diff options
| -rw-r--r-- | CGI.pl | 3 | ||||
| -rw-r--r-- | bug_form.pl | 2 | ||||
| -rwxr-xr-x | editgroups.cgi | 470 | ||||
| -rwxr-xr-x | enter_bug.cgi | 76 | ||||
| -rwxr-xr-x | post_bug.cgi | 6 |
5 files changed, 48 insertions, 509 deletions
@@ -946,9 +946,6 @@ sub GetCommandMenu { if (UserInGroup("editkeywords")) { $html .= ", <a href=editkeywords.cgi>keywords</a>"; } - if (UserInGroup("creategroups") && Param("usebuggroups")) { - $html .= ", <a href=editgroups.cgi>groups</a>"; - } $html .= " | <NOBR><a href=relogin.cgi>Log out</a> $::COOKIE{'Bugzilla_login'}</NOBR>"; } else { $html .= diff --git a/bug_form.pl b/bug_form.pl index 2b705efd0..1402a1a47 100644 --- a/bug_form.pl +++ b/bug_form.pl @@ -355,7 +355,7 @@ print " <TEXTAREA WRAP=HARD NAME=comment ROWS=5 COLS=80></TEXTAREA><BR>"; -if ($::usergroupset ne '0' and Param('usebuggroups')) { +if ($::usergroupset ne '0') { SendSQL("select bit, description, (bit & $bug{'groupset'} != 0) from groups where bit & $::usergroupset != 0 and isbuggroup != 0 order by bit"); while (MoreSQLData()) { my ($bit, $description, $ison) = (FetchSQLData()); diff --git a/editgroups.cgi b/editgroups.cgi deleted file mode 100755 index 1f329d8ac..000000000 --- a/editgroups.cgi +++ /dev/null @@ -1,470 +0,0 @@ -#!/usr/bonsaitools/bin/perl -w -# -*- Mode: perl; indent-tabs-mode: nil -*- -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Bugzilla Bug Tracking System. -# -# The Initial Developer of the Original Code is Netscape Communications -# Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): Dave Miller <dave@intrec.com> - -# Code derived from editowners.cgi and editusers.cgi - -use diagnostics; -use strict; - -require "CGI.pl"; - -confirm_login(); - -print "Content-type: text/html\n\n"; - -if (!UserInGroup("creategroups")) { - PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!"); - print "<H1>Sorry, you aren't a member of the 'creategroups' group.</H1>\n"; - print "And so, you aren't allowed to edit the groups.\n"; - print "<p>\n"; - PutFooter(); - exit; -} - -my $action = trim($::FORM{action} || ''); - -# TestGroup: check if the group name exists -sub TestGroup ($) -{ - my $group = shift; - - # does the group exist? - SendSQL("SELECT name - FROM groups - WHERE name=" . SqlQuote($group)); - return FetchOneColumn(); -} - -sub ShowError ($) -{ - my $msgtext = shift; - print "<TABLE BGCOLOR=\"#FF0000\" CELLPADDING=15><TR><TD>"; - print "<B>$msgtext</B>"; - print "</TD></TR></TABLE><P>"; - return 1; -} - -# -# Displays a text like "a.", "a or b.", "a, b or c.", "a, b, c or d." -# - -sub PutTrailer (@) -{ - my (@links) = ("<a href=index.html>Back to the Main Bugs Page</a>", @_); - - my $count = $#links; - my $num = 0; - print "<P>\n"; - foreach (@links) { - print $_; - if ($num == $count) { - print ".\n"; - } - elsif ($num == $count-1) { - print " or "; - } - else { - print ", "; - } - $num++; - } - PutFooter(); -} - -# -# action='' -> No action specified, get a list. -# - -unless ($action) { - PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in."); - - print "<form method=post action=editgroups.cgi>\n"; - print "<table border=1>\n"; - print "<tr>"; - print "<th>Bit</th>"; - print "<th>Name</th>"; - print "<th>Description</th>"; - print "<th>User RegExp</th>"; - print "<th>Action</th>"; - print "</tr>\n"; - - SendSQL("SELECT bit,name,description,userregexp " . - "FROM groups " . - "WHERE isbuggroup != 0 " . - "ORDER BY bit"); - - while (MoreSQLData()) { - my ($bit, $name, $desc, $regexp) = FetchSQLData(); - print "<tr>\n"; - print "<td valign=middle>$bit</td>\n"; - print "<td><input size=20 name=\"name-$bit\" value=\"$name\">\n"; - print "<input type=hidden name=\"oldname-$bit\" value=\"$name\"></td>\n"; - print "<td><input size=40 name=\"desc-$bit\" value=\"$desc\">\n"; - print "<input type=hidden name=\"olddesc-$bit\" value=\"$desc\"></td>\n"; - print "<td><input size=30 name=\"regexp-$bit\" value=\"$regexp\">\n"; - print "<input type=hidden