diff options
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/CGI.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/Config/BugFields.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Config/General.pm | 8 | ||||
| -rw-r--r-- | Bugzilla/Constants.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/DB.pm | 14 | ||||
| -rw-r--r-- | Bugzilla/Install.pm | 51 | ||||
| -rw-r--r-- | Bugzilla/Install/DB.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Install/Filesystem.pm | 82 | ||||
| -rw-r--r-- | Bugzilla/PSGI.pm | 42 | ||||
| -rw-r--r-- | Bugzilla/Search.pm | 28 | ||||
| -rw-r--r-- | Bugzilla/Template.pm | 6 |
11 files changed, 199 insertions, 44 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index b0bc15e78..b932116a2 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -114,7 +114,7 @@ sub new { # Under mod_perl, CGI's global variables get reset on each request, # so we need to set them up again every time. - $class->_init_bz_cgi_globals() if $ENV{MOD_PERL}; + $class->_init_bz_cgi_globals() if BZ_PERSISTENT; my $self = $class->SUPER::new(@args); @@ -678,7 +678,7 @@ sub send_cookie { } # Add the default path and the domain in. - state $uri = URI->new( Bugzilla->localconfig->{urlbase} ); + state $uri = Bugzilla->urlbase; $paramhash{'-path'} = $uri->path; # we don't set the domain. $paramhash{'-secure'} = 1 diff --git a/Bugzilla/Config/BugFields.pm b/Bugzilla/Config/BugFields.pm index 94a16b7c2..c443ffe78 100644 --- a/Bugzilla/Config/BugFields.pm +++ b/Bugzilla/Config/BugFields.pm @@ -65,7 +65,7 @@ sub get_param_list { name => 'defaultpriority', type => 's', choices => \@legal_priorities, - default => $legal_priorities[-1], + default => $legal_priorities[0], checker => \&check_priority }, diff --git a/Bugzilla/Config/General.pm b/Bugzilla/Config/General.pm index 9d85aecaf..7e1c812c1 100644 --- a/Bugzilla/Config/General.pm +++ b/Bugzilla/Config/General.pm @@ -25,6 +25,14 @@ use constant get_param_list => ( }, { + name => 'nobody_user', + type => 't', + no_reset => '1', + default => 'nobody@mozilla.org', + checker => \&check_email + }, + + { name => 'docs_urlbase', type => 't', default => 'docs/%lang%/html/', diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm index 6e3a12736..65b37dced 100644 --- a/Bugzilla/Constants.pm +++ b/Bugzilla/Constants.pm @@ -193,6 +193,8 @@ use Memoize; EMAIL_LIMIT_EXCEPTION JOB_QUEUE_VIEW_MAX_JOBS + + BZ_PERSISTENT ); @Bugzilla::Constants::EXPORT_OK = qw(contenttypes); @@ -700,6 +702,8 @@ sub _bz_locations { }; } +use constant BZ_PERSISTENT => $main::BUGZILLA_PERSISTENT; + # This makes us not re-compute all the bz_locations data every time it's # called. BEGIN { memoize('_bz_locations') }; diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm index 0dfa47c23..15acfd0d9 100644 --- a/Bugzilla/DB.pm +++ b/Bugzilla/DB.pm @@ -49,14 +49,12 @@ use constant ISOLATION_LEVEL => 'REPEATABLE READ'; # Bugzilla with enums. After that, they are either controlled through # the Bugzilla UI or through the DB. use constant ENUM_DEFAULTS => { - bug_severity => ['blocker', 'critical', 'major', 'normal', - 'minor', 'trivial', 'enhancement'], - priority => ["Highest", "High", "Normal", "Low", "Lowest", "---"], - op_sys => ["All","Windows","Mac OS","Linux","Other"], - rep_platform => ["All","PC","Macintosh","Other"], - bug_status => ["UNCONFIRMED","CONFIRMED","IN_PROGRESS","RESOLVED", - "VERIFIED"], - resolution => ["","FIXED","INVALID","WONTFIX", "DUPLICATE","WORKSFORME"], + bug_severity => [qw(blocker critical major normal minor