read every time you load a page. - </para> - </listitem> - <listitem> - <para> - You must run in Apache's Prefork MPM (this is the default). The Worker MPM - may not work--we haven't tested Bugzilla's mod_perl support under threads. - (And, in fact, we're fairly sure it <emphasis>won't</emphasis> work.) - </para> - </listitem> - <listitem> - <para> - Bugzilla generally expects to be the only mod_perl application running on - your entire server. It may or may not work if there are other applications also - running under mod_perl. It does try its best to play nice with other mod_perl - applications, but it still may have conflicts. - </para> - </listitem> - <listitem> - <para> - It is recommended that you have one Bugzilla instance running under mod_perl - on your server. Bugzilla has not been tested with more than one instance running. - </para> - </listitem> - </itemizedlist> - </para> - </note> - </section> - </section> - - <section id="http-iis"> - <title>Microsoft <productname>Internet Information Services</productname></title> - - <para> - If you are running Bugzilla on Windows and choose to use - Microsoft's <productname>Internet Information Services</productname> - or <productname>Personal Web Server</productname> you will need - to perform a number of other configuration steps as explained below. - You may also want to refer to the following Microsoft Knowledge - Base articles: - <ulink url="http://support.microsoft.com/default.aspx?scid=kb;en-us;245225">245225</ulink> - <quote>HOW TO: Configure and Test a PERL Script with IIS 4.0, - 5.0, and 5.1</quote> (for <productname>Internet Information - Services</productname>) and - <ulink url="http://support.microsoft.com/default.aspx?scid=kb;en-us;231998">231998</ulink> - <quote>HOW TO: FP2000: How to Use Perl with Microsoft Personal Web - Server on Windows 95/98</quote> (for <productname>Personal Web - Server</productname>). - </para> - - <para> - You will need to create a virtual directory for the Bugzilla - install. Put the Bugzilla files in a directory that is named - something <emphasis>other</emphasis> than what you want your - end-users accessing. That is, if you want your users to access - your Bugzilla installation through - <quote>http://<yourdomainname>/Bugzilla</quote>, then do - <emphasis>not</emphasis> put your Bugzilla files in a directory - named <quote>Bugzilla</quote>. Instead, place them in a different - location, and then use the IIS Administration tool to create a - Virtual Directory named "Bugzilla" that acts as an alias for the - actual location of the files. When creating that virtual directory, - make sure you add the <quote>Execute (such as ISAPI applications or - CGI)</quote> access permission. - </para> - - <para> - You will also need to tell IIS how to handle Bugzilla's - .cgi files. Using the IIS Administration tool again, open up - the properties for the new virtual directory and select the - Configuration option to access the Script Mappings. Create an - entry mapping .cgi to: - </para> - - <programlisting> -<full path to perl.exe >\perl.exe -x<full path to Bugzilla> -wT "%s" %s - </programlisting> - - <para> - For example: - </para> - - <programlisting> -c:\perl\bin\perl.exe -xc:\bugzilla -wT "%s" %s - </programlisting> - - <note> - <para> - The ActiveState install may have already created an entry for - .pl files that is limited to <quote>GET,HEAD,POST</quote>. If - so, this mapping should be <emphasis>removed</emphasis> as - Bugzilla's .pl files are not designed to be run via a web server. - </para> - </note> - - <para> - IIS will also need to know that the index.cgi should be treated - as a default document. On the Documents tab page of the virtual - directory properties, you need to add index.cgi as a default - document type. If you wish, you may remove the other default - document types for this particular virtual directory, since Bugzilla - doesn't use any of them. - </para> - - <para> - Also, and this can't be stressed enough, make sure that files - such as <filename>localconfig</filename> and your - <filename class="directory">data</filename> directory are - secured as described in <xref linkend="security-webserver-access"/>. - </para> - - </section> - - </section> - - <section id="install-config-bugzilla"> - <title>Bugzilla</title> - - <para> - Your Bugzilla should now be working. Access - <filename>http://<your-bugzilla-server>/</filename> - - you should see the Bugzilla - front page. If not, consult the Troubleshooting section, - <xref linkend="troubleshooting"/>. - </para> - - <note> - <para> - The URL above may be incorrect if you installed Bugzilla into a - subdirectory or used a symbolic link from your web site root to - the Bugzilla directory. - </para> - </note> - - <para> - Log in with the administrator account you defined in the last - <filename>checksetup.pl</filename> run. You should go through - the Parameters page and see if there are any you wish to change. - They key parameters are documented in <xref linkend="parameters"/>; - you should certainly alter - <command>maintainer</command> and <command>urlbase</command>; - you may also want to alter - <command>cookiepath</command> or <command>requirelogin</command>. - </para> - - <para> - Bugzilla has several optional features which require extra - configuration. You can read about those in - <xref linkend="extraconfig"/>. - </para> - </section> - </section> - - <section id="extraconfig"> - <title>Optional Additional Configuration</title> - - <para> - Bugzilla has a number of optional features. This section describes how - to configure or enable them. - </para> - - <section> - <title>Bug Graphs</title> - - <para>If you have installed the necessary Perl modules you - can start collecting statistics for the nifty Bugzilla - graphs.</para> - - <screen><prompt>bash#</prompt> <command>crontab -e</command></screen> - - <para> - This should bring up the crontab file in your editor. - Add a cron entry like this to run - <filename>collectstats.pl</filename> - daily at 5 after midnight: - </para> - - <programlisting>5 0 * * * cd <your-bugzilla-directory> && ./collectstats.pl</programlisting> - - <para> - After two days have passed you'll be able to view bug graphs from - the Reports page. - </para> - - <note> - <para> - Windows does not have 'cron', but it does have the Task - Scheduler, which performs the same duties. There are also - third-party tools that can be used to implement cron, such as - <ulink url="http://www.nncron.ru/">nncron</ulink>. - </para> - </note> - </section> - - <section id="installation-whining-cron"> - <title>The Whining Cron</title> - - <para>What good are - bugs if they're not annoying? To help make them more so you - can set up Bugzilla's automatic whining system to complain at engineers - which leave their bugs in the CONFIRMED state without triaging them. - </para> - <para> - This can be done by adding the following command as a daily - crontab entry, in the same manner as explained above for bug - graphs. This example runs it at 12.55am. - </para> - - <programlisting>55 0 * * * cd <your-bugzilla-directory> && ./whineatnews.pl</programlisting> - - <note> - <para> - Windows does not have 'cron', but it does have the Task - Scheduler, which performs the same duties. There are also - third-party tools that can be used to implement cron, such as - <ulink url="http://www.nncron.ru/">nncron</ulink>. - </para> - </note> - </section> - - <section id="installation-whining"> - <title>Whining</title> - - <para> - As of Bugzilla 2.20, users can configure Bugzilla to regularly annoy - them at regular intervals, by having Bugzilla execute saved searches - at certain times and emailing the results to the user. This is known - as "Whining". The process of configuring Whining is described - in <xref linkend="whining"/>, but for it to work a Perl script must be - executed at regular intervals. - </para> - - <para> - This can be done by adding the following command as a daily - crontab entry, in the same manner as explained above for bug - graphs. This example runs it every 15 minutes. - </para> - - <programlisting>*/15 * * * * cd <your-bugzilla-directory> && ./whine.pl</programlisting> - - <note> - <para> - Whines can be executed as often as every 15 minutes, so if you specify - longer intervals between executions of whine.pl, some users may not - be whined at as often as they would expect. Depending on the person, - this can either be a very Good Thing or a very Bad Thing. - </para> - </note> - - <note> - <para> - Windows does not have 'cron', but it does have the Task - Scheduler, which performs the same duties. There are also - third-party tools that can be used to implement cron, such as - <ulink url="http://www.nncron.ru/">nncron</ulink>. - </para> - </note> - </section> - - <section id="apache-addtype"> - <title>Serving Alternate Formats with the right MIME type</title> - - <para> - Some Bugzilla pages have alternate formats, other than just plain - <acronym>HTML</acronym>. In particular, a few Bugzilla pages can - output their contents as either <acronym>XUL</acronym> (a special - Mozilla format, that looks like a program <acronym>GUI</acronym>) - or <acronym>RDF</acronym> (a type of structured <acronym>XML</acronym> - that can be read by various programs). - </para> - <para> - In order for your users to see these pages correctly, Apache must - send them with the right <acronym>MIME</acronym> type. To do this, - add the following lines to your Apache configuration, either in the - <computeroutput><VirtualHost></computeroutput> section for your - Bugzilla, or in the <computeroutput><Directory></computeroutput> - section for your Bugzilla: - </para> - <para> - <screen>AddType application/vnd.mozilla.xul+xml .xul -AddType application/rdf+xml .rdf</screen> - </para> - </section> - </section> - - <section id="multiple-bz-dbs"> - <title>Multiple Bugzilla databases with a single installation</title> - - <para>The previous instructions referred to a standard installation, with - one unique Bugzilla database. However, you may want to host several - distinct installations, without having several copies of the code. This is - possible by using the PROJECT environment variable. When accessed, - Bugzilla checks for the existence of this variable, and if present, uses - its value to check for an alternative configuration file named - <filename>localconfig.<PROJECT></filename> in the same location as - the default one (<filename>localconfig</filename>). It also checks for - customized templates in a directory named - <filename><PROJECT></filename> in the same location as the - default one (<filename>template/<langcode></filename>). By default - this is <filename>template/en/default</filename> so PROJECT's templates - would be located at <filename>template/en/PROJECT</filename>.</para> - - <para>To set up an alternate installation, just export PROJECT=foo before - running <command>checksetup.pl</command> for the first time. It will - result in a file called <filename>localconfig.foo</filename> instead of - <filename>localconfig</filename>. Edit this file as described above, with - reference to a new database, and re-run <command>checksetup.pl</command> - to populate it. That's all.</para> - - <para>Now you have to configure the web server to pass this environment - variable when accessed via an alternate URL, such as virtual host for - instance. The following is an example of how you could do it in Apache, - other Webservers may differ. -<programlisting> -<VirtualHost 212.85.153.228:80> - ServerName foo.bar.baz - SetEnv PROJECT foo - Alias /bugzilla /var/www/bugzilla -</VirtualHost> -</programlisting> - </para> - - <para>Don't forget to also export this variable before accessing Bugzilla - by other means, such as cron tasks for instance.</para> - </section> - - <section id="os-specific"> - <title>OS-Specific Installation Notes</title> - - <para>Many aspects of the Bugzilla installation can be affected by the - operating system you choose to install it on. Sometimes it can be made - easier and others more difficult. This section will attempt to help you - understand both the difficulties of running on specific operating systems - and the utilities available to make it easier. - </para> - - <para>If you have anything to add or notes for an operating system not - covered, please file a bug in &bzg-bugs;. - </para> - - <section id="os-win32"> - <title>Microsoft Windows</title> - <para> - Making Bugzilla work on Windows is more difficult than making it - work on Unix. For that reason, we still recommend doing so on a Unix - based system such as GNU/Linux. That said, if you do want to get - Bugzilla running on Windows, you will need to make the following - adjustments. A detailed step-by-step - <ulink url="https://wiki.mozilla.org/Bugzilla:Win32Install"> - installation guide for Windows</ulink> is also available - if you need more help with your installation. - </para> - - <section id="win32-perl"> - <title>Win32 Perl</title> - <para> - Perl for Windows can be obtained from - <ulink url="http://www.activestate.com/">ActiveState</ulink>. - You should be able to find a compiled binary at <ulink - url="http://aspn.activestate.com/ASPN/Downloads/ActivePerl/" />. - The following instructions assume that you are using version - 5.8.1 of ActiveState. - </para> - - <note> - <para> - These instructions are for 32-bit versions of Windows. If you are - using a 64-bit version of Windows, you will need to install 32-bit - Perl in order to install the 32-bit modules as described below. - </para> - </note> - - </section> - - <section id="win32-perl-modules"> - <title>Perl Modules on Win32</title> - - <para> - Bugzilla on Windows requires the same perl modules found in - <xref linkend="install-perlmodules"/>. The main difference is that - windows uses <glossterm linkend="gloss-ppm">PPM</glossterm> instead - of CPAN. ActiveState provides a GUI to manage Perl modules. We highly - recommend that you use it. If you prefer to use ppm from the - command-line, type: - </para> - - <programlisting> -C:\perl> <command>ppm install <module name></command> - </programlisting> - - <note> - <para> - The PPM repository stores modules in 'packages' that may have - a slightly different name than the module. If retrieving these - modules from there, you will need to pay attention to the information - provided when you run <command>checksetup.pl</command> as it will - tell you what package you'll need to install. - </para> - </note> - - <tip> - <para> - If you are behind a corporate firewall, you will need to let the - ActiveState PPM utility know how to get through it to access - the repositories by setting the HTTP_proxy system environmental - variable. For more information on setting that variable, see - the ActiveState documentation. - </para> - </tip> - </section> - - <section id="win32-http"> - <title>Serving the web pages</title> - - <para> - As is the case on Unix based systems, any web server should - be able to handle Bugzilla; however, the Bugzilla Team still - recommends Apache whenever asked. No matter what web server - you choose, be sure to pay attention to the security notes - in <xref linkend="security-webserver-access"/>. More - information on configuring specific web servers can be found - in <xref linkend="http"/>. - </para> - - <note> - <para> - The web server looks at <filename>/usr/bin/perl</filename> to - call Perl. If you are using Apache on windows, you can set the - <ulink url="http://httpd.apache.org/docs-2.0/mod/core.html#scriptinterpretersource">ScriptInterpreterSource</ulink> - directive in your Apache config file to make it look at the - right place: insert the line - <programlisting>ScriptInterpreterSource Registry-Strict</programlisting> - into your <filename>httpd.conf</filename> file, and create the key - <programlisting>HKEY_CLASSES_ROOT\.cgi\Shell\ExecCGI\Command</programlisting> - with <option>C:\Perl\bin\perl.exe -T</option> as value (adapt to your - path if needed) in the registry. When this is done, restart Apache. - </para> - </note> - - </section> - - <section id="win32-email"> - <title>Sending Email</title> - - <para> - To enable Bugzilla to send email on Windows, the server running the - Bugzilla code must be able to connect to, or act as, an SMTP server. - </para> - - </section> - </section> - - <section id="os-macosx"> - <title><productname>Mac OS X</productname></title> - - <para>Making Bugzilla work on Mac OS X requires the following - adjustments.