name=\"oldregexp-$bit\" value=\"$regexp\"></td>\n"; - print "<td align=center valign=middle><a href=\"editgroups.cgi?action=del&group=$bit\">Delete</a></td>\n"; - print "</tr>\n"; - } - - print "<tr>\n"; - print "<td colspan=4></td>\n"; - print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n"; - print "</tr>\n"; - print "</table>\n"; - print "<input type=hidden name=\"action\" value=\"update\">"; - print "<input type=submit value=\"Submit changes\">\n"; - print "</form>\n"; - - print "<p>"; - print "<b>Name</b> is what is used with the UserInGroup() function in any -customized cgi files you write that use a given group. It can also be used by -people submitting bugs by email to limit a bug to a certain groupset. It -may not contain any spaces.<p>"; - print "<b>Description</b> is what will be shown in the bug reports to -members of the group where they can choose whether the bug will be restricted -to others in the same group.<p>"; - print "<b>User RegExp</b> is optional, and if filled in, will automatically -grant membership to this group to anyone creating a new account with an -email address that matches this regular expression.<p>"; - print "In addition, the following groups that determine user privileges -exist. You can not edit these, but you need to know they are here, because -you can't duplicate the Names of any of them in your user groups either.<p>"; - - print "<table border=1>\n"; - print "<tr>"; - print "<th>Bit</th>"; - print "<th>Name</th>"; - print "<th>Description</th>"; - print "</tr>\n"; - - SendSQL("SELECT bit,name,description " . - "FROM groups " . - "WHERE isbuggroup = 0 " . - "ORDER BY bit"); - - while (MoreSQLData()) { - my ($bit, $name, $desc) = FetchSQLData(); - print "<tr>\n"; - print "<td>$bit</td>\n"; - print "<td>$name</td>\n"; - print "<td>$desc</td>\n"; - print "</tr>\n"; - } - - print "</table><p>\n"; - - PutFooter(); - exit; -} - -# -# action='add' -> present form for parameters for new group -# -# (next action will be 'new') -# - -if ($action eq 'add') { - PutHeader("Add group"); - - print "<FORM METHOD=POST ACTION=editgroups.cgi>\n"; - print "<TABLE BORDER=1 CELLPADDING=4 CELLSPACING=0><TR>\n"; - print "<th>New Name</th>"; - print "<th>New Description</th>"; - print "<th>New User RegExp</th>"; - print "</tr><tr>"; - print "<td><input size=20 name=\"name\"></td>\n"; - print "<td><input size=40 name=\"desc\"></td>\n"; - print "<td><input size=30 name=\"regexp\"></td>\n"; - print "</TR></TABLE>\n<HR>\n"; - print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n"; - print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"new\">\n"; - print "</FORM>"; - - print "<p>"; - print "<b>Name</b> is what is used with the UserInGroup() function in any -customized cgi files you write that use a given group. It can also be used by -people submitting bugs by email to limit a bug to a certain groupset. It -may not contain any spaces.<p>"; - print "<b>Description</b> is what will be shown in the bug reports to -members of the group where they can choose whether the bug will be restricted -to others in the same group.<p>"; - print "<b>User RegExp</b> is optional, and if filled in, will automatically -grant membership to this group to anyone creating a new account with an -email address that matches this regular expression.<p>"; - - PutTrailer("<a href=editgroups.cgi>Back to the group list</a>"); - exit; -} - - - -# -# action='new' -> add group entered in the 'action=add' screen -# - -if ($action eq 'new') { - PutHeader("Adding new group"); - - # Cleanups and valididy checks - my $name = trim($::FORM{name} || ''); - my $desc = trim($::FORM{desc} || ''); - my $regexp = trim($::FORM{regexp} || ''); - - unless ($name) { - ShowError("You must enter a name for the new group.<BR>" . - "Please click the <b>Back</b> button and try again."); - PutFooter(); - exit; - } - unless ($desc) { - ShowError("You must enter a description for the new group.