trivial enhancement )], + priority => [qw(-- P1 P2 P3 P4 P5)], + op_sys => [ "Unspecified", "All", "Windows", "Mac OS", "Linux", "Other" ], + rep_platform => [ "Unspecified", "All", "PC", "Macintosh", "Other" ], + bug_status => [qw(UNCONFIRMED NEW ASSIGNED REOPENED RESOLVED VERIFIED CLOSED)], + resolution => [ "", qw(FIXED INVALID WONTFIX DUPLICATE WORKSFORME INCOMPLETE) ], }; # The character that means "OR" in a boolean fulltext search. If empty, diff --git a/Bugzilla/Install.pm b/Bugzilla/Install.pm index ced559111..6ac16821e 100644 --- a/Bugzilla/Install.pm +++ b/Bugzilla/Install.pm @@ -19,6 +19,7 @@ use 5.10.1; use strict; use warnings; +use Bugzilla::Logging; use Bugzilla::Component; use Bugzilla::Config qw(:admin); use Bugzilla::Constants; @@ -31,21 +32,31 @@ use Bugzilla::Util qw(get_text); use Bugzilla::Version; use constant STATUS_WORKFLOW => ( - [undef, 'UNCONFIRMED'], - [undef, 'CONFIRMED'], - [undef, 'IN_PROGRESS'], - ['UNCONFIRMED', 'CONFIRMED'], - ['UNCONFIRMED', 'IN_PROGRESS'], - ['UNCONFIRMED', 'RESOLVED'], - ['CONFIRMED', 'IN_PROGRESS'], - ['CONFIRMED', 'RESOLVED'], - ['IN_PROGRESS', 'CONFIRMED'], - ['IN_PROGRESS', 'RESOLVED'], - ['RESOLVED', 'UNCONFIRMED'], - ['RESOLVED', 'CONFIRMED'], - ['RESOLVED', 'VERIFIED'], - ['VERIFIED', 'UNCONFIRMED'], - ['VERIFIED', 'CONFIRMED'], + [ undef, 'UNCONFIRMED' ], + [ undef, 'NEW' ], + [ undef, 'ASSIGNED' ], + [ 'UNCONFIRMED', 'NEW' ], + [ 'UNCONFIRMED', 'ASSIGNED' ], + [ 'UNCONFIRMED', 'RESOLVED' ], + [ 'NEW', 'UNCONFIRMED' ], + [ 'NEW', 'ASSIGNED' ], + [ 'NEW', 'RESOLVED' ], + [ 'ASSIGNED', 'UNCONFIRMED' ], + [ 'ASSIGNED', 'NEW' ], + [ 'ASSIGNED', 'RESOLVED' ], + [ 'REOPENED', 'UNCONFIRMED' ], + [ 'REOPENED', 'NEW' ], + [ 'REOPENED', 'ASSIGNED' ], + [ 'REOPENED', 'RESOLVED' ], + [ 'RESOLVED', 'UNCONFIRMED' ], + [ 'RESOLVED', 'REOPENED' ], + [ 'RESOLVED', 'VERIFIED' ], + [ 'VERIFIED', 'UNCONFIRMED' ], + [ 'VERIFIED', 'REOPENED' ], + [ 'VERIFIED', 'RESOLVED' ], + [ 'CLOSED', 'UNCONFIRMED' ], + [ 'CLOSED', 'REOPENED' ], + [ 'CLOSED', 'RESOLVED' ], ); sub SETTINGS { @@ -273,6 +284,12 @@ use constant DEFAULT_PRODUCT => { defaultmilestone => DEFAULT_MILESTONE, }; +use constant DEFAULT_PRODUCT_GROUP => { + name => 'test-product-security', + description => "Security Sensitive TestProduct Bug", + isbuggroup => 1, +}; + use constant DEFAULT_COMPONENT => { name => 'TestComponent', description => 'This is a test component in the test product database.' @@ -351,7 +368,8 @@ sub create_default_product { print get_text('install_default_product', { name => DEFAULT_PRODUCT->{name} }) . "\n"; - my $product = Bugzilla::Product->create(DEFAULT_PRODUCT); + my $group = Bugzilla::Group->create(DEFAULT_PRODUCT_GROUP); + my $product = Bugzilla::Product->create({ %{DEFAULT_PRODUCT()}, security_group_id => $group->id }); # Get the user who will be the owner of the Component. # We pick the admin with the lowest id, which is probably the @@ -381,6 +399,7 @@ sub init_workflow { 'SELECT value, id FROM bug_status', {Columns=>[1,2]}) }; foreach my $pair (STATUS_WORKFLOW) { + WARN("unknown bug_status: " . $pair->[1]) unless $status_ids{$pair->[1]}; my $old_id = $pair->[0] ? $status_ids{$pair->[0]} : undef; my $new_id = $status_ids{$pair->[1]}; $dbh->do('INSERT INTO status_workflow (old_status, new_status) diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index e6a7a3be0..2c8a22448 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -3895,7 +3895,7 @@ sub _migrate_group_owners { my $dbh = Bugzilla->dbh; return if $dbh->bz_column_info('groups', 