diff options
-rw-r--r-- | bug_form.pl | 19 | ||||
-rwxr-xr-x | describecomponents.cgi | 177 | ||||
-rwxr-xr-x | enter_bug.cgi | 29 | ||||
-rw-r--r-- | globals.pl | 14 | ||||
-rw-r--r-- | template/default/info/describe-components.tmpl | 86 |
5 files changed, 197 insertions, 128 deletions
diff --git a/bug_form.pl b/bug_form.pl index edf6fdfe8..6d52011c7 100644 --- a/bug_form.pl +++ b/bug_form.pl @@ -38,6 +38,7 @@ sub bug_form_pl_sillyness { $zz = %::proddesc; $zz = %::prodmaxvotes; $zz = %::versions; + $zz = @::enterable_products; $zz = @::legal_keywords; $zz = @::legal_opsys; $zz = @::legal_platform; @@ -156,20 +157,17 @@ if (defined $URL && $URL ne "none" && $URL ne "NULL" && $URL ne "") { # my (@prodlist, $product_popup); -foreach my $p (sort(keys %::versions)) { +my $seen_currProd = 0; + +foreach my $p (@::enterable_products) { if ($p eq $bug{'product'}) { # if it's the product the bug is already in, it's ALWAYS in # the popup, period, whether the user can see it or not, and # regardless of the disallownew setting. + $seen_currProd = 1; push(@prodlist, $p); next; } - if (defined $::proddesc{$p} && $::proddesc{$p} eq '0') { - # Special hack. If we stuffed a "0" into proddesc, that means - # that disallownew was set for this bug, and so we don't want - # to allow people to specify that product here. - next; - } if(Param("usebuggroupsentry") && GroupExists($p) && !UserInGroup($p)) @@ -182,6 +180,13 @@ foreach my $p (sort(keys %::versions)) { push(@prodlist, $p); } +# The current product is part of the popup, even if new bugs are no longer +# allowed for that product +if (!$seen_currProd) { + push (@prodlist, $bug{'product'}); + @prodlist = sort @prodlist; +} + # If the user has access to multiple products, display a popup, otherwise # display the current product. diff --git a/describecomponents.cgi b/describecomponents.cgi index 9a2b99cc2..57eef27cf 100755 --- a/describecomponents.cgi +++ b/describecomponents.cgi @@ -19,8 +19,12 @@ # Rights Reserved. # # Contributor(s): Terry Weissman <terry@mozilla.org> +# Bradley Baetz <bbaetz@student.usyd.edu.au> -use vars %::FORM; +use vars qw( + %FORM + $userid +); use diagnostics; use strict; @@ -32,120 +36,93 @@ require "CGI.pl"; ConnectToDatabase(); GetVersionTable(); -quietly_check_login(); +if (!defined $::FORM{'product'}) { + # Reference to a subset of %::proddesc, which the user is allowed to see + my %products; + + if (Param("usebuggroups")) { + # OK, now only add products the user can see + confirm_login(); + foreach my $p (@::legal_product) { + if (!GroupExists($p) || UserInGroup($p)) { + $products{$p} = $::proddesc{$p}; + } + } + } + else { + %products = %::proddesc; + } -###################################################################### -# Begin Data/Security Validation -###################################################################### + my $prodsize = scalar(keys %products); + if ($prodsize == 0) { + DisplayError("Either no products have been defined ". + "or you have not been given access to any.\n"); + exit; + } + elsif ($prodsize > 1) { + $::vars->{'proddesc'} = \%products; + $::vars->{'target'} = "describecomponents.cgi"; + $::vars->{'title'} = "Bugzilla component description"; + $::vars->{'h2'} = + "Please specify the product whose components you want described."; + + print "Content-type: text/html\n\n"; + $::template->process("global/choose_product.tmpl", $::vars) + || DisplayError("Template process failed: " . $::template->error()); + exit; + } -# If this installation uses bug groups to restrict access to products, -# only show the user products that don't have their own bug group or -# those whose bug group the user is a member of. Otherwise, if this -# installation doesn't use bug groups, show the user all legal