<BR>" . - "Please click the <b>Back</b> button and try again."); - PutFooter(); - exit; - } - if (TestGroup($name)) { - ShowError("The group '" . $name . "' already exists.<BR>" . - "Please click the <b>Back</b> button and try again."); - PutFooter(); - exit; - } - - # Major hack for bit values... perl can't handle 64-bit ints, so I can't - # just do the math to get the next available bit number, gotta handle - # them as strings... also, we're actually only going to allow 63 bits - # because that's all that opblessgroupset masks for (the high bit is off - # to avoid signing issues). - - my @bitvals = ('1','2','4','8','16','32','64','128','256','512','1024', - '2048','4096','8192','16384','32768', - - '65535','131072','262144','524288','1048576','2097152', - '4194304','8388608','16777216','33554432','67108864', - '134217728','268435456','536870912','1073741824', - '2147483648', - - '4294967296','8589934592','17179869184','34359738368', - '68719476736','137438953472','274877906944', - '549755813888','1099511627776','2199023255552', - '4398046511104','8796093022208','17592186044416', - '35184372088832','70368744177664','140737488355328', - - '281474976710656','562949953421312','1125899906842624', - '2251799813685248','4503599627370496','9007199254740992', - '18014398509481984','36028797018963968','72057594037927936', - '144115188075855872','288230376151711744', - '576460752303423488','1152921504606846976', - '2305843009213693958','4611686018427387916'); - - # First the next available bit - my $bit = ""; - foreach (@bitvals) { - if ($bit == "") { - SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($_)); - if (!FetchOneColumn()) { $bit = $_; } - } - } - if ($bit == "") { - ShowError("Sorry, you already have the maximum number of groups " . - "defined.<BR><BR>You must delete a group first before you " . - "can add any more.</B>"); - PutTrailer("<a href=editgroups.cgi>Back to the group list</a>"); - exit; - } - - # Add the new group - SendSQL("INSERT INTO groups ( " . - "bit, name, description, isbuggroup, userregexp" . - " ) VALUES ( " . - $bit . "," . - SqlQuote($name) . "," . - SqlQuote($desc) . "," . - "1," . - SqlQuote($regexp) . ")" ); - - print "OK, done.<p>\n"; - print "Your new group was assigned bit #$bit.<p>"; - PutTrailer("<a href=\"editgroups.cgi?action=add\">Add another group</a>", - "<a href=\"editgroups.cgi\">Back to the group list</a>"); - exit; -} - -# -# action='del' -> ask if user really wants to delete -# -# (next action would be 'delete') -# - -if ($action eq 'del') { - PutHeader("Delete group"); - my $bit = trim($::FORM{group} || ''); - unless ($bit) { - ShowError("No group specified.<BR>" . - "Click the <b>Back</b> button and try again."); - PutFooter(); - exit; - } - SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($bit)); - if (!FetchOneColumn()) { - ShowError("That group doesn't exist.<BR>" . - "Click the <b>Back</b> button and try again."); - PutFooter(); - exit; - } - SendSQL("SELECT name,description " . - "FROM groups " . - "WHERE bit = " . SqlQuote($bit)); - - my ($name, $desc) = FetchSQLData(); - print "<table border=1>\n"; - print "<tr>"; - print "<th>Bit</th>"; - print "<th>Name</th>"; - print "<th>Description</th>"; - print "</tr>\n"; - print "<tr>\n"; - print "<td>$bit</td>\n"; - print "<td>$name</td>\n"; - print "<td>$desc</td>\n"; - print "</tr>\n"; - print "</table>\n"; - - print "<H2>Confirmation</H2>\n"; - print "<P>Do you really want to delete this group?<P>\n"; - - print "<FORM METHOD=POST ACTION=editgroups.cgi>\n"; - print "<INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n"; - print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n"; - print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$bit\">\n"; - print "</FORM>"; - - PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>"); - exit; -} - -# -# action='delete' -> really delete the group -# - -if ($action eq 'delete') { - PutHeader("Deleting user"); - ShowError("This function has not been implemented yet! (Sorry)<br>" . - "Try again later"); - - print " -Deleting a group is not as easy as it sounds:<p> -<OL> -<LI>All users have to be checked to ensure anyone who is a member of this group is first removed from membership. -<LI>All bugs have to be checked to ensure no bugs are set to use this group. -</OL> -If the above is not done, conflicts may occur if a new group is created that uses a bit number that has already been used in the past.