</para> - - <section id="macosx-sendmail"> - <title>Sendmail</title> - - <para>In Mac OS X 10.3 and later, - <ulink url="http://www.postfix.org/">Postfix</ulink> - is used as the built-in email server. Postfix provides an executable - that mimics sendmail enough to fool Bugzilla, as long as Bugzilla can - find it. Bugzilla is able to find the fake sendmail executable without - any assistance.</para> - - </section> - - <section id="macosx-libraries"> - <title>Libraries & Perl Modules on Mac OS X</title> - - <para>Apple does not include the GD library with Mac OS X. Bugzilla - needs this for bug graphs.</para> - - <para>You can use MacPorts (<ulink url="http://www.macports.org/"/>) - or Fink (<ulink url="http://sourceforge.net/projects/fink/"/>), both - of which are similar in nature to the CPAN installer, but install - common unix programs.</para> - - <para>Follow the instructions for setting up MacPorts or Fink. - Once you have one installed, you'll want to use it to install the - <filename>gd2</filename> package. - </para> - - <para>Fink will prompt you for a number of dependencies, type 'y' and hit - enter to install all of the dependencies and then watch it work. You will - then be able to use <glossterm linkend="gloss-cpan">CPAN</glossterm> to - install the GD Perl module. - </para> - - <note> - <para>To prevent creating conflicts with the software that Apple - installs by default, Fink creates its own directory tree at - <filename class="directory">/sw</filename> where it installs most of - the software that it installs. This means your libraries and headers - will be at <filename class="directory">/sw/lib</filename> and - <filename class="directory">/sw/include</filename> instead of - <filename class="directory">/usr/lib</filename> and - <filename class="directory">/usr/include</filename>. When the - Perl module config script asks where your <filename>libgd</filename> - is, be sure to tell it - <filename class="directory">/sw/lib</filename>. - </para> - </note> - - <para>Also available via MacPorts and Fink is - <filename>expat</filename>. After installing the expat package, you - will be able to install XML::Parser using CPAN. If you use fink, there - is one caveat. Unlike recent versions of - the GD module, XML::Parser doesn't prompt for the location of the - required libraries. When using CPAN, you will need to use the following - command sequence: - </para> - - <screen> -# perl -MCPAN -e'look XML::Parser' <co id="macosx-look"/> -# perl Makefile.PL EXPATLIBPATH=/sw/lib EXPATINCPATH=/sw/include -# make; make test; make install <co id="macosx-make"/> -# exit <co id="macosx-exit"/> - </screen> - <calloutlist> - <callout arearefs="macosx-look macosx-exit"> - <para>The look command will download the module and spawn a - new shell with the extracted files as the current working directory. - The exit command will return you to your original shell. - </para> - </callout> - <callout arearefs="macosx-make"> - <para>You should watch the output from these make commands, - especially <quote>make test</quote> as errors may prevent - XML::Parser from functioning correctly with Bugzilla. - </para> - </callout> - </calloutlist> - </section> - </section> - - <section id="os-linux"> - <title>Linux Distributions</title> - <para>Many Linux distributions include Bugzilla and its - dependencies in their native package management systems. - Installing Bugzilla with root access on any Linux system - should be as simple as finding the Bugzilla package in the - package management application and installing it using the - normal command syntax. Several distributions also perform - the proper web server configuration automatically on installation. - </para> - <para>Please consult the documentation of your Linux - distribution for instructions on how to install packages, - or for specific instructions on installing Bugzilla with - native package management tools. There is also a - <ulink url="http://wiki.mozilla.org/Bugzilla:Linux_Distro_Installation"> - Bugzilla Wiki Page</ulink> for distro-specific installation - notes. - </para> - </section> - </section> - - - <section id="nonroot"> - <title>UNIX (non-root) Installation Notes</title> - - <section> - <title>Introduction</title> - - <para>If you are running a *NIX OS as non-root, either due - to lack of access (web hosts, for example) or for security - reasons, this will detail how to install Bugzilla on such - a setup. It is recommended that you read through the - <xref linkend="installation" /> - first to get an idea on the installation steps required. - (These notes will reference to steps in that guide.)</para> - - </section> - - <section> - <title>MySQL</title> - - <para>You may have MySQL installed as root. If you're - setting up an account with a web host, a MySQL account - needs to be set up for you. From there, you can create - the bugs account, or use the account given to you.</para> - - <warning> - <para>You may have problems trying to set up - <command>GRANT</command> permissions to the database. - If you're using a web host, chances are that you have a - separate database which is already locked down (or one big - database with limited/no access to the other areas), but you - may want to ask your system administrator what the security - settings are set to, and/or run the <command>GRANT</command> - command for you.</para> - - <para>Also, you will probably not be able to change the MySQL - root user password (for obvious reasons), so skip that - step.</para> - </warning> - - <section> - <title>Running MySQL as Non-Root</title> - <section> - <title>The Custom Configuration Method</title> - <para>Create a file .my.cnf in your - home directory (using /home/foo in this example) - as follows....</para> - <programlisting> -[mysqld] -datadir=/home/foo/mymysql -socket=/home/foo/mymysql/thesock -port=8081 - -[mysql] -socket=/home/foo/mymysql/thesock -port=8081 - -[mysql.server] -user=mysql -basedir=/var/lib - -[safe_mysqld] -err-log=/home/foo/mymysql/the.log -pid-file=/home/foo/mymysql/the.pid - </programlisting> - </section> - <section> - <title>The Custom Built Method</title> - - <para>You can install MySQL as a not-root, if you really need to. - Build it with PREFIX set to <filename class="directory">/home/foo/mysql</filename>, - or use pre-installed executables, specifying that you want - to put all of the data files in <filename class="directory">/home/foo/mysql/data</filename>. - If there is another MySQL server running on the system that you - do not own, use the -P option to specify a TCP port that is not - in use.</para> - </section> - - <section> - <title>Starting the Server</title> - <para>After your mysqld program is built and any .my.cnf file is - in place, you must initialize the databases (ONCE).</para> - <screen> - <prompt>bash$</prompt> - <command>mysql_install_db</command> - </screen> - <para>Then start the daemon with</para> - <screen> - <prompt>bash$</prompt> - <command>safe_mysql &</command> - </screen> - <para>After you start mysqld the first time, you then connect to - it as "root" and <command>GRANT</command> permissions to other - users. (Again, the MySQL root account has nothing to do with - the *NIX root account.)</para> - - <note> - <para>You will need to start the daemons yourself. You can either - ask your system administrator to add them to system startup files, or - add a crontab entry that runs a script to check on these daemons - and restart them if needed.</para> - </note> - - <warning> - <para>Do NOT run daemons or other services on a server without first - consulting your system administrator! Daemons use up system resources - and running one may be in violation of your terms of service for any - machine on which you are a user!</para> - </warning> - </section> - </section> - - </section> - - <section> - <title>Perl</title> - - <para> - On the extremely rare chance that you don't have Perl on - the machine, you will have to build the sources - yourself. The following commands should get your system - installed with your own personal version of Perl: - </para> - - <screen> - <prompt>bash$</prompt> - <command>wget http://perl.org/CPAN/src/stable.tar.gz</command> - <prompt>bash$</prompt> - <command>tar zvxf stable.tar.gz</command> - <prompt>bash$</prompt> - <command>cd perl-5.8.1</command> (or whatever the version of Perl is called) - <prompt>bash$</prompt> - <command>sh Configure -de -Dprefix=/home/foo/perl</command> - <prompt>bash$</prompt> - <command>make && make test && make install</command> - </screen> - - <para> - Once you have Perl installed into a directory (probably - in <filename class="directory">~/perl/bin</filename>), you will need to - install the Perl Modules, described below. - </para> - </section> - - <section id="install-perlmodules-nonroot"> - <title>Perl Modules</title> - - <para> - Installing the Perl modules as a non-root user is accomplished by - running the <filename>install-module.pl</filename> - script. For more details on this script, see - <ulink url="api/install-module.html"><filename>install-module.pl</filename> - documentation</ulink> - </para> - </section> - - <section> - <title>HTTP Server</title> - - <para>Ideally, this also needs to be installed as root and - run under a special web server account. As long as - the web server will allow the running of *.cgi files outside of a - cgi-bin, and a way of denying web access to certain files (such as a - .htaccess file), you should be good in this department.</para> - - <section> - <title>Running Apache as Non-Root</title> - - <para>You can run Apache as a non-root user, but the port will need - to be set to one above 1024. If you type <command>httpd -V</command>, - you will get a list of the variables that your system copy of httpd - uses. One of those, namely HTTPD_ROOT, tells you where that - installation looks for its config information.</para> - - <para>From there, you can copy the config files to your own home - directory to start editing. When you edit those and then use the -d - option to override the HTTPD_ROOT compiled into the web server, you - get control of your own customized web server.</para> - - <note> - <para>You will need to start the daemons yourself. You can either - ask your system administrator to add them to system startup files, or - add a crontab entry that runs a script to check on these daemons - and restart them if needed.</para> - </note> - - <warning> - <para>Do NOT run daemons or other services on a server without first - consulting your system administrator! Daemons use up system resources - and running one may be in violation of your terms of service for any - machine on which you are a user!</para> - </warning> - </section> - </section> - - <section> - <title>Bugzilla</title> - - <para> - When you run <command>./checksetup.pl</command> to create - the <filename>localconfig</filename> file, it will list the Perl - modules it finds. If one is missing, go back and double-check the - module installation from <xref linkend="install-perlmodules-nonroot"/>, - then delete the <filename>localconfig</filename> file and try again. - </para> - - <warning> - <para>One option in <filename>localconfig</filename> you - might have problems with is the web server group. If you can't - successfully browse to the <filename>index.cgi</filename> (like - a Forbidden error), you may have to relax your permissions, - and blank out the web server group. Of course, this may pose - as a security risk. Having a properly jailed shell and/or - limited access to shell accounts may lessen the security risk, - but use at your own risk.</para> - </warning> - - <section id="suexec"> - <title>suexec or shared hosting</title> - - <para>If you are running on a system that uses suexec (most shared - hosting environments do this), you will need to set the - <emphasis>webservergroup</emphasis> value in <filename>localconfig</filename> - to match <emphasis>your</emphasis> primary group, rather than the one - the web server runs under. You will need to run the following - shell commands after running <command>./checksetup.pl</command>, - every time you run it (or modify <filename>checksetup.pl</filename> - to do them for you via the system() command). - <programlisting> for i in docs graphs images js skins; do find $i -type d -exec chmod o+rx {} \; ; done - for i in jpg gif css js png html rdf xul; do find . -name \*.$i -exec chmod o+r {} \; ; done - find . -name .htaccess -exec chmod o+r {} \; - chmod o+x . data data/webdot</programlisting> - Pay particular attention to the number of semicolons and dots. - They are all important. A future version of Bugzilla will - hopefully be able to do this for you out of the box.</para> - </section> - </section> - </section> - - - <section id="upgrade"> - <title>Upgrading to New Releases</title> - - <para>Upgrading to new Bugzilla releases is very simple. There is - a script named <filename>checksetup.pl</filename> included with - Bugzilla that will automatically do all of the database migration - for you.</para> - - <para>The following sections explain how to upgrade from one - version of Bugzilla to another. Whether you are upgrading - from one bug-fix version to another (such as 4.2 to 4.2.1) - or from one major version to another (such as from 4.0 to 4.2), - the instructions are always the same.</para> - - <note> - <para> - Any examples in the following sections are written as though the - user were updating to version 4.2.1, but the procedures are the - same no matter what version you're updating to. Also, in the - examples, the user's Bugzilla installation is found at - <filename>/var/www/html/bugzilla</filename>. If that is not the - same as the location of your Bugzilla installation, simply - substitute the proper paths where appropriate. - </para> - </note> - - <section id="upgrade-before"> - <title>Before You Upgrade</title> - - <para>Before you start your upgrade, there are a few important - steps to take:</para> - - <orderedlist> - <listitem> - <para> - Read the <ulink url="http://www.bugzilla.org/releases/">Release - Notes</ulink> of the version you're upgrading to, - particularly the "Notes for Upgraders" section. - </para> - </listitem> - - <listitem> - <para> - View the Sanity Check (<xref linkend="sanitycheck"/>) page - on your installation before upgrading. Attempt to fix all warnings - that the page produces before you go any further, or you may - experience problems during your upgrade. - </para> - </listitem> - - <listitem> - <para> - Shut down your Bugzilla installation by putting some HTML or - text in the shutdownhtml parameter - (see <xref linkend="parameters"/>). - </para> - </listitem> - - <listitem> - <para> - Make a backup of the Bugzilla database. - <emphasis>THIS IS VERY IMPORTANT</emphasis>. If - anything goes wrong during the upgrade, your installation - can be corrupted beyond recovery. Having a backup keeps you safe. - </para> - - <warning> - <para> - Upgrading is a one-way process. You cannot "downgrade" an - upgraded Bugzilla. If you wish to revert to the old Bugzilla - version for any reason, you will have to restore your database - from this backup. - </para> - </warning> - - <para>Here are some sample commands you could use to backup - your database, depending on what database system you're - using. You may have to modify these commands for your - particular setup.</para> - - <variablelist> - <varlistentry> - <term>MySQL:</term> - <listitem> - <para> - <command>mysqldump --opt -u bugs -p bugs > bugs.sql</command> - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>PostgreSQL:</term> - <listitem> - <para> - <command>pg_dump --no-privileges --no-owner -h localhost -U bugs - > bugs.sql</command> - </para> - </listitem> - </varlistentry> - </variablelist> - </listitem> - </orderedlist> - </section> - - <section id="upgrade-files"> - <title>Getting The New Bugzilla</title> - - <para>There are three ways to get the new version of Bugzilla. - We'll list them here briefly and then explain them - more later.