'owner_user_id'); $dbh->bz_add_column('groups', 'owner_user_id', {TYPE => 'INT3'}); - my $nobody = Bugzilla::User->check('nobody@mozilla.org'); + my $nobody = Bugzilla::User->check(Bugzilla->params->{'nobody_user'}); $dbh->do('UPDATE groups SET owner_user_id = ?', undef, $nobody->id); } diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm index 71169345b..5e51dd9cc 100644 --- a/Bugzilla/Install/Filesystem.pm +++ b/Bugzilla/Install/Filesystem.pm @@ -115,6 +115,52 @@ sub HTTPD_ENV_CONF { return join( "\n", map { "PerlPassEnv " . $_ } @env ) . "\n"; } +sub _error_page { + my ($code, $title, $description) = @_; + warn "urlbase: ", Bugzilla->urlbase, "\n"; + my $host = Bugzilla->urlbase->host; + + return <<EOT; +<!DOCTYPE HTML> +<html> + <head> + <title>$title</title> + <style> + body { + margin: 1em 2em; + background-color: #455372; + color: #ddd; + font-family: sans-serif; + } + h1, h3 { + color: #fff; + } + a { + color: #fff; + text-decoration: none; + } + #buggie { + float: left; + } + #content { + margin-left: 100px; + padding-top: 20px; + } + </style> + </head> + <body> + <img src="/images/buggie.png" id="buggie" alt="buggie" width="78" height="215"> + <div id="content"> + <h1>$title</h1> + <p>$description</p> + <h3>Error $code</h3> + <p><a href="/">$host</a></p> + </div> + </body> +</html> +EOT +} + ############### # Permissions # ############### @@ -430,6 +476,40 @@ sub FILESYSTEM { contents => \&HTTPD_ENV_CONF }, ); + # Create static error pages. + $create_dirs{"errors"} = DIR_CGI_READ; + $create_files{"errors/401.html"} = { + perms => CGI_READ, + overwrite => 1, + contents => _error_page( + 401, 'Authentication Required', + "This server could not verify that you are authorized to access + that url. you either supplied the wrong credentials (e.g., bad + password), or your browser doesn't understand how to supply the + credentials required.") + }; + $create_files{"errors/403.html"} = { + perms => CGI_READ, + overwrite => 1, + contents => _error_page( + 403, 'Access Denied', + "Access to the requested resource has been denied.") + }; + $create_files{"errors/404.html"} = { + perms => CGI_READ, + overwrite => 1, + contents => _error_page( + 404, 'Object Not Found', + "The requested URL was not found on this server.") + }; + $create_files{"errors/500.html"} = { + perms => CGI_READ, + overwrite => 1, + contents => _error_page( + 500, 'Internal Server Error', + "The server encountered an internal error and was unable to complete your request.") + }; + # Because checksetup controls the creation of index.html separately # from all other files, it gets its very own hash. my %index_html = ( @@ -564,7 +644,7 @@ sub update_filesystem { # Delete old files that no longer need to exist # 2001-04-29 jake@bugzilla.org - Remove oldemailtech - # http://bugzilla.mozilla.org/show_bugs.cgi?id=71552 + # http://bugzilla.mozilla.org/show_bug.cgi?id=71552 if (-d 'shadow') { print "Removing shadow directory...\n"; rmtree("shadow"); diff --git a/Bugzilla/PSGI.pm b/Bugzilla/PSGI.pm new file mode 100644 index 000000000..46352b319 --- /dev/null +++ b/Bugzilla/PSGI.pm @@ -0,0 +1,42 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# This Source Code Form is "Incompatible With Secondary Licenses", as +# defined by the Mozilla Public License, v. 2.0. + +package Bugzilla::PSGI; +use 5.10.1; +use strict; +use warnings; + +use base qw(Exporter); + +use Bugzilla::Logging; +our @EXPORT_OK = qw(compile_cgi); + +sub compile_cgi { + my ($script) = @_; + require CGI::Compile; + require CGI::Emulate::PSGI; + + my $cgi = CGI::Compile->compile($script); + my $app = CGI::Emulate::PSGI->handler( + sub { + Bugzilla::init_page(); + $cgi->(); + } + ); + return sub { + my $env = shift; + if ($env->{'psgix.cleanup'}) { + push @{ $env->{'psgix.cleanup.handler'} }, \&Bugzilla::_cleanup; + } + my $res = $app->($env); + Bugzilla::_cleanup() if not $env->{'psgix.cleanup'}; + return $res; + }; +} + + +1;
