diff options
| -rw-r--r-- | Bugzilla/Auth/Login/Stack.pm | 10 | ||||
| -rw-r--r-- | Bugzilla/Util.pm | 55 | ||||
| -rwxr-xr-x | attachment.cgi | 33 | ||||
| -rwxr-xr-x | describecomponents.cgi | 2 | ||||
| -rw-r--r-- | t/007util.t | 17 | ||||
| -rw-r--r-- | template/en/default/attachment/cancel-create-dupe.html.tmpl | 48 | ||||
| -rw-r--r-- | template/en/default/list/list.html.tmpl | 9 |
7 files changed, 67 insertions, 107 deletions
diff --git a/Bugzilla/Auth/Login/Stack.pm b/Bugzilla/Auth/Login/Stack.pm index 0f3661954..e8d9c4635 100644 --- a/Bugzilla/Auth/Login/Stack.pm +++ b/Bugzilla/Auth/Login/Stack.pm @@ -28,6 +28,7 @@ use fields qw( ); use Hash::Util qw(lock_keys); use Bugzilla::Hook; +use Bugzilla::Constants; use List::MoreUtils qw(any); sub new { @@ -60,8 +61,13 @@ sub get_login_info { } $result = $object->get_login_info(@_); $self->{successful} = $object; - last if !$result->{failure}; - # So that if none of them succeed, it's undef. + + # We only carry on down the stack if this method denied all knowledge. + last unless ($result->{failure} + && ($result->{failure} eq AUTH_NODATA + || $result->{failure} eq AUTH_NO_SUCH_USER)); + + # If none of the methods succeed, it's undef. $self->{successful} = undef; } return $result; diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index ac6848bfa..4c268552b 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -308,36 +308,39 @@ sub use_attachbase { sub diff_arrays { my ($old_ref, $new_ref, $attrib) = @_; - - my @old = @$old_ref; - my @new = @$new_ref; $attrib ||= 'name'; - # For each pair of (old, new) entries: - # If object arrays were passed then an attribute should be defined; - # If they're equal, set them to empty. When done, @old contains entries - # that were removed; @new contains ones that got added. - foreach my $oldv (@old) { - foreach my $newv (@new) { - next if ($newv eq '' or $oldv eq ''); - if (blessed($oldv) and blessed($newv)) { - if ($oldv->$attrib eq $newv->$attrib) { - $newv = $oldv = ''; - } - } - else { - if ($oldv eq $newv) { - $newv = $oldv = '' - } - } - } + my (%counts, %pos); + # We are going to alter the old array. + my @old = @$old_ref; + my $i = 0; + + # $counts{foo}-- means old, $counts{foo}++ means new. + # If $counts{foo} becomes positive, then we are adding new items, + # else we simply cancel one old existing item. Remaining items + # in the old list have been removed. + foreach (@old) { + next unless defined $_; + my $value = blessed($_) ? $_->$attrib : $_; + $counts{$value}--; + push @{$pos{$value}}, $i++; } - - my @removed; my @added; - @removed = grep { $_ ne '' } @old; - @added = grep { $_ ne '' } @new; - + foreach (@$new_ref) { + next unless defined $_; + my $value = blessed($_) ? $_->$attrib : $_; + if (++$counts{$value} > 0) { + # Ignore empty strings, but objects having an empty string + # as attribute are fine. + push(@added, $_) unless ($value eq '' && !blessed($_)); + } + else { + my $old_pos = shift @{$pos{$value}}; + $old[$old_pos] = undef; + } + } + # Ignore canceled items as well as empty strings. + my @removed = grep { defined $_ && $_ ne '' } @old; return (\@removed, \@added); } diff --git a/attachment.cgi b/attachment.cgi index 9fec1b2bd..a028bc8b0 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -508,7 +508,7 @@ sub enter { $vars->{'flag_types'} = $flag_types; $vars->{'any_flags_requesteeble'} = grep { $_->is_requestable && $_->is_requesteeble } @$flag_types; - $vars->{'token'} = issue_session_token('create_attachment:'); + $vars->{'token'} = issue_session_token('create_attachment'); print $cgi->header(); @@ -531,27 +531,7 @@ sub insert { # Detect if the user already used the same form to submit an attachment my $token = trim($cgi->param('token')); - if ($token) { - my ($creator_id, $date, $old_attach_id) = Bugzilla::Token::GetTokenData($token); - unless ($creator_id - && ($creator_id == $user->id) - && ($old_attach_id =~ "^create_attachment:")) - { - # The token is invalid. - ThrowUserError('token_does_not_exist'); - } - - $old_attach_id =~ s/^create_attachment://; - - if ($old_attach_id) { - $vars->{'bugid'} = $bugid; - $vars->{'attachid'} = $old_attach_id; - print $cgi->header(); - $template->process("attachment/cancel-create-dupe.html.tmpl", $vars) - || ThrowTemplateError($template->error()); - exit; - } - } + check_token_data($token, 'create_attachment', 'index.cgi'); # Check attachments the user tries to mark as obsolete. my @obsolete_attachments; @@ -577,6 +557,9 @@ sub insert { mimetype => $content_type, }); + # Delete the token used to create this attachment. + delete_token($token); + foreach my $obsolete_attachment (@obsolete_attachments) { $obsolete_attachment->set_is_obsolete(1); $obsolete_attachment->update($timestamp); @@ -614,12 +597,6 @@ sub insert { } $bug->update($timestamp); - if ($token) { - trick_taint($token); - $dbh->do('UPDATE tokens SET eventdata = ? WHERE token = ?', undef, - ("create_attachment:" . $attachment->id, $token)); - } - $dbh->bz_commit_transaction; # Define the variables and functions that will be passed to the UI template. diff --git a/describecomponents.cgi b/describecomponents.cgi index 744501bbd..ee1361284 100755 --- a/describecomponents.cgi +++ b/describecomponents.cgi @@ -46,7 +46,7 @@ my $product = new Bugzilla::Product({'name' => $product_name}); unless ($product && $user->can_access_product($product->name)) { # Products which the user is allowed to see. - my @products = @{$user->get_enterable_products}; + my @products = @{$user->get_accessible_products}; if (scalar(@products) == 0) { ThrowUserError("no_products"); diff --git a/t/007util.t b/t/007util.t index 742c2b2d2..b32a1b90c 100644 --- a/t/007util.t +++ b/t/007util.t @@ -18,7 +18,7 @@ # # Contributor(s): Zach Lipton <zach@zachlipton.com> # Max Kanat-Alexander <mkanat@bugzilla.org> - +# Frédéric Buclin <LpSolit@gmail.com> ################# #Bugzilla Test 7# @@ -26,7 +26,7 @@ use lib 't'; use Support::Files; -use Test::More tests => 13; +use Test::More tests => 15; BEGIN { use_ok(Bugzilla); @@ -72,3 +72,16 @@ foreach my $input (keys %email_strings) { is(Bugzilla::Util::email_filter($input), $email_strings{$input}, "email_filter('$input')"); } + +# diff_arrays(): +my @old_array = qw(alpha beta alpha gamma gamma beta alpha delta epsilon gamma); +my @new_array = qw(alpha alpha beta gamma epsilon delta beta delta); +# The order is not relevant when comparing both arrays for matching items, +# i.e. (foo bar) and (bar foo) are the same arrays (same items). +# But when returning data, we try to respect the initial order. +# We remove the leftmost items first, and return what's left. This means: +# Removed (in this order): gamma alpha gamma. +# Added (in this order): delta +my ($removed, $added) = diff_arrays(\@old_array, \@new_array); +is_deeply($removed, [qw(gamma alpha gamma)], 'diff_array(\@old, \@new) (check removal)'); +is_deeply($added, [qw(delta)], 'diff_array(\@old, \@new) (check addition)'); diff --git a/template/en/default/attachment/cancel-create-dupe.html.tmpl b/template/en/default/attachment/cancel-create-dupe.html.tmpl deleted file mode 100644 index 643a24ad8..000000000 --- a/template/en/default/attachment/cancel-create-dupe.html.tmpl +++ /dev/null @@ -1,48 +0,0 @@ -[%# The contents of this file are subject to the Mozilla Public - # License Version 1.1 (the "License"); you may not use this file - # except in compliance with the License. You may obtain a copy of - # the License at http://www.mozilla.org/MPL/ - # - # Software distributed under the License is distributed on an "AS - # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - # implied. See the License for the specific language governing - # rights and limitations under the License. - # - # The Original Code is the Bugzilla Bug Tracking System. - # - # The Initial Developer of the Original Code is Olav Vitters. - # - # Contributor(s): Olav Vitters <olav@bkor.dhs.org> - # David Lawrence <dkl@redhat.com> - #%] - -[%# INTERFACE: - # bugid: integer. ID of the bug report that this attachment relates to. - # attachid: integer. ID of the previous attachment recently created. - #%] - -[% PROCESS "global/field-descs.none.tmpl" %] - -[% PROCESS global/header.html.tmpl - title = "Already filed attachment" -%] - -[% USE Bugzilla %] - -<table cellpadding="20"> - <tr> - <td bgcolor="#ff0000"> - <font size="+2"> - You already used the form to file - <a href="[% urlbase FILTER html %]attachment.cgi?id=[% attachid FILTER uri %]&action=edit">attachment [% attachid FILTER uri %]</a>. - </font> - </td> - </tr> -</table> - -<p> - You can either <a href="[% urlbase FILTER html %]attachment.cgi?bugid=[% bugid FILTER uri %]&action=enter"> - create a new attachment</a> or [% "go back to $terms.bug $bugid" FILTER bug_link(bugid) FILTER none %]. -<p> - -[% PROCESS global/footer.html.tmpl %] diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl index 982695f35..97e6c0077 100644 --- a/template/en/default/list/list.html.tmpl +++ b/template/en/default/list/list.html.tmpl @@ -188,6 +188,14 @@ <input type="hidden" name="id" value="[% buglist_joined FILTER html %]"> <input type="submit" id="timesummary" value="Time Summary"> </form> + [% IF time_summary_limited %] + <small> + Time Summary will only include the [% terms.bugs %] shown above. In order to + to see a time summary for all [% terms.bugs %] found by the search, you can + <a href="buglist.cgi?[% urlquerypart FILTER html %] + [%- "&order=$qorder" FILTER html IF order %]&limit=0"> + Show all search results</a>.</small> + [% END %] [% END %] </td> @@ -297,6 +305,7 @@ <a href="buglist.cgi?[% urlquerypart FILTER html %] [%- "&order=$qorder" FILTER html IF order %]&limit=0">See all search results for this query</a>. + [% time_summary_limited = 1 %] [% ELSIF bugs.size == 1 %] One [% terms.bug %] found. [% ELSE %] |