</para> - - <variablelist> - <varlistentry> - <term>Bzr (<xref linkend="upgrade-bzr"/>)</term> - <listitem> - <para> - If you have <command>bzr</command> installed on your machine - and you have Internet access, this is the easiest way to - upgrade, particularly if you have made modifications - to the code or templates of Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Download the tarball (<xref linkend="upgrade-tarball"/>)</term> - <listitem> - <para> - This is a very simple way to upgrade, and good if you - haven't made many (or any) modifications to the code or - templates of your Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Patches (<xref linkend="upgrade-patches"/>)</term> - <listitem> - <para> - If you have made modifications to your Bugzilla, and - you don't have Internet access or you don't want to use - bzr, then this is the best way to upgrade. - </para> - - <para> - You can only do minor upgrades (such as 4.2 to 4.2.1 or - 4.2.1 to 4.2.2) with patches. - </para> - </listitem> - </varlistentry> - </variablelist> - - <section id="upgrade-modified"> - <title>If you have modified your Bugzilla</title> - - <para> - If you have modified the code or templates of your Bugzilla, - then upgrading requires a bit more thought and effort. - A discussion of the various methods of updating compared with - degree and methods of local customization can be found in - <xref linkend="template-method"/>. - </para> - - <para> - The larger the jump you are trying to make, the more difficult it - is going to be to upgrade if you have made local customizations. - Upgrading from 4.2 to 4.2.1 should be fairly painless even if - you are heavily customized, but going from 2.18 to 4.2 is going - to mean a fair bit of work re-writing your local changes to use - the new files, logic, templates, etc. If you have done no local - changes at all, however, then upgrading should be approximately - the same amount of work regardless of how long it has been since - your version was released. - </para> - </section> - - <section id="upgrade-bzr"> - <title>Upgrading using Bzr</title> - - <para> - This requires that you have bzr installed (most Unix machines do), - and requires that you are able to access - <ulink url="http://bzr.mozilla.org/bugzilla/">bzr.mozilla.org</ulink>, - which may not be an option if you don't have Internet access. - </para> - - <para> - The following shows the sequence of commands needed to update a - Bugzilla installation via Bzr, and a typical series of results. - These commands assume that you already have Bugzilla installed - using Bzr. - </para> - - <warning> - <para> - If your installation is still using CVS, you must first convert - it to Bzr. A very detailed step by step documentation can be - found on <ulink url="https://wiki.mozilla.org/Bugzilla:Moving_From_CVS_To_Bazaar">wiki.mozilla.org</ulink>. - </para> - </warning> - - <programlisting> -bash$ <command>cd /var/www/html/bugzilla</command> -bash$ <command>bzr switch 4.2</command> (only run this command when not yet running 4.2) -bash$ <command>bzr up -r tag:bugzilla-4.2.1</command> -+N extensions/MoreBugUrl/ -+N extensions/MoreBugUrl/Config.pm -+N extensions/MoreBugUrl/Extension.pm -... - M Bugzilla/Attachment.pm - M Bugzilla/Attachment/PatchReader.pm - M Bugzilla/Bug.pm -... -All changes applied successfully. - </programlisting> - - <caution> - <para> - If a line in the output from <command>bzr up</command> mentions - a conflict, then that represents a file with local changes that - Bzr was unable to properly merge. You need to resolve these - conflicts manually before Bugzilla (or at least the portion using - that file) will be usable. - </para> - </caution> - </section> - - <section id="upgrade-tarball"> - <title>Upgrading using the tarball</title> - - <para> - If you are unable (or unwilling) to use Bzr, another option that's - always available is to obtain the latest tarball from the <ulink - url="http://www.bugzilla.org/download/">Download Page</ulink> and - create a new Bugzilla installation from that. - </para> - - <para> - This sequence of commands shows how to get the tarball from the - command-line; it is also possible to download it from the site - directly in a web browser. If you go that route, save the file - to the <filename class="directory">/var/www/html</filename> - directory (or its equivalent, if you use something else) and - omit the first three lines of the example. - </para> - - <programlisting> -bash$ <command>cd /var/www/html</command> -bash$ <command>wget http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-4.2.1.tar.gz</command> -<emphasis>(Output omitted)</emphasis> -bash$ <command>tar xzvf bugzilla-4.2.1.tar.gz</command> -bugzilla-4.2.1/ -bugzilla-4.2.1/colchange.cgi -<emphasis>(Output truncated)</emphasis> -bash$ <command>cd bugzilla-4.2.1</command> -bash$ <command>cp ../bugzilla/localconfig* .</command> -bash$ <command>cp -r ../bugzilla/data .</command> -bash$ <command>cd ..</command> -bash$ <command>mv bugzilla bugzilla.old</command> -bash$ <command>mv bugzilla-4.2.1 bugzilla</command> - </programlisting> - - <warning> - <para> - The <command>cp</command> commands both end with periods which - is a very important detail--it means that the destination - directory is the current working directory. - </para> - </warning> - - <caution> - <para> - If you have some extensions installed, you will have to copy them - to the new bugzilla directory too. Extensions are located in - <filename>bugzilla/extensions/</filename>. Only copy those you - installed, not those managed by the Bugzilla team. - </para> - </caution> - - <para> - This upgrade method will give you a clean install of Bugzilla. - That's fine if you don't have any local customizations that you - want to maintain. If you do have customizations, then you will - need to reapply them by hand to the appropriate files. - </para> - </section> - - <section id="upgrade-patches"> - <title>Upgrading using patches</title> - - <para> - A patch is a collection of all the bug fixes that have been made - since the last bug-fix release. - </para> - - <para> - If you are doing a bug-fix upgrade—that is, one where only the - last number of the revision changes, such as from 4.2 to - 4.2.1—then you have the option of obtaining and applying a - patch file from the <ulink - url="http://www.bugzilla.org/download/">Download Page</ulink>. - </para> - - <para> - As above, this example starts with obtaining the file via the - command line. If you have already downloaded it, you can omit the - first two commands. - </para> - - <programlisting> -bash$ <command>cd /var/www/html/bugzilla</command> -bash$ <command>wget http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-4.2-to-4.2.1.diff.gz</command> -<emphasis>(Output omitted)</emphasis> -bash$ <command>gunzip bugzilla-4.2-to-4.2.1.diff.gz</command> -bash$ <command>patch -p1 < bugzilla-4.2-to-4.2.1.diff</command> -patching file Bugzilla/Constants.pm -patching file enter_bug.cgi -<emphasis>(etc.)</emphasis> - </programlisting> - - <warning> - <para> - Be aware that upgrading from a patch file does not change the - entries in your <filename class="directory">.bzr</filename> directory. - This could make it more difficult to upgrade using Bzr - (<xref linkend="upgrade-bzr"/>) in the future. - </para> - </warning> - - </section> - </section> - - <section id="upgrade-completion"> - <title>Completing Your Upgrade</title> - - <para> - Now that you have the new Bugzilla code, there are a few final - steps to complete your upgrade. - </para> - - <orderedlist> - <listitem> - <para> - If your new Bugzilla installation is in a different - directory or on a different machine than your old Bugzilla - installation, make sure that you have copied the - <filename>data</filename> directory and the - <filename>localconfig</filename> file from your old Bugzilla - installation. (If you followed the tarball instructions - above, this has already happened.) - </para> - </listitem> - - <listitem> - <para> - If this is a major update, check that the configuration - (<xref linkend="configuration"/>) for your new Bugzilla is - up-to-date. Sometimes the configuration requirements change - between major versions. - </para> - </listitem> - - <listitem> - <para> - If you didn't do it as part of the above configuration step, - now you need to run <command>checksetup.pl</command>, which - will do everything required to convert your existing database - and settings for the new version: - </para> - - <programlisting> -bash$ <command>cd /var/www/html/bugzilla</command> -bash$ <command>./checksetup.pl</command> - </programlisting> - - <warning> - <para> - The period at the beginning of the command - <command>./checksetup.pl</command> is important and can not - be omitted. - </para> - </warning> - - <caution> - <para> - If this is a major upgrade (say, 3.6 to 4.2 or similar), - running <command>checksetup.pl</command> on a large - installation (75,000 or more bugs) can take a long time, - possibly several hours. - </para> - </caution> - </listitem> - - <listitem> - <para> - Clear any HTML or text that you put into the shutdownhtml - parameter, to re-activate Bugzilla. - </para> - </listitem> - - <listitem> - <para> - View the Sanity Check (<xref linkend="sanitycheck"/>) page in your - upgraded Bugzilla. - </para> - <para> - It is recommended that, if possible, you fix any problems - you see, immediately. Failure to do this may mean that Bugzilla - will not work correctly. Be aware that if the sanity check page - contains more errors after an upgrade, it doesn't necessarily - mean there are more errors in your database than there were - before, as additional tests are added to the sanity check over - time, and it is possible that those errors weren't being - checked for in the old version. - </para> - </listitem> - </orderedlist> - - </section> - - <section id="upgrade-notifications"> - <title>Automatic Notifications of New Releases</title> - - <para> - Bugzilla 3.0 introduced the ability to automatically notify - administrators when new releases are available, based on the - <literal>upgrade_notification</literal> parameter, see - <xref linkend="parameters"/>. Administrators will see these - notifications when they access the <filename>index.cgi</filename> - page, i.e. generally when logging in. Bugzilla will check once per - day for new releases, unless the parameter is set to - <quote>disabled</quote>. If you are behind a proxy, you may have to set - the <literal>proxy_url</literal> parameter accordingly. If the proxy - requires authentication, use the - <literal>http://user:pass@proxy_url/</literal> syntax. - </para> - </section> - </section> - -</chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> diff --git a/docs/en/xml/modules.xml b/docs/en/xml/modules.xml deleted file mode 100644 index 2907dadcd..000000000 --- a/docs/en/xml/modules.xml +++ /dev/null @@ -1,175 +0,0 @@ -<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> -<appendix id="install-perlmodules-manual"> - <title>Manual Installation of Perl Modules</title> - - <section id="modules-manual-instructions"> - <title>Instructions</title> - <para> - If you need to install Perl modules manually, here's how it's done. - Download the module using the link given in the next section, and then - apply this magic incantation, as root: - </para> - - <para> - <screen><prompt>bash#</prompt> tar -xzvf <module>.tar.gz -<prompt>bash#</prompt> cd <module> -<prompt>bash#</prompt> perl Makefile.PL -<prompt>bash#</prompt> make -<prompt>bash#</prompt> make test -<prompt>bash#</prompt> make install</screen> - </para> - <note> - <para> - In order to compile source code under Windows you will need to obtain - a 'make' utility. The <command>nmake</command> utility provided with - Microsoft Visual C++ may be used. As an alternative, there is a - utility called <command>dmake</command> available from CPAN which is - written entirely in Perl. - </para> - <para> - As described in <xref linkend="modules-manual-download" />, however, most - packages already exist and are available from ActiveState or theory58S. - We highly recommend that you install them using the ppm GUI available with - ActiveState and to add the theory58S repository to your list of repositories. - </para> - </note> - </section> - - <section id="modules-manual-download"> - <title>Download Locations</title> - - <note> - <para> - Running Bugzilla on Windows requires the use of ActiveState - Perl 5.8.1 or higher. Many modules already exist in the core - distribution of ActiveState Perl. If some modules are missing, upgrade - ActiveState Perl to at least 5.12; it has all the required modules. - </para> - </note> - - <para> - CGI: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/CGI.pm/"/> - Documentation: <ulink url="http://perldoc.perl.org/CGI.html"/> - </literallayout> - </para> - - <para> - Data-Dumper: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/Data-Dumper/"/> - Documentation: <ulink url="http://search.cpan.org/dist/Data-Dumper/Dumper.pm"/> - </literallayout> - </para> - - <para> - Date::Format (part of TimeDate): - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/TimeDate/"/> - Documentation: <ulink url="http://search.cpan.org/dist/TimeDate/lib/Date/Format.pm"/> - </literallayout> - </para> - - <para> - DBI: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBI/"/> - Documentation: <ulink url="http://dbi.perl.org/docs/"/> - </literallayout> - </para> - - <para> - DBD::mysql: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-mysql/"/> - Documentation: <ulink url="http://search.cpan.org/dist/DBD-mysql/lib/DBD/mysql.pm"/> - </literallayout> - </para> - - <para> - DBD::Pg: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/DBD-Pg/"/> - Documentation: <ulink url="http://search.cpan.org/dist/DBD-Pg/Pg.pm"/> - </literallayout> - </para> - - <para> - Template-Toolkit: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-Toolkit/"/> - Documentation: <ulink url="http://www.template-toolkit.org/docs.html"/> - </literallayout> - </para> - - <para> - GD: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/GD/"/> - Documentation: <ulink url="http://search.cpan.org/dist/GD/GD.pm"/> - </literallayout> - </para> - - <para> - Template::Plugin::GD: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/Template-GD/" /> - Documentation: <ulink url="http://www.template-toolkit.org/docs/aqua/Modules/index.html" /> - </literallayout> - </para> - - <para> - MIME::Parser (part of MIME-tools): - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/MIME-tools/"/> - Documentation: <ulink url="http://search.cpan.org/dist/MIME-tools/lib/MIME/Parser.pm"/> - </literallayout> - </para> - - </section> - - <section id="modules-manual-optional"> - <title>Optional Modules</title> - - <para> - Chart::Lines: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/Chart/"/> - Documentation: <ulink url="http://search.cpan.org/dist/Chart/Chart.pod"/> - </literallayout> - </para> - - <para> - GD::Graph: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDGraph/"/> - Documentation: <ulink url="http://search.cpan.org/dist/GDGraph/Graph.pm"/> - </literallayout> - </para> - - <para> - GD::Text::Align (part of GD::Text::Util): - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/GDTextUtil/"/> - Documentation: <ulink url="http://search.cpan.org/dist/GDTextUtil/Text/Align.pm"/> - </literallayout> - </para> - - <para> - XML::Twig: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/dist/XML-Twig/"/> - Documentation: <ulink url="http://standards.ieee.org/resources/spasystem/twig/twig_stable.html"/> - </literallayout> - </para> - - <para> - PatchReader: - <literallayout> - CPAN Download Page: <ulink url="http://search.cpan.org/author/JKEISER/PatchReader/"/> - Documentation: <ulink url="http://www.johnkeiser.com/mozilla/Patch_Viewer.html"/> - </literallayout> - </para> - </section> -</appendix> diff --git a/docs/en/xml/security.xml b/docs/en/xml/security.xml deleted file mode 100644 index b234dd993..000000000 --- a/docs/en/xml/security.xml +++ /dev/null @@ -1,270 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> --> - -<chapter id="security"> -<title>Bugzilla Security</title> - - <para>While some of the items in this chapter are related to the operating - system Bugzilla is running on or some of the support software required to - run Bugzilla, it is all related to protecting your data. This is not - intended to be a comprehensive guide to securing Linux, Apache, MySQL, or - any other piece of software mentioned. There is no substitute for active - administration and monitoring of a machine. The key to good security is - actually right in the middle of the word: <emphasis>U R It</emphasis>. - </para> - - <para>While programmers in general always strive to write secure code, - accidents can and do happen. The best approach to security is to always - assume that the program you are working with isn't 100% secure and restrict - its access to other parts of your machine as much as possible. - </para> - - <section id="security-os"> - <title>Operating System</title> - - <section id="security-os-ports"> - <title>TCP/IP Ports</title> - - <!