products. -my @products; -if ( Param("usebuggroups") ) { - @products = grep( !GroupExists($_) || UserInGroup($_) , @::legal_product ); -} else { - @products = @::legal_product; + $::FORM{'product'} = (keys %::proddesc)[0]; } -if ( defined $::FORM{'product'} ) { - # Make sure the user specified a valid product name. Note that - # if the user specifies a valid product name but is not authorized - # to access that product, they will receive a different error message - # which could enable people guessing product names to determine - # whether or not certain products exist in Bugzilla, even if they - # cannot get any other information about that product. - grep( $::FORM{'product'} eq $_ , @::legal_product ) - || DisplayError("The product name is invalid.") - && exit; - - # Make sure the user is authorized to access this product. - if ( Param("usebuggroups") && GroupExists($::FORM{'product'}) ) { - UserInGroup($::FORM{'product'}) +my $product = $::FORM{'product'}; + +# Make sure the user specified a valid product name. Note that +# if the user specifies a valid product name but is not authorized +# to access that product, they will receive a different error message +# which could enable people guessing product names to determine +# whether or not certain products exist in Bugzilla, even if they +# cannot get any other information about that product. +grep($product eq $_ , @::legal_product) + || DisplayError("The product name is invalid.") + && exit; + +# Make sure the user is authorized to access this product. +if (Param("usebuggroups") && GroupExists($product) && !$::userid) { + confirm_login(); + UserInGroup($product) || DisplayError("You are not authorized to access that product.") - && exit; - } + && exit; } ###################################################################### # End Data/Security Validation ###################################################################### -print "Content-type: text/html\n\n"; - -my $product = $::FORM{'product'}; -if (!defined $product || lsearch(\@products, $product) < 0) { - - PutHeader("Bugzilla component description"); - print " -<FORM> -Please specify the product whose components you want described. -<P> -Product: <SELECT NAME=product> -"; - print make_options(\@products); - print " -</SELECT> -<P> -<INPUT TYPE=\"submit\" VALUE=\"Submit\"> -</FORM> -"; - PutFooter(); - exit; -} - - -PutHeader("Bugzilla component description", "Bugzilla component description", - $product); +my @components; +SendSQL("SELECT value, initialowner, initialqacontact, description FROM " . + "components WHERE program = " . SqlQuote($product) . " ORDER BY " . + "value"); +while (MoreSQLData()) { + my ($name, $initialowner, $initialqacontact, $description) = + FetchSQLData(); -print " -<TABLE> -<tr> -<th align=left>Component</th> -<th align=left>Default owner</th> -"; + my %component; -my $emailsuffix = Param("emailsuffix"); -my $useqacontact = Param("useqacontact"); + $component{'name'} = $name; + $component{'initialowner'} = $initialowner ? + DBID_to_name($initialowner) : ''; + $component{'initialqacontact'} = $initialqacontact ? + DBID_to_name($initialqacontact) : ''; + $component{'description'} = $description; -my $cols = 2; -if ($useqacontact) { - print "<th align=left>Default qa contact</th>"; - $cols++; + push @components, \%component; } -my $colbut1 = $cols - 1; +$::vars->{'product'} = $product; +$::vars->{'components'} = \@components; -print "</tr>"; - -SendSQL("select value, initialowner, initialqacontact, description from components where program = " . SqlQuote($product) . " order by value"); - -my @data; -while (MoreSQLData()) { - push @data, [FetchSQLData()]; -} -foreach (@data) { - my ($component, $initialownerid, $initialqacontactid, $description) = @$_; - - my ($initialowner, $initialqacontact) = ($initialownerid ? DBID_to_name ($initialownerid) : '', - $initialqacontactid ? DBID_to_name ($initialqacontactid) : ''); - - print qq| -<tr><td colspan=$cols><hr></td></tr> -<tr><td rowspan=2><a name="| -.value_quote($component). -qq|">$component</a></td> -<td><a href="mailto:$initialowner$emailsuffix">$initialowner</a></td> -|; - if ($useqacontact) { - print qq| -<td><a href="mailto:$initialqacontact$emailsuffix">$initialqacontact</a></td> -|; - } - print "</tr><tr><td colspan=$colbut1>$description</td></tr>\n"; -} - -print "<tr><td colspan=$cols><hr></td></tr></table>\n"; +print "Content-type: text/html\n\n"; +$::template->process("info/describe-components.tmpl", $::vars) + || DisplayError("Template process failed: " . $::template->error()); -PutFooter(); diff --git a/enter_bug.cgi b/enter_bug.cgi index 0ab18d9a9..8ca0443b3 100755 --- a/enter_bug.cgi +++ b/enter_bug.cgi @@ -44,11 +44,13 @@ use vars qw( $template $vars %COOKIE + @enterable_products @legal_opsys @legal_platform @legal_priority @legal_severity %MFORM + %versions ); # If we're using bug groups to restrict bug entry, we need to know who the @@ -58,28 +60,25 @@ confirm_login() if (Param("usebuggroupsentry")); if (!defined $::FORM{'product'}) { GetVersionTable(); - foreach my $p (sort(keys(%::versions))) { - # Special hack: "0" in proddesc means disallownew was set. - # Also, if we're using bug groups to restrict entry on products, - # and this product has a bug group, and the user is not in that - # group, we don't want to include that product in this list. - if ((defined $::proddesc{$p} && $::proddesc{$p} eq '0') - || (Param("usebuggroupsentry") - && GroupExists($p) - && !UserInGroup($p))) + my %products; + + foreach my $p (@enterable_products) { + if (!(Param("usebuggroupsentry") + && GroupExists($p) + && !UserInGroup($p))) { - delete $::proddesc{$p}; + $products{$p} = $::proddesc{$p}; } } - my $prodsize = scalar(keys %::proddesc); + my $prodsize = scalar(keys %products); if ($prodsize == 0) { DisplayError("Either no products have been defined to enter bugs ". "against or you have not been given access to any.\n"); exit; } elsif ($prodsize > 1) { - $vars->{'proddesc'} = \%::proddesc; + $vars->{'proddesc'} = \%products; $vars->{'target'} = "enter_bug.cgi"; $vars->{'title'} = "Enter Bug"; @@ -92,7 +91,7 @@ if (!defined $::FORM{'product'}) { exit; } - $::FORM{'product'} = (keys %::proddesc)[0]; + $::FORM{'product'} = (keys %products)[0]; $::MFORM{'product'} = [$::FORM{'product'}]; } @@ -229,7 +228,7 @@ if(Param("usebuggroupsentry") GetVersionTable(); -if (!defined($::proddesc{$product}) || $::proddesc{$product} eq "0") { +if (lsearch(\@::enterable_products, $product) == -1) { DisplayError("'" . html_quote($product) . "' is not a valid product."); exit; } @@ -320,7 +319,7 @@ if ($::usergroupset ne '0') { my ($bit, $prodname, $description) = FetchSQLData(); # Don't want to include product groups other than this product. next unless($prodname eq $product || - !defined($::proddesc{$prodname})); + !defined($::proddesc{$prodname})); my $check; diff --git a/globals.pl b/globals.pl index e6bd2d704..deb433ab4 100644 --- a/globals.pl +++ b/globals.pl @@ -38,6 +38,7 @@ sub globals_pl_sillyness { $zz = @main::default_column_list; $zz = $main::defaultqueryname; $zz = @main::dontchange; + $zz = @main::enterable_products; $zz = %main::keywordsbyname; $zz = @main::legal_bug_status; $zz = @main::legal_components; @@ -50,6 +51,7 @@ sub globals_pl_sillyness { $zz = @main::legal_target_milestone; $zz = @main::legal_versions; $zz = @main::milestoneurl; + $zz = %main::proddesc; $zz = @main::prodmaxvotes; $zz = $main::superusergroupset; $zz = $main::userid; @@ -492,16 +494,13 @@ sub GenerateVersionTable { # about them anyway. my $mpart = $dotargetmilestone ? ", milestoneurl" : ""; - SendSQL("select product, description, votesperuser, disallownew$mpart from products"); + SendSQL("select product, description, votesperuser, disallownew$mpart from products ORDER BY product"); $::anyvotesallowed = 0; while (@line = FetchSQLData()) { my ($p, $d, $votesperuser, $dis, $u) = (@line); $::proddesc{$p} = $d; - if ($dis) { - # Special hack. Stomp on the description and make it "0" if we're - # not supposed to allow new bugs against this product. This is - # checked for in enter_bug.cgi. - $::proddesc{$p} = "0"; + if (!$dis) { + push @::enterable_products, $p; } if ($dotargetmilestone) { $::milestoneurl{$p} = $u; @@ -579,6 +578,7 @@ sub GenerateVersionTable { } print FID GenerateCode('@::settable_resolution'); print FID GenerateCode('%::proddesc'); + print FID GenerateCode('@::enterable_products'); print FID GenerateCode('%::prodmaxvotes'); print FID GenerateCode('$::anyvotesallowed'); @@ -1294,8 +1294,10 @@ sub UserInGroup { return 0; } ConnectToDatabase(); + PushGlobalSQLState(); SendSQL("select (bit & $::usergroupset) != 0 from groups where name = " . SqlQuote($groupname)); my $bit = FetchOneColumn(); + PopGlobalSQLState(); if ($bit) { return 1; } diff --git a/template/default/info/describe-components.tmpl b/template/default/info/describe-components.tmpl new file mode 100644 index 000000000..068559667 --- /dev/null +++ b/template/default/info/describe-components.tmpl @@ -0,0 +1,86 @@ +[%# The contents of this file are subject to the Mozilla Public + # License Version 1.1 (the "License"); you may not use this file + # except in compliance with the License. You may obtain a copy of + # the License at http://www.mozilla.org/MPL/ + # + # Software distributed under the License is distributed on an "AS + # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + # implied. See the License for the specific language governing + # rights and limitations under the License. + # + # The Original Code is the Bugzilla Bug Tracking System. + # + # The Initial Developer of the Original Code is Netscape Communications + # Corporation. Portions created by Netscape are + # Copyright (C) 1998 Netscape Communications Corporation. All + # Rights Reserved. + # + # Contributor(s): Bradley Baetz <bbaetz@student.usyd.edu.au> + #%] + +[% INCLUDE global/header + title = "Components for $product" + h2 = product %] + +[% IF Param("useqacontact") %] + [% numcols = 3 %] +[% ELSE %] + [% numcols = 2 %] +[% END %] + +[% IF components.size == 0 %] + This product has no components. +[% ELSE %] + <table> + <tr> + <th align="left">Component</th> + <th align="left">Default Owner</th> + [% IF Param("useqacontact") %] + <th align="left">Default QA Contact</th> + [% END %] + </tr> + + [% FOREACH comp = components.sort %] + [% INCLUDE describe_comp %] + [% END %] + <tr> + <td colspan='[% numcols %]'> + <hr> + </td> + </tr> + </table> +[% END %] + +[% INCLUDE global/footer %] + +[%############################################################################%] +[%# BLOCK for components %] +[%############################################################################%] + +[% BLOCK describe_comp %] + <tr> + <td colspan="[% numcols %]"> + <hr> + </td> + </tr> + <tr> + <td rowspan='2'> + <a name="[% comp.name FILTER html %]">[% comp.name FILTER html %]</a> + </td> + <td> + <a href="mailto:[% comp.initialowner %][% Param('emailsuffix') %]"> + [% comp.initialowner %]</a> + </td> + [% IF Param("useqacontact") %] + <td> + <a href="mailto:[% comp.initialqacontact %][% Param('emailsuffix') %]"> + [% comp.initialqacontact %]</a> + </td> + [% END %] + </tr> + <tr> + <td colspan="[% numcols - 1 %]"> + [% comp.description %] + </td> + </tr> +[% END %] |