<p> -Deleting a group will be implemented very shortly, stay tuned! -I just figured most people would be more interested in adding and editing -groups for the time being, so I would get that done first, so I could get this out here for people to use. :)<p> -Watch <a href=\"http://bugzilla.mozilla.org/show_bug.cgi?id=25010\">Bug 25010</a> on Mozilla's bugzilla for details. -<p> -"; - - PutTrailer("<a href=editgroups.cgi>Back to group list</a>"); - exit; -} - -# -# action='update' -> update the groups -# - -if ($action eq 'update') { - PutHeader("Updating groups"); - - my $chgs = 0; - - foreach my $b (grep(/^name-\d*$/, keys %::FORM)) { - if ($::FORM{$b}) { - my $v = substr($b, 5); - -# print "Old: '" . $::FORM{"oldname-$v"} . "', '" . $::FORM{"olddesc-$v"} . -# "', '" . $::FORM{"oldregexp-$v"} . "'<br>"; -# print "New: '" . $::FORM{"name-$v"} . "', '" . $::FORM{"desc-$v"} . -# "', '" . $::FORM{"regexp-$v"} . "'<br>"; - - if ($::FORM{"oldname-$v"} ne $::FORM{"name-$v"}) { - $chgs = 1; - SendSQL("SELECT name FROM groups WHERE name=" . - SqlQuote($::FORM{"name-$v"})); - if (!FetchOneColumn()) { - SendSQL("UPDATE groups SET name=" . - SqlQuote($::FORM{"name-$v"}) . - " WHERE bit=" . SqlQuote($v)); - print "Group $v name updated.<br>\n"; - } else { - ShowError("Duplicate name '" . $::FORM{"name-$v"} . - "' specified for group $v.<BR>" . - "Update of group $v name skipped."); - } - } - if ($::FORM{"olddesc-$v"} ne $::FORM{"desc-$v"}) { - $chgs = 1; - SendSQL("SELECT description FROM groups WHERE description=" . - SqlQuote($::FORM{"desc-$v"})); - if (!FetchOneColumn()) { - SendSQL("UPDATE groups SET description=" . - SqlQuote($::FORM{"desc-$v"}) . - " WHERE bit=" . SqlQuote($v)); - print "Group $v description updated.<br>\n"; - } else { - ShowError("Duplicate description '" . $::FORM{"desc-$v"} . - "' specified for group $v.<BR>" . - "Update of group $v description skipped."); - } - } - if ($::FORM{"oldregexp-$v"} ne $::FORM{"regexp-$v"}) { - $chgs = 1; - SendSQL("UPDATE groups SET userregexp=" . - SqlQuote($::FORM{"regexp-$v"}) . - " WHERE bit=" . SqlQuote($v)); - print "Group $v user regexp updated.<br>\n"; - } - } - } - if (!$chgs) { - print "You didn't change anything!<BR>\n"; - print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n"; - } else { - print "Done.<p>\n"; - } - PutTrailer("<a href=editgroups.cgi>Back to the group list</a>"); - exit; -} - -# -# No valid action found -# - -PutHeader("Error"); -print "I don't have a clue what you want.<BR>\n"; - -foreach ( sort keys %::FORM) { - print "$_: $::FORM{$_}<BR>\n"; -} - -PutTrailer("<a href=editgroups.cgi>Try the group list</a>"); diff --git a/enter_bug.cgi b/enter_bug.cgi index 086372d23..f89f2f436 100755 --- a/enter_bug.cgi +++ b/enter_bug.cgi @@ -250,17 +250,15 @@ PutHeader ("Enter Bug","Enter Bug","This page lets you enter a new bug into Bugz # Modified, -JMR, 2/24,00 # If the usebuggroupsentry parameter is set, we need to check and make sure # that the user has permission to enter a bug against this product. -# Modified, -DDM, 3/11/00 -# added GroupExists check so we don't choke on a groupless product -if(Param("usebuggroupsentry") - && GroupExists($product) - && !UserInGroup($product)) { - print "<H1>Permission denied.</H1>\n"; - print "Sorry; you do not have the permissions necessary to enter\n"; - print "a bug against this product.\n"; - print "<P>\n"; - PutFooter(); - exit; +if(Param("usebuggroupsentry")) { + if(!UserInGroup($product)) { + print "<H1>Permission denied.</H1>\n"; + print "Sorry; you do not have the permissions necessary to enter\n"; + print "a bug against this product.