-- TODO: Get exact number of ports --> - <para>The TCP/IP standard defines more than 65,000 ports for sending - and receiving traffic. Of those, Bugzilla needs exactly one to operate - (different configurations and options may require up to 3). You should - audit your server and make sure that you aren't listening on any ports - you don't need to be. It's also highly recommended that the server - Bugzilla resides on, along with any other machines you administer, be - placed behind some kind of firewall. - </para> - - </section> - - <section id="security-os-accounts"> - <title>System User Accounts</title> - - <para>Many <glossterm linkend="gloss-daemon">daemons</glossterm>, such - as Apache's <filename>httpd</filename> or MySQL's - <filename>mysqld</filename>, run as either <quote>root</quote> or - <quote>nobody</quote>. This is even worse on Windows machines where the - majority of <glossterm linkend="gloss-service">services</glossterm> - run as <quote>SYSTEM</quote>. While running as <quote>root</quote> or - <quote>SYSTEM</quote> introduces obvious security concerns, the - problems introduced by running everything as <quote>nobody</quote> may - not be so obvious. Basically, if you run every daemon as - <quote>nobody</quote> and one of them gets compromised it can - compromise every other daemon running as <quote>nobody</quote> on your - machine. For this reason, it is recommended that you create a user - account for each daemon. - </para> - - <note> - <para>You will need to set the <option>webservergroup</option> option - in <filename>localconfig</filename> to the group your web server runs - as. This will allow <filename>./checksetup.pl</filename> to set file - permissions on Unix systems so that nothing is world-writable. - </para> - </note> - - </section> - - <section id="security-os-chroot"> - <title>The <filename>chroot</filename> Jail</title> - - <para> - If your system supports it, you may wish to consider running - Bugzilla inside of a <filename>chroot</filename> jail. This option - provides unprecedented security by restricting anything running - inside the jail from accessing any information outside of it. If you - wish to use this option, please consult the documentation that came - with your system. - </para> - - </section> - - </section> - - <section id="security-webserver"> - <title>Web server</title> - - <section id="security-webserver-access"> - <title>Disabling Remote Access to Bugzilla Configuration Files</title> - - <para> - There are many files that are placed in the Bugzilla directory - area that should not be accessible from the web server. Because of the way - Bugzilla is currently layed out, the list of what should and should not - be accessible is rather complicated. A quick way is to run - <filename>testserver.pl</filename> to check if your web server serves - Bugzilla files as expected. If not, you may want to follow the few - steps below. - </para> - - <tip> - <para>Bugzilla ships with the ability to create - <glossterm linkend="gloss-htaccess"><filename>.htaccess</filename></glossterm> - files that enforce these rules. Instructions for enabling these - directives in Apache can be found in <xref linkend="http-apache"/> - </para> - </tip> - - <itemizedlist spacing="compact"> - <listitem> - <para>In the main Bugzilla directory, you should:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block: - <simplelist type="inline"> - <member><filename>*.pl</filename></member> - <member><filename>*localconfig*</filename></member> - </simplelist> - </para> - </listitem> - </itemizedlist> - </listitem> - - <listitem> - <para>In <filename class="directory">data</filename>:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - </itemizedlist> - </listitem> - - <listitem> - <para>In <filename class="directory">data/webdot</filename>:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>If you use a remote webdot server:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - <listitem> - <para>But allow - <simplelist type="inline"> - <member><filename>*.dot</filename></member> - </simplelist> - only for the remote webdot server</para> - </listitem> - </itemizedlist> - </listitem> - <listitem> - <para>Otherwise, if you use a local GraphViz:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - <listitem> - <para>But allow: - <simplelist type="inline"> - <member><filename>*.png</filename></member> - <member><filename>*.gif</filename></member> - <member><filename>*.jpg</filename></member> - <member><filename>*.map</filename></member> - </simplelist> - </para> - </listitem> - </itemizedlist> - </listitem> - <listitem> - <para>And if you don't use any dot:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - </itemizedlist> - </listitem> - </itemizedlist> - </listitem> - - <listitem> - <para>In <filename class="directory">Bugzilla</filename>:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - </itemizedlist> - </listitem> - - <listitem> - <para>In <filename class="directory">template</filename>:</para> - <itemizedlist spacing="compact"> - <listitem> - <para>Block everything</para> - </listitem> - </itemizedlist> - </listitem> - </itemizedlist> - - <para>Be sure to test that data that should not be accessed remotely is - properly blocked. Of particular interest is the localconfig file which - contains your database password. Also, be aware that many editors - create temporary and backup files in the working directory and that - those should also not be accessible. For more information, see - <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=186383">bug 186383</ulink> - or - <ulink url="http://online.securityfocus.com/bid/6501">Bugtraq ID 6501</ulink>. - To test, simply run <filename>testserver.pl</filename>, as said above. - </para> - - <tip> - <para>Be sure to check <xref linkend="http"/> for instructions - specific to the web server you use. - </para> - </tip> - - </section> - - - </section> - - - <section id="security-bugzilla"> - <title>Bugzilla</title> - - <section id="security-bugzilla-charset"> - <title>Prevent users injecting malicious Javascript</title> - - <para>If you installed Bugzilla version 2.22 or later from scratch, - then the <emphasis>utf8</emphasis> parameter is switched on by default. - This makes Bugzilla explicitly set the character encoding, following - <ulink - url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">a - CERT advisory</ulink> recommending exactly this. - The following therefore does not apply to you; just keep - <emphasis>utf8</emphasis> turned on. - </para> - - <para>If you've upgraded from an older version, then it may be possible - for a Bugzilla user to take advantage of character set encoding - ambiguities to inject HTML into Bugzilla comments. - This could include malicious scripts. - This is because due to internationalization concerns, we are unable to - turn the <emphasis>utf8</emphasis> parameter on by default for upgraded - installations. - Turning it on manually will prevent this problem. - </para> - </section> - - </section> - -</chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: --> - diff --git a/docs/en/xml/troubleshooting.xml b/docs/en/xml/troubleshooting.xml deleted file mode 100644 index fff90a9e1..000000000 --- a/docs/en/xml/troubleshooting.xml +++ /dev/null @@ -1,277 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> --> - -<appendix id="troubleshooting"> -<title>Troubleshooting</title> - - <para>This section gives solutions to common Bugzilla installation - problems. If none of the section headings seems to match your - problem, read the general advice. - </para> - - <section id="general-advice"> - <title>General Advice</title> - <para>If you can't get <filename>checksetup.pl</filename> to run to - completion, it normally explains what's wrong and how to fix it. - If you can't work it out, or if it's being uncommunicative, post - the errors in the - <ulink url="news://news.mozilla.org/mozilla.support.bugzilla">mozilla.support.bugzilla</ulink> - newsgroup. - </para> - - <para>If you have made it all the way through - <xref linkend="installation"/> (Installation) and - <xref linkend="configuration"/> (Configuration) but accessing the Bugzilla - URL doesn't work, the first thing to do is to check your web server error - log. For Apache, this is often located at - <filename>/etc/logs/httpd/error_log</filename>. The error messages - you see may be self-explanatory enough to enable you to diagnose and - fix the problem. If not, see below for some commonly-encountered - errors. If that doesn't help, post the errors to the newsgroup. - </para> - - <para> - Bugzilla can also log all user-based errors (and many code-based errors) - that occur, without polluting the web server's error log. To enable - Bugzilla error logging, create a file that Bugzilla can write to, named - <filename>errorlog</filename>, in the Bugzilla <filename>data</filename> - directory. Errors will be logged as they occur, and will include the type - of the error, the IP address and username (if available) of the user who - triggered the error, and the values of all environment variables; if a - form was being submitted, the data in the form will also be included. - To disable error logging, delete or rename the - <filename>errorlog</filename> file. - </para> - </section> - - <section id="trbl-testserver"> - <title>The Apache web server is not serving Bugzilla pages</title> - <para>After you have run <command>checksetup.pl</command> twice, - run <command>testserver.pl http://yoursite.yourdomain/yoururl</command> - to confirm that your web server is configured properly for - Bugzilla. - </para> - <programlisting> -<prompt>bash$</prompt> ./testserver.pl http://landfill.bugzilla.org/bugzilla-tip -TEST-OK Webserver is running under group id in $webservergroup. -TEST-OK Got ant picture. -TEST-OK Webserver is executing CGIs. -TEST-OK Webserver is preventing fetch of http://landfill.bugzilla.org/bugzilla-tip/localconfig. -</programlisting> - </section> - - <section id="trbl-perlmodule"> - <title>I installed a Perl module, but - <filename>checksetup.pl</filename> claims it's not installed!</title> - - <para>This could be caused by one of two things:</para> - <orderedlist> - <listitem> - <para>You have two versions of Perl on your machine. You are installing - modules into one, and Bugzilla is using the other. Rerun the CPAN - commands (or manual compile) using the full path to Perl from the - top of <filename>checksetup.pl</filename>. This will make sure you - are installing the modules in the right place. - </para> - </listitem> - <listitem> - <para>The permissions on your library directories are set incorrectly. - They must, at the very least, be readable by the web server user or - group. It is recommended that they be world readable. - </para> - </listitem> - </orderedlist> - </section> - - <section id="trbl-dbdSponge"> - <title>DBD::Sponge::db prepare failed</title> - - <para>The following error message may appear due to a bug in DBD::mysql - (over which the Bugzilla team have no control): - </para> - -<programlisting><![CDATA[ DBD::Sponge::db prepare failed: Cannot determine NUM_OF_FIELDS at D:/Perl/site/lib/DBD/mysql.pm line 248. - SV = NULL(0x0) at 0x20fc444 - REFCNT = 1 - FLAGS = (PADBUSY,PADMY) -]]></programlisting> - - <para>To fix this, go to - <filename><path-to-perl>/lib/DBD/sponge.pm</filename> - in your Perl installation and replace - </para> - -<programlisting><![CDATA[ my $numFields; - if ($attribs->{'NUM_OF_FIELDS'}) { - $numFields = $attribs->{'NUM_OF_FIELDS'}; - } elsif ($attribs->{'NAME'}) { - $numFields = @{$attribs->{NAME}}; -]]></programlisting> - - <para>with</para> - -<programlisting><![CDATA[ my $numFields; - if ($attribs->{'NUM_OF_FIELDS'}) { - $numFields = $attribs->{'NUM_OF_FIELDS'}; - } elsif ($attribs->{'NAMES'}) { - $numFields = @{$attribs->{NAMES}}; -]]></programlisting> - - <para>(note the S added to NAME.)</para> - </section> - - <section id="paranoid-security"> - <title>cannot chdir(/var/spool/mqueue)</title> - - <para>If you are installing Bugzilla on SuSE Linux, or some other - distributions with <quote>paranoid</quote> security options, it is - possible that the checksetup.pl script may fail with the error: -<programlisting><![CDATA[cannot chdir(/var/spool/mqueue): Permission denied -]]></programlisting> - </para> - - <para>This is because your <filename>/var/spool/mqueue</filename> - directory has a mode of <computeroutput>drwx------</computeroutput>. - Type <command>chmod 755 <filename>/var/spool/mqueue</filename></command> - as root to fix this problem. This will allow any process running on your - machine the ability to <emphasis>read</emphasis> the - <filename>/var/spool/mqueue</filename> directory. - </para> - </section> - - <section id="trbl-relogin-everyone"> - <title>Everybody is constantly being forced to relogin</title> - - <para>The most-likely cause is that the <quote>cookiepath</quote> parameter - is not set correctly in the Bugzilla configuration. You can change this (if - you're a Bugzilla administrator) from the editparams.cgi page via the web interface. - </para> - - <para>The value of the cookiepath parameter should be the actual directory - containing your Bugzilla installation, <emphasis>as seen by the end-user's - web browser</emphasis>. Leading and trailing slashes are mandatory. You can - also set the cookiepath to any directory which is a parent of the Bugzilla - directory (such as '/', the root directory). But you can't put something - that isn't at least a partial match or it won't work. What you're actually - doing is restricting the end-user's browser to sending the cookies back only - to that directory. - </para> - - <para>How do you know if you want your specific Bugzilla directory or the - whole site? - </para> - - <para>If you have only one Bugzilla running on the server, and you don't - mind having other applications on the same server with it being able to see - the cookies (you might be doing this on purpose if you have other things on - your site that share authentication with Bugzilla), then you'll want to have - the cookiepath set to "/", or to a sufficiently-high enough directory that - all of the involved apps can see the cookies. - </para> - - <example id="trbl-relogin-everyone-share"> - <title>Examples of urlbase/cookiepath pairs for sharing login cookies</title> - - <blockquote> - <literallayout> - urlbase is <ulink url="http://bugzilla.mozilla.org/"/> - cookiepath is / - - urlbase is <ulink url="http://tools.mysite.tld/bugzilla/"/> - but you have http://tools.mysite.tld/someotherapp/ which shares - authentication with your Bugzilla - cookiepath is / - </literallayout> - </blockquote> - </example> - - <para>On the other hand, if you have more than one Bugzilla running on the - server (some people do - we do on landfill) then you need to have the - cookiepath restricted enough so that the different Bugzillas don't - confuse their cookies with one another. - </para> - - - <example id="trbl-relogin-everyone-restrict"> - <title>Examples of urlbase/cookiepath pairs to restrict the login cookie</title> - <blockquote> - <literallayout> - urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-tip/"/> - cookiepath is /bugzilla-tip/ - - urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-2.16-branch/"/> - cookiepath is /bugzilla-2.16-branch/ - </literallayout> - </blockquote> - </example> - - <para>If you had cookiepath set to <quote>/</quote> at any point in the - past and need to set it to something more restrictive - (i.e. <quote>/bugzilla/</quote>), you can safely do this without - requiring users to delete their Bugzilla-related cookies in their - browser (this is true starting with Bugzilla 2.18 and Bugzilla 2.16.5). - </para> - </section> - - <section id="trbl-index"> - <title><filename>index.cgi</filename> doesn't show up unless specified in the URL</title> - <para> - You probably need to set up your web server in such a way that it - will serve the index.cgi page as an index page. - </para> - <para> - If you are using Apache, you can do this by adding - <filename>index.cgi</filename> to the end of the - <computeroutput>DirectoryIndex</computeroutput> line - as mentioned in <xref linkend="http-apache"/>. - </para> - - </section> - - <section id="trbl-passwd-encryption"> - <title> - checksetup.pl reports "Client does not support authentication protocol - requested by server..." - </title> - - <para> - This error is occurring because you are using the new password - encryption that comes with MySQL 4.1, while your - <filename>DBD::mysql</filename> module was compiled against an - older version of MySQL. If you recompile <filename>DBD::mysql</filename> - against the current MySQL libraries (or just obtain a newer version - of this module) then the error may go away. - </para> - - <para> - If that does not fix the problem, or if you cannot recompile the - existing module (e.g. you're running Windows) and/or don't want to - replace it (e.g. you want to keep using a packaged version), then a - workaround is available from the MySQL docs: - <ulink url="http://dev.mysql.com/doc/mysql/en/Old_client.html"/> - </para> - - </section> - -</appendix> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: --> - - diff --git a/docs/en/xml/using.xml b/docs/en/xml/using.xml deleted file mode 100644 index 05b415021..000000000 --- a/docs/en/xml/using.xml +++ /dev/null @@ -1,2077 +0,0 @@ -<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> --> - -<chapter id="using"> - <title>Using Bugzilla</title> - - <section id="using-intro"> - <title>Introduction</title> - <para>This section contains information for end-users of Bugzilla. There - is a Bugzilla test installation, called - <ulink url="http://landfill.bugzilla.org/">Landfill</ulink>, which you are - welcome to play with (if it's up). However, not all of the Bugzilla - installations there will necessarily have all Bugzilla features enabled, - and different installations run different versions, so some things may not - quite work as this document describes.