diff options
4 files changed, 63 insertions, 44 deletions
diff --git a/extensions/ProductDashboard/Extension.pm b/extensions/ProductDashboard/Extension.pm index 3b7693882..3569a13c8 100644 --- a/extensions/ProductDashboard/Extension.pm +++ b/extensions/ProductDashboard/Extension.pm @@ -53,20 +53,17 @@ sub _page_dashboard { -expires => "Fri, 01-Jan-1970 00:00:00 GMT"); # If the user cannot enter bugs in any product, stop here. - my @enterable_products = @{$user->get_enterable_products}; - ThrowUserError('no_products') unless scalar(@enterable_products); - - my $classification = Bugzilla->params->{'useclassification'} ? - $input->{'classification'} : '__all'; + scalar @{$user->get_selectable_products} + || ThrowUserError('no_products'); # Create data structures representing each classification - my @classifications = (); + my @classifications = (); foreach my $c (@{$user->get_selectable_classifications}) { # Create hash to hold attributes for each classification. - my %classification = ( - 'name' => $c->name, + my %classification = ( + 'name' => $c->name, 'products' => [ @{$user->get_selectable_products($c->id)} ] - ); + ); # Assign hash back to classification array. push @classifications, \%classification; } @@ -86,7 +83,7 @@ sub _page_dashboard { # We need to check and make sure that the user has permission # to enter a bug against this product. - if (!$user->can_enter_product($product ? $product->name : $product_name)) { + if (!$product || !$user->can_enter_product($product->name)) { return; } diff --git a/extensions/ProductDashboard/lib/Queries.pm b/extensions/ProductDashboard/lib/Queries.pm index 63362f5bf..9c3d91539 100644 --- a/extensions/ProductDashboard/lib/Queries.pm +++ b/extensions/ProductDashboard/lib/Queries.pm @@ -37,7 +37,8 @@ use Bugzilla::Component; use Bugzilla::Version; use Bugzilla::Milestone; -use Bugzilla::Extension::ProductDashboard::Util qw(open_states closed_states); +use Bugzilla::Extension::ProductDashboard::Util qw(open_states closed_states + quoted_open_states quoted_closed_states); sub total_bugs { my $product = shift; @@ -55,7 +56,7 @@ sub total_open_bugs { return $dbh->selectrow_array("SELECT COUNT(bug_id) FROM bugs - WHERE bug_status IN (" . open_states() . ") + WHERE bug_status IN (" . join(',', quoted_open_states()) . ") AND product_id = ?", undef, $product->id); } @@ -92,8 +93,8 @@ sub by_version { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT version, COUNT(bug_id) FROM bugs @@ -108,8 +109,8 @@ sub by_milestone { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT target_milestone, COUNT(bug_id) FROM bugs @@ -124,8 +125,8 @@ sub by_priority { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT priority, COUNT(bug_id) FROM bugs @@ -140,8 +141,8 @@ sub by_severity { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT bug_severity, COUNT(bug_id) FROM bugs @@ -156,8 +157,8 @@ sub by_component { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT components.name, COUNT(bugs.bug_id) FROM bugs INNER JOIN components ON bugs.component_id = components.id @@ -195,8 +196,8 @@ sub by_value_summary { $query .= "AND bugs.target_milestone = ? " if $type eq 'target_milestone'; } - $query .= "AND bugs.bug_status IN (" . open_states() . ") " if $bug_status eq 'open'; - $query .= "AND bugs.bug_status IN (" . closed_states() . ") " if $bug_status eq 'closed'; + $query .= "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ") " if $bug_status eq 'open'; + $query .= "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ") " if $bug_status eq 'closed'; trick_taint($value); @@ -226,8 +227,8 @@ sub by_assignee { $limit = detaint_natural($limit) ? $dbh->sql_limit($limit) : ""; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; my @result = map { [ Bugzilla::User->new($_->[0]), $_->[1] ] } @{$dbh->selectall_arrayref("SELECT bugs.assigned_to AS userid, COUNT(bugs.bug_id) @@ -247,8 +248,8 @@ sub by_status { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectall_arrayref("SELECT bugs.bug_status, COUNT(bugs.bug_id) FROM bugs @@ -277,8 +278,8 @@ sub bug_milestone_by_status { my $dbh = Bugzilla->dbh; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; return $dbh->selectrow_array("SELECT COUNT(bug_id) FROM bugs @@ -296,8 +297,8 @@ sub by_duplicate { $limit = detaint_natural($limit) ? $dbh->sql_limit($limit) : ""; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; my $unfiltered_bugs = $dbh->selectall_arrayref("SELECT bugs.bug_id AS id, bugs.bug_status AS status, @@ -326,8 +327,8 @@ sub by_popularity { $limit = detaint_natural($limit) ? $dbh->sql_limit($limit) : ""; my $extra; - $extra = "AND bugs.bug_status IN (" . open_states() . ")" if $bug_status eq 'open'; - $extra = "AND bugs.bug_status IN (" . closed_states() . ")" if $bug_status eq 'closed'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ")" if $bug_status eq 'open'; + $extra = "AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ")" if $bug_status eq 'closed'; my $unfiltered_bugs = $dbh->selectall_arrayref("SELECT bugs.bug_id AS id, bugs.bug_status AS status, @@ -371,7 +372,7 @@ sub recently_opened { || ThrowUserError('illegal_date', { date => $date_to, format => 'YYYY-MM-DD' }); $date_part = "AND bugs.creation_ts >= ? AND bugs.creation_ts <= ?"; - push(@values, $date_from, $date_to); + push(@values, trick_taint($date_from), trick_taint($date_to)); } else { $date_part = "AND bugs.creation_ts >= NOW() - " . $dbh->sql_to_days('?'); @@ -387,7 +388,7 @@ sub recently_opened { FROM bugs, components WHERE bugs.product_id = ? AND bugs.component_id = components.id - AND bugs.bug_status IN (" . open_states() . ") + AND bugs.bug_status IN (" . join(',', quoted_open_states()) . ") $date_part ORDER BY bugs.bug_id DESC $limit", {'Slice' => {}}, @values); @@ -419,7 +420,7 @@ sub recently_closed { || ThrowUserError('illegal_date', { date => $date_to, format => 'YYYY-MM-DD' }); $date_part = "AND bugs.creation_ts >= ? AND bugs.creation_ts <= ?"; - push(@values, $date_from, $date_to); + push(@values, trick_taint($date_from), trick_taint($date_to)); } else { $date_part = "AND bugs.creation_ts >= NOW() - " . $dbh->sql_to_days('?'); @@ -435,9 +436,9 @@ sub recently_closed { FROM bugs, components, bugs_activity WHERE bugs.product_id = ? AND bugs.component_id = components.id - AND bugs.bug_status IN (" . closed_states() . ") + AND bugs.bug_status IN (" . join(',', quoted_closed_states()) . ") AND bugs.bug_id = bugs_activity.bug_id - AND bugs_activity.added IN (" . closed_states() . ") + AND bugs_activity.added IN (" . join(',', quoted_closed_states()) . ") $date_part ORDER BY bugs.bug_id DESC $limit", {'Slice' => {}}, @values); diff --git a/extensions/ProductDashboard/lib/Util.pm b/extensions/ProductDashboard/lib/Util.pm index ad46ef8f6..d83ddf187 100644 --- a/extensions/ProductDashboard/lib/Util.pm +++ b/extensions/ProductDashboard/lib/Util.pm @@ -13,8 +13,10 @@ use base qw(Exporter); bug_link_all bug_link_open bug_link_closed - open_states + open_states closed_states + quoted_open_states + quoted_closed_states filter_bugs bug_milestone_link_total bug_milestone_link_open @@ -24,14 +26,32 @@ use base qw(Exporter); use Bugzilla::Status; use Bugzilla::Util; +use Bugzilla::Status; + +our $_open_states; sub open_states { + $_open_states ||= Bugzilla::Status->match({ is_open => 1, isactive => 1 }); + return wantarray ? @$_open_states : $_open_states; +} + +our $_quoted_open_states; +sub quoted_open_states { my $dbh = Bugzilla->dbh; - return join(",", map { $dbh->quote($_) } BUG_STATE_OPEN); + $_quoted_open_states ||= [ map { $dbh->quote($_->name) } open_states() ]; + return wantarray ? @$_quoted_open_states : $_quoted_open_states; } +our $_closed_states; sub closed_states { + $_closed_states ||= Bugzilla::Status->match({ is_open => 0, isactive => 1 }); + return wantarray ? @$_closed_states : $_closed_states; +} + +our $_quoted_closed_states; +sub quoted_closed_states { my $dbh = Bugzilla->dbh; - return join(",", map { $dbh->quote($_->name) } closed_bug_statuses()); + $_quoted_closed_states ||= [ map { $dbh->quote($_->name) } closed_states() ]; + return wantarray ? @$_quoted_closed_states : $_quoted_closed_states; } sub bug_link_all { diff --git a/extensions/ProductDashboard/template/en/default/pages/productdashboard.html.tmpl b/extensions/ProductDashboard/template/en/default/pages/productdashboard.html.tmpl index a319060d1..e74e8040c 100644 --- a/extensions/ProductDashboard/template/en/default/pages/productdashboard.html.tmpl +++ b/extensions/ProductDashboard/template/en/default/pages/productdashboard.html.tmpl @@ -101,7 +101,7 @@ [% IF summary.keys %] <input type="hidden" name="[% summary.type FILTER html %]" value="[% summary.value FILTER html %]"> [% END %] - + [% IF product %] <span id="product_dashboard_links"> <ul> @@ -113,7 +113,7 @@ </span> [% END %] - <h3>Product: [% product.name FILTER html %]</h3> + <strong>Choose product:</strong> <select name="product"> [% FOREACH c = classifications %] <optgroup label="[% c.name FILTER html %]"> @@ -139,6 +139,7 @@ <input type="submit" value="[% IF product %]Change[% ELSE %]Submit[% END %]"> [% IF product %] + <h2>[% product.name FILTER html %]</h2> <p><i>[% product.description FILTER none %]</i></p> |