\ No newline at end of file diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm index f419955dc..643d591ca 100644 --- a/Bugzilla/Search.pm +++ b/Bugzilla/Search.pm @@ -34,6 +34,7 @@ use Date::Format; use Date::Parse; use Scalar::Util qw(blessed); use List::MoreUtils qw(all firstidx part uniq); +use List::Util qw(any); use POSIX qw(INT_MAX); use Storable qw(dclone); use Time::HiRes qw(gettimeofday tv_interval); @@ -802,18 +803,21 @@ sub data { # BMO - to avoid massive amounts of joins, if we're selecting a lot of # tracking flags, replace them with placeholders. the values will be # retrieved later and injected into the result. - my %tf_map = map { $_ => 1 } Bugzilla::Extension::TrackingFlags::Flag->get_all_names(); - my @tf_selected = grep { exists $tf_map{$_} } @orig_fields; - # mysql has a limit of 61 joins, and we want to avoid massive amounts of joins - # 30 ensures we won't hit the limit, nor generate too many joins - if (scalar @tf_selected > 30) { - foreach my $column (@tf_selected) { - $self->COLUMNS->{$column}->{name} = "'---'"; + state $have_tracking_flags = any { $_->NAME eq 'TrackingFlags' } @{ Bugzilla->extensions }; + if ($have_tracking_flags) { + my %tf_map = map { $_ => 1 } Bugzilla::Extension::TrackingFlags::Flag->get_all_names(); + my @tf_selected = grep { exists $tf_map{$_} } @orig_fields; + # mysql has a limit of 61 joins, and we want to avoid massive amounts of joins + # 30 ensures we won't hit the limit, nor generate too many joins + if (scalar @tf_selected > 30) { + foreach my $column (@tf_selected) { + $self->COLUMNS->{$column}->{name} = "'---'"; + } + $self->{tracking_flags} = \@tf_selected; + } + else { + $self->{tracking_flags} = []; } - $self->{tracking_flags} = \@tf_selected; - } - else { - $self->{tracking_flags} = []; } my $start_time = [gettimeofday()]; @@ -863,7 +867,7 @@ sub data { $self->{data} = [map { $data{$_} } @$bug_ids]; # BMO - get tracking flags values, and insert into result - if (@{ $self->{tracking_flags} }) { + if ($have_tracking_flags && @{ $self->{tracking_flags} }) { # read values my $values; $sql = " diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index ae4f9bbad..3ace60cf8 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -571,7 +571,7 @@ sub create { # if a packager has modified bz_locations() to contain absolute # paths. ABSOLUTE => 1, - RELATIVE => $ENV{MOD_PERL} ? 0 : 1, + RELATIVE => 1, # Only use an on-disk template cache if we're running as the web # server. This ensures the permissions of the cache remain correct. @@ -928,7 +928,7 @@ sub create { 'sudoer' => sub { return Bugzilla->sudoer; }, # Allow templates to access the "corect" URLBase value - 'urlbase' => sub { return Bugzilla->localconfig->{urlbase}; }, + 'urlbase' => sub { Bugzilla->urlbase }, # Allow templates to access docs url with users' preferred language 'docs_urlbase' => sub { @@ -1040,7 +1040,7 @@ sub create { # under mod_perl, use a provider (template loader) that preloads all templates into memory my $provider_class - = $ENV{MOD_PERL} + = BZ_PERSISTENT ? 'Bugzilla::Template::PreloadProvider' : 'Template::Provider'; |