</para> - - <para> - Frequently Asked Questions (FAQ) are available and answered on - <ulink url="http://wiki.mozilla.org/Bugzilla:FAQ">wiki.mozilla.org</ulink>. - They may cover some questions you have which are left unanswered. - </para> - </section> - - <section id="myaccount"> - <title>Create a Bugzilla Account</title> - - <para>If you want to use Bugzilla, first you need to create an account. - Consult with the administrator responsible for your installation of - Bugzilla for the URL you should use to access it. If you're - test-driving Bugzilla, use this URL: - <ulink url="&landfillbase;"/>. - </para> - - <orderedlist> - <listitem> - <para> - On the home page <filename>index.cgi</filename>, click the - <quote>Open a new Bugzilla account</quote> link, or the - <quote>New Account</quote> link available in the footer of pages. - Now enter your email address, then click the <quote>Send</quote> - button. - </para> - - <note> - <para> - If none of these links is available, this means that the - administrator of the installation has disabled self-registration. - This means that only an administrator can create accounts - for other users. One reason could be that this installation is - private. - </para> - </note> - - <note> - <para> - Also, if only some users are allowed to create an account on - the installation, you may see these links but your registration - may fail if your email address doesn't match the ones accepted - by the installation. This is another way to restrict who can - access and edit bugs in this installation. - </para> - </note> - </listitem> - - <listitem> - <para> - Within moments, and if your registration is accepted, you should - receive an email to the address you provided, which contains your - login name (generally the same as the email address), and two URLs - with a token (a random string generated by the installation) to - confirm, respectively cancel, your registration. This is a way to - prevent users from abusing the generation of user accounts, for - instance by entering inexistent email addresses, or email addresses - which do not belong to them. - </para> - </listitem> - - <listitem> - <para> - By default, you have 3 days to confirm your registration. Past this - timeframe, the token is invalidated and the registration is - automatically canceled. You can also cancel this registration sooner - by using the appropriate URL in the email you got. - </para> - </listitem> - - <listitem> - <para> - If you confirm your registration, Bugzilla will ask you your real name - (optional, but recommended) and your password, which must be between - 3 and 16 characters long. - </para> - </listitem> - - <listitem> - <para> - Now all you need to do is to click the <quote>Log In</quote> - link in the footer at the bottom of the page in your browser, - enter your email address and password you just chose into the - login form, and click the <quote>Log in</quote> button. - </para> - </listitem> - </orderedlist> - - <para> - You are now logged in. Bugzilla uses cookies to remember you are - logged in so, unless you have cookies disabled or your IP address changes, - you should not have to log in again during your session. - </para> - </section> - - <section id="bug_page"> - <title>Anatomy of a Bug</title> - - <para>The core of Bugzilla is the screen which displays a particular - bug. It's a good place to explain some Bugzilla concepts. - <ulink - url="&landfillbase;show_bug.cgi?id=1"> - Bug 1 on Landfill</ulink> - - is a good example. Note that the labels for most fields are hyperlinks; - clicking them will take you to context-sensitive help on that - particular field. Fields marked * may not be present on every - installation of Bugzilla.</para> - - <orderedlist> - <listitem> - <para> - <emphasis>Product and Component</emphasis>: - Bugs are divided up by Product and Component, with a Product - having one or more Components in it. For example, - bugzilla.mozilla.org's "Bugzilla" Product is composed of several - Components: - <variablelist> - <varlistentry> - <term>Administration:</term> - <listitem> - <para> - Administration of a Bugzilla installation. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Bugzilla-General:</term> - <listitem> - <para> - Anything that doesn't fit in the other components, or spans - multiple components. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Creating/Changing Bugs:</term> - <listitem> - <para> - Creating, changing, and viewing bugs. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Documentation:</term> - <listitem> - <para> - The Bugzilla documentation, including The Bugzilla Guide. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Email:</term> - <listitem> - <para> - Anything to do with email sent by Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Installation:</term> - <listitem> - <para> - The installation process of Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Query/Buglist:</term> - <listitem> - <para> - Anything to do with searching for bugs and viewing the - buglists. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Reporting/Charting:</term> - <listitem> - <para> - Getting reports from Bugzilla. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>User Accounts:</term> - <listitem> - <para> - Anything about managing a user account from the user's perspective. - Saved queries, creating accounts, changing passwords, logging in, - etc. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>User Interface:</term> - <listitem> - <para> - General issues having to do with the user interface cosmetics (not - functionality) including cosmetic issues, HTML templates, - etc. - </para> - </listitem> - </varlistentry> - </variablelist> - </para> - </listitem> - - <listitem> - <para> - <emphasis>Status and Resolution:</emphasis> - - These define exactly what state the bug is in - from not even - being confirmed as a bug, through to being fixed and the fix - confirmed by Quality Assurance. The different possible values for - Status and Resolution on your installation should be documented in the - context-sensitive help for those items.</para> - </listitem> - - <listitem> - <para> - <emphasis>Assigned To:</emphasis> - The person responsible for fixing the bug.</para> - </listitem> - - <listitem> - <para> - <emphasis>*QA Contact:</emphasis> - The person responsible for quality assurance on this bug.</para> - </listitem> - - <listitem> - <para> - <emphasis>*URL:</emphasis> - A URL associated with the bug, if any.</para> - </listitem> - - <listitem> - <para> - <emphasis>Summary:</emphasis> - A one-sentence summary of the problem.</para> - </listitem> - - <listitem> - <para> - <emphasis>*Status Whiteboard:</emphasis> - (a.k.a. Whiteboard) A free-form text area for adding short notes - and tags to a bug.</para> - </listitem> - - <listitem> - <para> - <emphasis>*Keywords:</emphasis> - The administrator can define keywords which you can use to tag and - categorise bugs - e.g. The Mozilla Project has keywords like crash - and regression.</para> - </listitem> - - <listitem> - <para> - <emphasis>Platform and OS:</emphasis> - These indicate the computing environment where the bug was - found.</para> - </listitem> - - <listitem> - <para> - <emphasis>Version:</emphasis> - The "Version" field is usually used for versions of a product which - have been released, and is set to indicate which versions of a - Component have the particular problem the bug report is - about.</para> - </listitem> - - <listitem> - <para> - <emphasis>Priority:</emphasis> - The bug assignee uses this field to prioritize his or her bugs. - It's a good idea not to change this on other people's bugs.</para> - </listitem> - - <listitem> - <para> - <emphasis>Severity:</emphasis> - This indicates how severe the problem is - from blocker - ("application unusable") to trivial ("minor cosmetic issue"). You - can also use this field to indicate whether a bug is an enhancement - request.</para> - </listitem> - - <listitem> - <para> - <emphasis>*Target:</emphasis> - (a.k.a. Target Milestone) A future version by which the bug is to - be fixed. e.g. The Bugzilla Project's milestones for future - Bugzilla versions are 2.18, 2.20, 3.0, etc. Milestones are not - restricted to numbers, thought - you can use any text strings, such - as dates.</para> - </listitem> - - <listitem> - <para> - <emphasis>Reporter:</emphasis> - The person who filed the bug.</para> - </listitem> - - <listitem> - <para> - <emphasis>CC list:</emphasis> - A list of people who get mail when the bug changes.</para> - </listitem> - - <listitem> - <para> - <emphasis>*Time Tracking:</emphasis> - This form can be used for time tracking. - To use this feature, you have to be blessed group membership - specified by the <quote>timetrackinggroup</quote> parameter. - <variablelist> - <varlistentry> - <term>Orig. Est.:</term> - <listitem> - <para> - This field shows the original estimated time. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Current Est.:</term> - <listitem> - <para> - This field shows the current estimated time. - This number is calculated from <quote>Hours Worked</quote> - and <quote>Hours Left</quote>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Hours Worked:</term> - <listitem> - <para> - This field shows the number of hours worked. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Hours Left:</term> - <listitem> - <para> - This field shows the <quote>Current Est.</quote> - - <quote>Hours Worked</quote>. - This value + <quote>Hours Worked</quote> will become the - new Current Est. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>%Complete:</term> - <listitem> - <para> - This field shows what percentage of the task is complete. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Gain:</term> - <listitem> - <para> - This field shows the number of hours that the bug is ahead of the - <quote>Orig. Est.</quote>. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Deadline:</term> - <listitem> - <para> - This field shows the deadline for this bug. - </para> - </listitem> - </varlistentry> - </variablelist> - </para> - </listitem> - - <listitem> - <para> - <emphasis>Attachments:</emphasis> - You can attach files (e.g. testcases or patches) to bugs. If there - are any attachments, they are listed in this section. - </para> - </listitem> - - <listitem> - <para> - <emphasis>*Dependencies:</emphasis> - If this bug cannot be fixed unless other bugs are fixed (depends - on), or this bug stops other bugs being fixed (blocks), their - numbers are recorded here.</para> - </listitem> - - <listitem> - <para> - <emphasis>*Votes:</emphasis> - Whether this bug has any votes.</para> - </listitem> - - <listitem> - <para> - <emphasis>Additional Comments:</emphasis> - You can add your two cents to the bug discussion here, if you have - something worthwhile to say.</para> - </listitem> - </orderedlist> - </section> - - <section id="lifecycle"> - <title>Life Cycle of a Bug</title> - - <para> - The life cycle of a bug, also known as workflow, is customizable to match - the needs of your organization, see <xref linkend="bug_status_workflow"/>. - <xref linkend="lifecycle-image"/> contains a graphical representation of - the default workflow using the default bug statuses. If you wish to - customize this image for your site, the - <ulink url="../images/bzLifecycle.xml">diagram file</ulink> - is available in <ulink url="http://www.gnome.org/projects/dia">Dia's</ulink> - native XML format. - </para> - - <figure id="lifecycle-image"> - <title>Lifecycle of a Bugzilla Bug</title> - <mediaobject> - <imageobject> - <imagedata fileref="../images/bzLifecycle.png" scale="66" /> - </imageobject> - </mediaobject> - </figure> - </section> - - <section id="query"> - <title>Searching for Bugs</title> - - <para>The Bugzilla Search page is the interface where you can find - any bug report, comment, or patch currently in the Bugzilla system. You - can play with it here: - <ulink url="&landfillbase;query.cgi"/>.</para> - - <para>The Search page has controls for selecting different possible - values for all of the fields in a bug, as described above. For some - fields, multiple values can be selected. In those cases, Bugzilla - returns bugs where the content of the field matches any one of the selected - values. If none is selected, then the field can take any value.</para> - - <para> - After a search is run, you can save it as a Saved Search, which - will appear in the page footer. If you are in the group defined - by the "querysharegroup" parameter, you may share your queries - with other users, see <xref linkend="savedsearches"/> for more details. - </para> - - <section id="boolean"> - <title>Boolean Charts</title> - <para> - Highly advanced querying is done using Boolean Charts. - </para> - <para> - The boolean charts further restrict the set of results - returned by a query. It is possible to search for bugs - based on elaborate combinations of criteria. - </para> - <para> - The simplest boolean searches have only one term. These searches - permit the selected left <emphasis>field</emphasis> - to be compared using a - selectable <emphasis>operator</emphasis> to a - specified <emphasis>value.