\n"; + print "<P>\n"; + PutFooter(); + exit; + } } # Modified, -JMR, 2/18/00 @@ -273,17 +271,14 @@ if(Param("usebuggroupsentry") # the database, (2) insert the select box in the giant print statements below, # and (3) update post_bug.cgi to process the additional input field. -# Modified, -DDM, 3/11/00 -# Only need the bit here, and not the description. Description is gotten -# when the select boxes for all the groups this user has access to are read -# in later on. # First we get the bit and description for the group. my $group_bit=0; +my $group_desc; if(Param("usebuggroups") && GroupExists($product)) { - SendSQL("select bit from groups ". + SendSQL("select bit, description from groups ". "where name = ".SqlQuote($product)." ". "and isbuggroup != 0"); - ($group_bit) = FetchSQLData(); + ($group_bit, $group_desc) = FetchSQLData(); } print " @@ -393,6 +388,33 @@ print " value_quote(formvalue('comment')) . "</TEXTAREA><BR></td> </tr>"; +# In between the Description field and the Submit buttons, we'll put in the +# select box for the bug group, if necessary. +# Rather than waste time with another Param check and another database access, +# $group_bit will only have a non-zero value if we're using bug groups and have +# one for this product, so I'll check on that instead here. -JMR, 2/18/00 +if($group_bit) { + # In addition, we need to handle the possibility that we're coming from + # a bookmark template. We'll simply check if we've got a parameter called + # groupset passed with a value other than the current bit. If so, then we're + # coming from a template, and we don't have group_bit set, so turn it off. + my $check0 = (formvalue("groupset",$group_bit) == $group_bit) ? "" : " SELECTED"; + my $check1 = ($check0 eq "") ? " SELECTED" : ""; + print " + <tr> + <td align=right><B>Access:</td> + <td colspan=5> + <select name=\"groupset\"> + <option value=0$check0> + People not in the \"$group_desc\" group can see this bug + </option> + <option value=$group_bit$check1> + Only people in the \"$group_desc\" group can see this bug + </option> + </select> + </td> + </tr>" +} print " <tr> @@ -402,31 +424,15 @@ print " if ($::usergroupset ne '0') { SendSQL("SELECT bit, description FROM groups " . "WHERE bit & $::usergroupset != 0 " . - " AND isbuggroup != 0 ORDER BY description"); + " AND isbuggroup != 0 ORDER BY bit"); while (MoreSQLData()) { my ($bit, $description) = (FetchSQLData()); - # Rather than waste time with another Param check and another database - # access, $group_bit will only have a non-zero value if we're using - # bug groups and have one for this product, so I'll check on that - # instead here. -JMR, 2/18/00 - # Moved this check to this location to fix conflict with existing - # select-box patch. Also, if $group_bit is 0, it won't match the - # current group, either, so I'll compare it to the current bit - # instead of checking for non-zero. -DDM, 3/11/00 - my $check = 0; # default selection - if($group_bit == $bit) { - # In addition, we need to handle the possibility that we're coming - # from a bookmark template. We'll simply check if we've got a - # parameter called bit-# passed. If so, then we're coming from a - # template, and we'll use the template value. - $check = formvalue("bit-$bit","1"); - } print BuildPulldown("bit-$bit", [["0", "People not in the \"$description\" group can see this bug"], ["1", "Only people in the \"$description\" group can see this bug"]], - $check); + 0); print "<BR>\n"; } } diff --git a/post_bug.cgi b/post_bug.cgi index 5695e5f0c..236213559 100755 --- a/post_bug.cgi +++ b/post_bug.cgi @@ -121,6 +121,12 @@ if (Param("useqacontact")) { } } +# If we're using bug groups, we need to include the groupset in the list of +# fields. -JMR, 2/18/00 +if(Param("usebuggroups")) { + push(@bug_fields, "groupset"); +} + if (exists $::FORM{'bug_status'}) { if (!UserInGroup("canedit") && !UserInGroup("canconfirm")) { delete $::FORM{'bug_status'}; |