</emphasis> - Using the "And," "Or," and "Add Another Boolean Chart" buttons, - additional terms can be included in the query, further - altering the list of bugs returned by the query. - </para> - <para> - There are three fields in each row of a boolean search. - </para> - <itemizedlist> - <listitem> - <para> - <emphasis>Field:</emphasis> - the items being searched - </para> - </listitem> - <listitem> - <para> - <emphasis>Operator:</emphasis> - the comparison operator - </para> - </listitem> - <listitem> - <para> - <emphasis>Value:</emphasis> - the value to which the field is being compared - </para> - </listitem> - </itemizedlist> - <section id="pronouns"> - <title>Pronoun Substitution</title> - <para> - Sometimes, a query needs to compare a user-related field - (such as ReportedBy) with a role-specific user (such as the - user running the query or the user to whom each bug is assigned). - When the operator is either "equals" or "notequals", the value - can be "%reporter%", "%assignee%", "%qacontact%", or "%user%". - The user pronoun - refers to the user who is executing the query or, in the case - of whining reports, the user who will be the recipient - of the report. The reporter, assignee, and qacontact - pronouns refer to the corresponding fields in the bug. - </para> - <para> - Boolean charts also let you type a group name in any user-related - field if the operator is either "equals", "notequals" or "anyexact". - This will let you query for any member belonging (or not) to the - specified group. The group name must be entered following the - "%group.foo%" syntax, where "foo" is the group name. - So if you are looking for bugs reported by any user being in the - "editbugs" group, then you can type "%group.editbugs%". - </para> - </section> - <section id="negation"> - <title>Negation</title> - <para> - At first glance, negation seems redundant. Rather than - searching for - <blockquote> - <para> - NOT("summary" "contains the string" "foo"), - </para> - </blockquote> - one could search for - <blockquote> - <para> - ("summary" "does not contain the string" "foo"). - </para> - </blockquote> - However, the search - <blockquote> - <para> - ("CC" "does not contain the string" "@mozilla.org") - </para> - </blockquote> - would find every bug where anyone on the CC list did not contain - "@mozilla.org" while - <blockquote> - <para> - NOT("CC" "contains the string" "@mozilla.org") - </para> - </blockquote> - would find every bug where there was nobody on the CC list who - did contain the string. Similarly, the use of negation also permits - complex expressions to be built using terms OR'd together and then - negated. Negation permits queries such as - <blockquote> - <para> - NOT(("product" "equals" "update") OR - ("component" "equals" "Documentation")) - </para> - </blockquote> - to find bugs that are neither - in the update product or in the documentation component or - <blockquote> - <para> - NOT(("commenter" "equals" "%assignee%") OR - ("component" "equals" "Documentation")) - </para> - </blockquote> - to find non-documentation - bugs on which the assignee has never commented. - </para> - </section> - <section id="multiplecharts"> - <title>Multiple Charts</title> - <para> - The terms within a single row of a boolean chart are all - constraints on a single piece of data. If you are looking for - a bug that has two different people cc'd on it, then you need - to use two boolean charts. A search for - <blockquote> - <para> - ("cc" "contains the string" "foo@") AND - ("cc" "contains the string" "@mozilla.org") - </para> - </blockquote> - would return only bugs with "foo@mozilla.org" on the cc list. - If you wanted bugs where there is someone on the cc list - containing "foo@" and someone else containing "@mozilla.org", - then you would need two boolean charts. - <blockquote> - <para> - First chart: ("cc" "contains the string" "foo@") - </para> - <para> - Second chart: ("cc" "contains the string" "@mozilla.org") - </para> - </blockquote> - The bugs listed will be only the bugs where ALL the charts are true. - </para> - </section> - </section> - - <section id="quicksearch"> - <title>Quicksearch</title> - - <para> - Quicksearch is a single-text-box query tool which uses - metacharacters to indicate what is to be searched. For example, typing - "<literal>foo|bar</literal>" - into Quicksearch would search for "foo" or "bar" in the - summary and status whiteboard of a bug; adding - "<literal>:BazProduct</literal>" would - search only in that product. - You can use it to find a bug by its number or its alias, too. - </para> - - <para> - You'll find the Quicksearch box in Bugzilla's footer area. - On Bugzilla's front page, there is an additional - <ulink url="../../page.cgi?id=quicksearch.html">Help</ulink> - link which details how to use it. - </para> - </section> - <section id="casesensitivity"> - <title>Case Sensitivity in Searches</title> - <para> - Bugzilla queries are case-insensitive and accent-insensitive, when - used with either MySQL or Oracle databases. When using Bugzilla with - PostgreSQL, however, some queries are case-sensitive. This is due to - the way PostgreSQL handles case and accent sensitivity. - </para> - </section> - <section id="list"> - <title>Bug Lists</title> - - <para>If you run a search, a list of matching bugs will be returned. - </para> - - <para>The format of the list is configurable. For example, it can be - sorted by clicking the column headings. Other useful features can be - accessed using the links at the bottom of the list: - <variablelist> - <varlistentry> - <term>Long Format:</term> - <listitem> - <para> - this gives you a large page with a non-editable summary of the fields - of each bug. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>XML:</term> - <listitem> - <para> - get the buglist in the XML format. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>CSV:</term> - <listitem> - <para> - get the buglist as comma-separated values, for import into e.g. - a spreadsheet. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Feed:</term> - <listitem> - <para> - get the buglist as an Atom feed. Copy this link into your - favorite feed reader. If you are using Firefox, you can also - save the list as a live bookmark by clicking the live bookmark - icon in the status bar. To limit the number of bugs in the feed, - add a limit=n parameter to the URL. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>iCalendar:</term> - <listitem> - <para> - Get the buglist as an iCalendar file. Each bug is represented as a - to-do item in the imported calendar. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Change Columns:</term> - <listitem> - <para> - change the bug attributes which appear in the list. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Change several bugs at once:</term> - <listitem> - <para> - If your account is sufficiently empowered, and more than one bug - appear in the bug list, this link is displayed which lets you make - the same change to all the bugs in the list - for example, changing - their assignee. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Send mail to bug assignees:</term> - <listitem> - <para> - If more than one bug appear in the bug list and there are at least - two distinct bug assignees, this links is displayed which lets you - easily send a mail to the assignees of all bugs on the list. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Edit Search:</term> - <listitem> - <para> - If you didn't get exactly the results you were looking for, you can - return to the Query page through this link and make small revisions - to the query you just made so you get more accurate results. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Remember Search As:</term> - <listitem> - <para> - You can give a search a name and remember it; a link will appear - in your page footer giving you quick access to run it again later. - </para> - </listitem> - </varlistentry> - </variablelist> - </para> - </section> - - <section id="individual-buglists"> - <title>Adding/removing tags to/from bugs</title> - <para> - You can add and remove tags from individual bugs, which let you find and - manage bugs more easily. Tags are per-user and so are only visible and editable - by the user who created them. You can then run queries using tags as a criteria, - either by using the Advanced Search form, or simply by typing "tag:my_tag_name" - in the QuickSearch box at the top (or bottom) of the page. To enable this - feature, you have to turn on the <quote>Enable tags for bugs</quote> user - preference, see <xref linkend="userpreferences" />. This feature is disabled - by default. - </para> - - <para> - This feature is useful when you want to keep track of several bugs, but - for different reasons. Instead of adding yourself to the CC list of all - these bugs and mixing all these reasons, you can now store these bugs in - separate lists, e.g. <quote>Keep in mind</quote>, <quote>Interesting bugs</quote>, - or <quote>Triage</quote>. One big advantage of this way to manage bugs - is that you can easily add or remove tags from bugs one by one. - </para> - </section> - </section> - - <section id="bugreports"> - <title>Filing Bugs</title> - - <section id="fillingbugs"> - <title>Reporting a New Bug</title> - - <para>Years of bug writing experience has been distilled for your - reading pleasure into the - <ulink - url="&landfillbase;page.cgi?id=bug-writing.html"> - Bug Writing Guidelines</ulink>. - While some of the advice is Mozilla-specific, the basic principles of - reporting Reproducible, Specific bugs, isolating the Product you are - using, the Version of the Product, the Component which failed, the - Hardware Platform, and Operating System you were using at the time of - the failure go a long way toward ensuring accurate, responsible fixes - for the bug that bit you.</para> - - <para>The procedure for filing a bug is as follows:</para> - - <orderedlist> - <listitem> - <para> - Click the <quote>New</quote> link available in the footer - of pages, or the <quote>Enter a new bug report</quote> link - displayed on the home page of the Bugzilla installation. - </para> - - <note> - <para> - If you want to file a test bug to see how Bugzilla works, - you can do it on one of our test installations on - <ulink url="&landfillbase;">Landfill</ulink>. - </para> - </note> - </listitem> - - <listitem> - <para> - You first have to select the product in which you found a bug. - </para> - </listitem> - - <listitem> - <para> - You now see a form where you can specify the component (part of - the product which is affected by the bug you discovered; if you have - no idea, just select <quote>General</quote> if such a component exists), - the version of the program you were using, the Operating System and - platform your program is running on and the severity of the bug (if the - bug you found crashes the program, it's probably a major or a critical - bug; if it's a typo somewhere, that's something pretty minor; if it's - something you would like to see implemented, then that's an enhancement). - </para> - </listitem> - - <listitem> - <para> - You now have to give a short but descriptive summary of the bug you found. - <quote>My program is crashing all the time</quote> is a very poor summary - and doesn't help developers at all. Try something more meaningful or - your bug will probably be ignored due to a lack of precision. - The next step is to give a very detailed list of steps to reproduce - the problem you encountered. Try to limit these steps to a minimum set - required to reproduce the problem. This will make the life of - developers easier, and the probability that they consider your bug in - a reasonable timeframe will be much higher. - </para> - - <note> - <para> - Try to make sure that everything in the summary is also in the first - comment. Summaries are often updated and this will ensure your original - information is easily accessible. - </para> - </note> - </listitem> - - <listitem> - <para> - As you file the bug, you can also attach a document (testcase, patch, - or screenshot of the problem). - </para> - </listitem> - - <listitem> - <para> - Depending on the Bugzilla installation you are using and the product in - which you are filing the bug, you can also request developers to consider - your bug in different ways (such as requesting review for the patch you - just attached, requesting your bug to block the next release of the - product, and many other product specific requests). - </para> - </listitem> - - <listitem> - <para> - Now is a good time to read your bug report again. Remove all misspellings, - otherwise your bug may not be found by developers running queries for some - specific words, and so your bug would not get any attention. - Also make sure you didn't forget any important information developers - should know in order to reproduce the problem, and make sure your - description of the problem is explicit and clear enough. - When you think your bug report is ready to go, the last step is to - click the <quote>Commit</quote> button to add your report into the database. - </para> - </listitem> - </orderedlist> - - <para> - You do not need to put "any" or similar strings in the URL field. - If there is no specific URL associated with the bug, leave this - field blank. - </para> - - <para>If you feel a bug you filed was incorrectly marked as a - DUPLICATE of another, please question it in your bug, not - the bug it was duped to. Feel free to CC the person who duped it - if they are not already CCed. - </para> - </section> - - <section id="cloningbugs"> - <title>Clone an Existing Bug</title> - - <para> - Starting with version 2.20, Bugzilla has a feature that allows you - to clone an existing bug. The newly created bug will inherit - most settings from the old bug. This allows you to track more - easily similar concerns in a new bug. To use this, go to the bug - that you want to clone, then click the <quote>Clone This Bug</quote> - link on the bug page. This will take you to the <quote>Enter Bug</quote> - page that is filled with the values that the old bug has. - You can change those values and/or texts if needed. - </para> - </section> - - </section> - - <section id="attachments"> - <title>Attachments</title> - - <para> - You should use attachments, rather than comments, for large chunks of ASCII - data, such as trace, debugging output files, or log files. That way, it - doesn't bloat the bug for everyone who wants to read it, and cause people to - receive fat, useless mails. - </para> - - <para>You should make sure to trim screenshots. There's no need to show the - whole screen if you are pointing out a single-pixel problem. - </para> - - <para>Bugzilla stores and uses a Content-Type for each attachment - (e.g. text/html). To download an attachment as a different - Content-Type (e.g. application/xhtml+xml), you can override this - using a 'content_type' parameter on the URL, e.g. - <filename>&content_type=text/plain</filename>. - </para> - - <para> - Also, you can enter the URL pointing to the attachment instead of - uploading the attachment itself. For example, this is useful if you want to - point to an external application, a website or a very large file. Note that - there is no guarantee that the source file will always be available, nor - that its content will remain unchanged. - </para> - - <para> - Another way to attach data is to paste text directly in the text field, - and Bugzilla will convert it into an attachment. This is pretty useful - when you do copy and paste, and you don't want to put the text in a temporary - file first. - </para> - - <section id="patchviewer"> - <title>Patch Viewer</title> - - <para>Viewing and reviewing patches in Bugzilla is often difficult due to - lack of context, improper format and the inherent readability issues that - raw patches present. Patch Viewer is an enhancement to Bugzilla designed - to fix that by offering increased context, linking to sections, and - integrating with Bonsai, LXR and CVS.</para> - - <para>Patch viewer allows you to:</para> - - <simplelist> - <member>View patches in color, with side-by-side view rather than trying - to interpret the contents of the patch.</member> - <member>See the difference between two patches.</member> - <member>Get more context in a patch.</member> - <member>Collapse and expand sections of a patch for easy - reading.</member> - <member>Link to a particular section of a patch for discussion or - review</member> - <member>Go to Bonsai or LXR to see more context, blame, and - cross-references for the part of the patch you are looking at</member> - <member>Create a rawtext unified format diff out of any patch, no - matter what format it came from</member> - </simplelist> - - <section id="patchviewer_view"> - <title>Viewing Patches in Patch Viewer</title> - <para>The main way to view a patch in patch viewer is to click on the - "Diff" link next to a patch in the Attachments list on a bug. You may - also do this within the edit window by clicking the "View Attachment As - Diff" button in the Edit Attachment screen.</para> - </section> - - <section id="patchviewer_diff"> - <title>Seeing the Difference Between Two Patches</title> - <para>To see the difference between two patches, you must first view the - newer patch in Patch Viewer. Then select the older patch from the - dropdown at the top of the page ("Differences between [dropdown] and - this patch") and click the "Diff" button. This will show you what - is new or changed in the newer patch.</para> - </section> - - <section id="patchviewer_context"> - <title>Getting More Context in a Patch</title> - <para>To get more context in a patch, you put a number in the textbox at - the top of Patch Viewer ("Patch / File / [textbox]") and hit enter. - This will give you that many lines of context before and after each - change. Alternatively, you can click on the "File" link there and it - will show each change in the full context of the file. This feature only - works against files that were diffed using "cvs diff".</para> - </section> - - <section id="patchviewer_collapse"> - <title>Collapsing and Expanding Sections of a Patch</title> - <para>To view only a certain set of files in a patch (for example, if a - patch is absolutely huge and you want to only review part of it at a - time), you can click the "(+)" and "(-)" links next to each file (to - expand it or collapse it). If you want to collapse all files or expand - all files, you can click the "Collapse All" and "Expand All" links at the - top of the page.</para> - </section> - - <section id="patchviewer_link"> - <title>Linking to a Section of a Patch</title> - <para>To link to a section of a patch (for example, if you want to be - able to give someone a URL to show them which part you are talking - about) you simply click the "Link Here" link on the section header. The - resulting URL can be copied and used in discussion.</para> - </section> - - <section id="patchviewer_bonsai_lxr"> - <title>Going to Bonsai and LXR</title> - <para>To go to Bonsai to get blame for the lines you are interested in, - you can click the "Lines XX-YY" link on the section header you are - interested in. This works even if the patch is against an old - version of the file, since Bonsai stores all versions of the file.</para> - - <para>To go to LXR, you click on the filename on the file header - (unfortunately, since LXR only does the most recent version, line - numbers are likely to rot).</para> - </section> - - <section id="patchviewer_unified_diff"> - <title>Creating a Unified Diff</title> - <para>If the patch is not in a format that you like, you can turn it - into a unified diff format by clicking the "Raw Unified" link at the top - of the page.</para> - </section> - </section> - </section> - - <section id="hintsandtips"> - <title>Hints and Tips</title> - - <para>This section distills some Bugzilla tips and best practices - that have been developed.</para> - - <section> - <title>Autolinkification</title> - <para>Bugzilla comments are plain text - so typing <U> will - produce less-than, U, greater-than rather than underlined text. - However, Bugzilla will automatically make hyperlinks out of certain - sorts of text in comments. For example, the text - "http://www.bugzilla.org" will be turned into a link: - <ulink url="http://www.bugzilla.org"/>. - Other strings which get linkified in the obvious manner are: - <simplelist> - <member>bug 12345</member> - <member>comment 7</member> - <member>bug 23456, comment 53</member> - <member>attachment 4321</member> - <member>mailto:george@example.com</member> - <member>george@example.com</member> - <member>ftp://ftp.mozilla.org</member> - <member>Most other sorts of URL</member> - </simplelist> - </para> - - <para>A corollary here is that if you type a bug number in a comment, - you should put the word "bug" before it, so it gets autolinkified - for the convenience of others. - </para> - </section> - - <section id="commenting"> - <title>Comments</title> - - <para>If you are changing the fields on a bug, only comment if - either you have something pertinent to say, or Bugzilla requires it. - Otherwise, you may spam people unnecessarily with bug mail. - To take an example: a user can set up their account to filter out messages - where someone just adds themselves to the CC field of a bug - (which happens a lot.) If you come along, add yourself to the CC field, - and add a comment saying "Adding self to CC", then that person - gets a pointless piece of mail they would otherwise have avoided. - </para> - - <para> - Don't use sigs in comments. Signing your name ("Bill") is acceptable, - if you do it out of habit, but full mail/news-style - four line ASCII art creations are not. - </para> - </section> - - <section id="comment-wrapping"> - <title>Server-Side Comment Wrapping</title> - <para> - Bugzilla stores comments unwrapped and wraps them at display time. This - ensures proper wrapping in all browsers. Lines beginning with the ">" - character are assumed to be quotes, and are not wrapped. - </para> - </section> - - <section id="dependencytree"> - <title>Dependency Tree</title> - - <para> - On the <quote>Dependency tree</quote> page linked from each bug - page, you can see the dependency relationship from the bug as a - tree structure. - </para> - - <para> - You can change how much depth to show, and you can hide resolved bugs - from this page. You can also collaps/expand dependencies for - each bug on the tree view, using the [-]/[+] buttons that appear - before its summary. This option is not available for terminal - bugs in the tree (that don't have further dependencies). - </para> - </section> - </section> - - <section id="timetracking"> - <title>Time Tracking Information</title> - - <para> - Users who belong to the group specified by the <quote>timetrackinggroup</quote> - parameter have access to time-related fields. Developers can see - deadlines and estimated times to fix bugs, and can provide time spent - on these bugs. - </para> - - <para> - At any time, a summary of the time spent by developers on bugs is - accessible either from bug lists when clicking the <quote>Time Summary</quote> - button or from individual bugs when clicking the <quote>Summarize time</quote> - link in the time tracking table. The <filename>summarize_time.cgi</filename> - page lets you view this information either per developer or per bug, - and can be split on a month basis to have greater details on how time - is spent by developers. - </para> - - <para> - As soon as a bug is marked as RESOLVED, the remaining time expected - to fix the bug is set to zero. This lets QA people set it again for - their own usage, and it will be set to zero again when the bug will - be marked as CLOSED. - </para> - </section> - - <section id="userpreferences"> - <title>User Preferences</title> - - <para> - Once logged in, you can customize various aspects of - Bugzilla via the "Preferences" link in the page footer. - The preferences are split into five tabs:</para> - - <section id="generalpreferences" xreflabel="General Preferences"> - <title>General Preferences</title> - - <para> - This tab allows you to change several default settings of Bugzilla. - </para> - - <itemizedlist spacing="compact"> - <listitem> - <para> - Bugzilla's general appearance (skin) - select which skin to use. - Bugzilla supports adding custom skins. - </para> - </listitem> - <listitem> - <para> - Quote the associated comment when you click on its reply link - sets - the behavior of the comment "Reply" link. Options include quoting the - full comment, just reference the comment number, or turn the link off. - </para> - </listitem> - <listitem> - <para> - Language used in email - select which language email will be sent in, - from the list of available languages. - </para> - </listitem> - <listitem> - <para> - After changing a bug - This controls what page is displayed after - changes to a bug are submitted. The options include to show the bug - just modified, to show the next bug in your list, or to do nothing. - </para> - </listitem> - <listitem> - <para> - Enable tags for bugs - turn bug tagging on or off. - </para> - </listitem> - <listitem> - <para> - Zoom textareas large when in use (requires JavaScript) - enable or - disable the automatic expanding of text areas when text is being - entered into them. - </para> - </listitem> - <listitem> - <para> - Field separator character for CSV files - - Select between a comma and semi-colon for exported CSV bug lists. - </para> - </listitem> - <listitem> - <para> - Automatically add me to the CC list of bugs I change - set default - behavior of CC list. Options include "Always", "Never", and "Only - if I have no role on them". - </para> - </listitem> - <listitem> - <para> - When viewing a bug, show comments in this order - - controls the order of comments. Options include "Oldest - to Newest", "Newest to Oldest" and "Newest to Oldest, but keep the - bug description at the top". - </para> - </listitem> - <listitem> - <para> - Show a quip at the top of each bug list - controls - whether a quip will be shown on the Bug list page. - </para> - </listitem> - </itemizedlist> - </section> - - <section id="emailpreferences"> - <title>Email Preferences</title> - - <para> - This tab allows you to enable or disable email notification on - specific events. - </para> - - <para> - In general, users have almost complete control over how much (or - how little) email Bugzilla sends them. If you want to receive the - maximum amount of email possible, click the <quote>Enable All - Mail</quote> button. If you don't want to receive any email from - Bugzilla at all, click the <quote>Disable All Mail</quote> button. - </para> - - <note> - <para> - A Bugzilla administrator can stop a user from receiving - bugmail by clicking the <quote>Bugmail Disabled</quote> checkbox - when editing the user account. This is a drastic step - best taken only for disabled accounts, as it overrides - the user's individual mail preferences. - </para> - </note> - - <para> - There are two global options -- <quote>Email me when someone - asks me to set a flag</quote> and <quote>Email me when someone - sets a flag I asked for</quote>. These define how you want to - receive bugmail with regards to flags. Their use is quite - straightforward; enable the checkboxes if you want Bugzilla to - send you mail under either of the above conditions. - </para> - - <para> - If you'd like to set your bugmail to something besides - 'Completely ON' and 'Completely OFF', the - <quote>Field/recipient specific options</quote> table - allows you to do just that. The rows of the table - define events that can happen to a bug -- things like - attachments being added, new comments being made, the - priority changing, etc. The columns in the table define - your relationship with the bug: - </para> - - <itemizedlist spacing="compact"> - <listitem> - <para> - Reporter - Where you are the person who initially - reported the bug. Your name/account appears in the - <quote>Reporter:</quote> field. - </para> - </listitem> - <listitem> - <para> - Assignee - Where you are the person who has been - designated as the one responsible for the bug. Your - name/account appears in the <quote>Assigned To:</quote> - field of the bug. - </para> - </listitem> - <listitem> - <para> - QA Contact - You are one of the designated - QA Contacts for the bug. Your account appears in the - <quote>QA Contact:</quote> text-box of the bug. - </para> - </listitem> - <listitem> - <para> - CC - You are on the list CC List for the bug. - Your account appears in the <quote>CC:</quote> text box - of the bug. - </para> - </listitem> - <listitem> - <para> - Voter - You have placed one or more votes for the bug. - Your account appears only if someone clicks on the - <quote>Show votes for this bug</quote> link on the bug. - </para> - </listitem> - </itemizedlist> - - <note> - <para> - Some columns may not be visible for your installation, depending - on your site's configuration. - </para> - </note> - - <para> - To fine-tune your bugmail, decide the events for which you want - to receive bugmail; then decide if you want to receive it all - the time (enable the checkbox for every column), or only when - you have a certain relationship with a bug (enable the checkbox - only for those columns). For example: if you didn't want to - receive mail when someone added themselves to the CC list, you - could uncheck all the boxes in the <quote>CC Field Changes</quote> - line. As another example, if you never wanted to receive email - on bugs you reported unless the bug was resolved, you would - un-check all boxes in the <quote>Reporter</quote> column - except for the one on the <quote>The bug is resolved or - verified</quote> row. - </para> - - <note> - <para> - Bugzilla adds the <quote>X-Bugzilla-Reason</quote> header to - all bugmail it sends, describing the recipient's relationship - (AssignedTo, Reporter, QAContact, CC, or Voter) to the bug. - This header can be used to do further client-side filtering. - </para> - </note> - - <para> - Bugzilla has a feature called <quote>Users Watching</quote>. - When you enter one or more comma-delineated user accounts (usually email - addresses) into the text entry box, you will receive a copy of all the - bugmail those users are sent (security settings permitting). - This powerful functionality enables seamless transitions as developers - change projects or users go on holiday. - </para> - - <note> - <para> - The ability to watch other users may not be available in all - Bugzilla installations. If you don't see this feature, and feel - that you need it, speak to your administrator. - </para> - </note> - - <para> - Each user listed in the <quote>Users watching you</quote> field - has you listed in their <quote>Users to watch</quote> list - and can get bugmail according to your relationship to the bug and - their <quote>Field/recipient specific options</quote> setting. - </para> - - <para> - The <quote>Ignore Bugs</quote> section lets you specify a - comma-separated list of bugs from which you never want to get any - email notification of any kind. Removing a bug from this list will - re-enable email notification for this bug. This is especially useful - e.g. if you are the reporter of a very noisy bug which you are not - interested in anymore or if you are watching someone who is in such - a noisy bug. - </para> - </section> - - <section id="savedsearches" xreflabel="Saved Searches"> - <title>Saved Searches</title> - <para> - On this tab you can view and run any Saved Searches that you have - created, and also any Saved Searches that other members of the group - defined in the "querysharegroup" parameter have shared. - Saved Searches can be added to the page footer from this screen. - If somebody is sharing a Search with a group she or he is allowed to - <link linkend="groups">assign users to</link>, the sharer may opt to have - the Search show up in the footer of the group's direct members by default. - </para> - </section> - - <section id="accountpreferences" xreflabel="Name and Password"> - <title>Name and Password</title> - - <para>On this tab, you can change your basic account information, - including your password, email address and real name. For security - reasons, in order to change anything on this page you must type your - <emphasis>current</emphasis> password into the <quote>Password</quote> - field at the top of the page. - If you attempt to change your email address, a confirmation - email is sent to both the old and new addresses, with a link to use to - confirm the change. This helps to prevent account hijacking.</para> - </section> - - <section id="permissionsettings"> - <title>Permissions</title> - - <para> - This is a purely informative page which outlines your current - permissions on this installation of Bugzilla. - </para> - - <para> - A complete list of permissions is below. Only users with - <emphasis>editusers</emphasis> privileges can change the permissions - of other users. - </para> - - <variablelist> - <varlistentry> - <term> - admin - </term> - <listitem> - <para> - Indicates user is an Administrator. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - bz_canusewhineatothers - </term> - <listitem> - <para> - Indicates user can configure whine reports for other users. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - bz_canusewhines - </term> - <listitem> - <para> - Indicates user can configure whine reports for self. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - bz_quip_moderators - </term> - <listitem> - <para> - Indicates user can moderate quips. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - bz_sudoers - </term> - <listitem> - <para> - Indicates user can perform actions as other users. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - bz_sudo_protect - </term> - <listitem> - <para> - Indicates user can not be impersonated by other users. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - canconfirm - </term> - <listitem> - <para> - Indicates user can confirm a bug or mark it a duplicate. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - creategroups - </term> - <listitem> - <para> - Indicates user can create and destroy groups. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - editbugs - </term> - <listitem> - <para> - Indicates user can edit all bug fields. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - editclassifications - </term> - <listitem> - <para> - Indicates user can create, destroy, and edit classifications. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - editcomponents - </term> - <listitem> - <para> - Indicates user can create, destroy, and edit components. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - editkeywords - </term> - <listitem> - <para> - Indicates user can create, destroy, and edit keywords. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - editusers - </term> - <listitem> - <para> - Indicates user can edit or disable users. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - tweakparams - </term> - <listitem> - <para> - Indicates user can change Parameters. - </para> - </listitem> - </varlistentry> - - </variablelist> - - <note> - <para> - For more information on how permissions work in Bugzilla (i.e. who can - change what), see <xref linkend="cust-change-permissions"/>. - </para> - </note> - - </section> - </section> - - - <section id="reporting"> - <title>Reports and Charts</title> - - <para>As well as the standard buglist, Bugzilla has two more ways of - viewing sets of bugs. These are the reports (which give different - views of the current state of the database) and charts (which plot - the changes in particular sets of bugs over time.)</para> - - <section id="reports"> - <title>Reports</title> - - <para> - A report is a view of the current state of the bug database. - </para> - - <para> - You can run either an HTML-table-based report, or a graphical - line/pie/bar-chart-based one. The two have different pages to - define them, but are close cousins - once you've defined and - viewed a report, you can switch between any of the different - views of the data at will. - </para> - - <para> - Both report types are based on the idea of defining a set of bugs - using the standard search interface, and then choosing some - aspect of that set to plot on the horizontal and/or vertical axes. - You can also get a form of 3-dimensional report by choosing to have - multiple images or tables. - </para> - - <para> - So, for example, you could use the search form to choose "all - bugs in the WorldControl product", and then plot their severity - against their component to see which component had had the largest - number of bad bugs reported against it. - </para> - - <para> - Once you've defined your parameters and hit "Generate Report", - you can switch between HTML, CSV, Bar, Line and Pie. (Note: Pie - is only available if you didn't define a vertical axis, as pie - charts don't have one.) The other controls are fairly self-explanatory; - you can change the size of the image if you find text is overwriting - other text, or the bars are too thin to see. - </para> - - </section> - - <section id="charts"> - <title>Charts</title> - - <para> - A chart is a view of the state of the bug database over time. - </para> - - <para> - Bugzilla currently has two charting systems - Old Charts and New - Charts. Old Charts have been part of Bugzilla for a long time; they - chart each status and resolution for each product, and that's all. - They are deprecated, and going away soon - we won't say any more - about them. - New Charts are the future - they allow you to chart anything you - can define as a search. - </para> - - <note> - <para> - Both charting forms require the administrator to set up the - data-gathering script. If you can't see any charts, ask them whether - they have done so. - </para> - </note> - - <para> - An individual line on a chart is called a data set. - All data sets are organised into categories and subcategories. The - data sets that Bugzilla defines automatically use the Product name - as a Category and Component names as Subcategories, but there is no - need for you to follow that naming scheme with your own charts if - you don't want to. - </para> - - <para> - Data sets may be public or private. Everyone sees public data sets in - the list, but only their creator sees private data sets. Only - administrators can make data sets public. - No two data sets, even two private ones, can have the same set of - category, subcategory and name. So if you are creating private data - sets, one idea is to have the Category be your username. - </para> - - <section> - <title>Creating Charts</title> - - <para> - You create a chart by selecting a number of data sets from the - list, and pressing Add To List for each. In the List Of Data Sets - To Plot, you can define the label that data set will have in the - chart's legend, and also ask Bugzilla to Sum a number of data sets - (e.g. you could Sum data sets representing RESOLVED, VERIFIED and - CLOSED in a particular product to get a data set representing all - the resolved bugs in that product.) - </para> - - <para> - If you've erroneously added a data set to the list, select it - using the checkbox and click Remove. Once you add more than one - data set, a "Grand Total" line - automatically appears at the bottom of the list. If you don't want - this, simply remove it as you would remove any other line. - </para> - - <para> - You may also choose to plot only over a certain date range, and - to cumulate the results - that is, to plot each one using the - previous one as a baseline, so the top line gives a sum of all - the data sets. It's easier to try than to explain :-) - </para> - - <para> - Once a data set is in the list, one can also perform certain - actions on it. For example, one can edit the - data set's parameters (name, frequency etc.) if it's one you - created or if you are an administrator. - </para> - - <para> - Once you are happy, click Chart This List to see the chart. - </para> - - </section> - - <section id="charts-new-series"> - <title>Creating New Data Sets</title> - - <para> - You may also create new data sets of your own. To do this, - click the "create a new data set" link on the Create Chart page. - This takes you to a search-like interface where you can define - the search that Bugzilla will plot. At the bottom of the page, - you choose the category, sub-category and name of your new - data set. - </para> - - <para> - If you have sufficient permissions, you can make the data set public, - and reduce the frequency of data collection to less than the default - seven days. - </para> - </section> - - </section> - - </section> - - <section id="flags"> - <title>Flags</title> - - <para> - A flag is a kind of status that can be set on bugs or attachments - to indicate that the bugs/attachments are in a certain state. - Each installation can define its own set of flags that can be set - on bugs or attachments. - </para> - - <para> - If your installation has defined a flag, you can set or unset that flag, - and if your administrator has enabled requesting of flags, you can submit - a request for another user to set the flag. - </para> - - <para> - To set a flag, select either "+" or "-" from the drop-down menu next to - the name of the flag in the "Flags" list. The meaning of these values are - flag-specific and thus cannot be described in this documentation, - but by way of example, setting a flag named "review" to "+" may indicate - that the bug/attachment has passed review, while setting it to "-" - may indicate that the bug/attachment has failed review. - </para> - - <para> - To unset a flag, click its drop-down menu and select the blank value. - Note that marking an attachment as obsolete automatically cancels all - pending requests for the attachment. - </para> - - <para> - If your administrator has enabled requests for a flag, request a flag - by selecting "?" from the drop-down menu and then entering the username - of the user you want to set the flag in the text field next to the menu. - </para> - - <para> - A set flag appears in bug reports and on "edit attachment" pages with the - abbreviated username of the user who set the flag prepended to the - flag name. For example, if Jack sets a "review" flag to "+", it appears - as Jack: review [ + ] - </para> - - <para> - A requested flag appears with the user who requested the flag prepended - to the flag name and the user who has been requested to set the flag - appended to the flag name within parentheses. For example, if Jack - asks Jill for review, it appears as Jack: review [ ? ] (Jill). - </para> - - <para> - You can browse through open requests made of you and by you by selecting - 'My Requests' from the footer. You can also look at open requests limited - by other requesters, requestees, products, components, and flag names from - this page. Note that you can use '-' for requestee to specify flags with - 'no requestee' set. - </para> - </section> - - <section id="whining"> - <title>Whining</title> - - <para> - Whining is a feature in Bugzilla that can regularly annoy users at - specified times. Using this feature, users can execute saved searches - at specific times (i.e. the 15th of the month at midnight) or at - regular intervals (i.e. every 15 minutes on Sundays). The results of the - searches are sent to the user, either as a single email or as one email - per bug, along with some descriptive text. - </para> - - <warning> - <para> - Throughout this section it will be assumed that all users are members - of the bz_canusewhines group, membership in which is required in order - to use the Whining system. You can easily make all users members of - the bz_canusewhines group by setting the User RegExp to ".*" (without - the quotes). - </para> - - <para> - Also worth noting is the bz_canusewhineatothers group. Members of this - group can create whines for any user or group in Bugzilla using a - extended form of the whining interface. Features only available to - members of the bz_canusewhineatothers group will be noted in the - appropriate places. - </para> - </warning> - - <note> - <para> - For whining to work, a special Perl script must be executed at regular - intervals. More information on this is available in - <xref linkend="installation-whining"/>. - </para> - </note> - - <note> - <para> - This section does not cover the whineatnews.pl script. See - <xref linkend="installation-whining-cron"/> for more information on - The Whining Cron. - </para> - </note> - - <section id="whining-overview"> - <title>The Event</title> - - <para> - The whining system defines an "Event" as one or more queries being - executed at regular intervals, with the results of said queries (if - there are any) being emailed to the user. Events are created by - clicking on the "Add new event" button. - </para> - - <para> - Once a new event is created, the first thing to set is the "Email - subject line". The contents of this field will be used in the subject - line of every email generated by this event. In addition to setting a - subject, space is provided to enter some descriptive text that will be - included at the top of each message (to help you in understanding why - you received the email in the first place). - </para> - - <para> - The next step is to specify when the Event is to be run (the Schedule) - and what searches are to be performed (the Searches). - </para> - - </section> - - <section id="whining-schedule"> - <title>Whining Schedule</title> - - <para> - Each whining event is associated with zero or more schedules. A - schedule is used to specify when the query (specified below) is to be - run. A new event starts out with no schedules (which means it will - never run, as it is not scheduled to run). To add a schedule, press - the "Add a new schedule" button. - </para> - - <para> - Each schedule includes an interval, which you use to tell Bugzilla - when the event should be run. An event can be run on certain days of - the week, certain days of the month, during weekdays (defined as - Monday through Friday), or every day. - </para> - - <warning> - <para> - Be careful if you set your event to run on the 29th, 30th, or 31st of - the month, as your event may not run exactly when expected. If you - want your event to run on the last day of the month, select "Last day - of the month" as the interval. - </para> - </warning> - - <para> - Once you have specified the day(s) on which the event is to be run, you - should now specify the time at which the event is to be run. You can - have the event run at a certain hour on the specified day(s), or - every hour, half-hour, or quarter-hour on the specified day(s). - </para> - - <para> - If a single schedule does not execute an event as many times as you - would want, you can create another schedule for the same event. For - example, if you want to run an event on days whose numbers are - divisible by seven, you would need to add four schedules to the event, - setting the schedules to run on the 7th, 14th, 21st, and 28th (one day - per schedule) at whatever time (or times) you choose. - </para> - - <note> - <para> - If you are a member of the bz_canusewhineatothers group, then you - will be presented with another option: "Mail to". Using this you - can control who will receive the emails generated by this event. You - can choose to send the emails to a single user (identified by email - address) or a single group (identified by group name). To send to - multiple users or groups, create a new schedule for each additional - user/group. - </para> - </note> - </section> - - <section id="whining-query"> - <title>Whining Searches</title> - - <para> - Each whining event is associated with zero or more searches. A search - is any saved search to be run as part of the specified schedule (see - above). You start out without any searches associated with the event - (which means that the event will not run, as there will never be any - results to return). To add a search, press the "Include search" button. - </para> - - <para> - The first field to examine in your newly added search is the Sort field. - Searches are run, and results included, in the order specified by the - Sort field. Searches with smaller Sort values will run before searches - with bigger Sort values. - </para> - - <para> - The next field to examine is the Search field. This is where you - choose the actual search that is to be run. Instead of defining search - parameters here, you are asked to choose from the list of saved - searches (the same list that appears at the bottom of every Bugzilla - page). You are only allowed to choose from searches that you have - saved yourself (the default saved search, "My Bugs", is not a valid - choice). If you do not have any saved searches, you can take this - opportunity to create one (see <xref linkend="list"/>). - </para> - - <note> - <para> - When running queries, the whining system acts as if you are the user - executing the query. This means that the whining system will ignore - bugs that match your query, but that you can not access. - </para> - </note> - - <para> - Once you have chosen the saved search to be executed, give the query a - descriptive title. This title will appear in the email, above the - results of the query. If you choose "One message per bug", the query - title will appear at the top of each email that contains a bug matching - your query. - </para> - - <para> - Finally, decide if the results of the query should be sent in a single - email, or if each bug should appear in its own email. - </para> - - <warning> - <para> - Think carefully before checking the "One message per bug" box. If - you create a query that matches thousands of bugs, you will receive - thousands of emails! - </para> - </warning> - </section> - - <section> - <title>Saving Your Changes</title> - - <para> - Once you have defined at least one schedule, and created at least one - query, go ahead and "Update/Commit". This will save your Event and make - it available for immediate execution. - </para> - - <note> - <para> - If you ever feel like deleting your event, you may do so using the - "Remove Event" button in the upper-right corner of each Event. You - can also modify an existing event, so long as you "Update/Commit" - after completing your modifications. - </para> - </note> - </section> - - </section> - -</chapter> - -<!-- Keep this comment at the end of the file -Local variables: -mode: sgml -sgml-always-quote-attributes:t -sgml-auto-insert-required-elements:t -sgml-balanced-tag-edit:t -sgml-exposed-tags:nil -sgml-general-insert-case:lower -sgml-indent-data:t -sgml-indent-step:2 -sgml-local-catalogs:nil -sgml-local-ecat-files:nil -sgml-minimize-attributes:nil -sgml-namecase-general:t -sgml-omittag:t -sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") -sgml-shorttag:t -sgml-tag-region-if-active:t -End: ---> - |