summaryrefslogtreecommitdiffstats
path: root/describecomponents.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'describecomponents.cgi')
-rwxr-xr-xdescribecomponents.cgi177
1 files changed, 77 insertions, 100 deletions
diff --git a/describecomponents.cgi b/describecomponents.cgi
index 9a2b99cc2..57eef27cf 100755
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -19,8 +19,12 @@
# Rights Reserved.
#
# Contributor(s): Terry Weissman <terry@mozilla.org>
+# Bradley Baetz <bbaetz@student.usyd.edu.au>
-use vars %::FORM;
+use vars qw(
+ %FORM
+ $userid
+);
use diagnostics;
use strict;
@@ -32,120 +36,93 @@ require "CGI.pl";
ConnectToDatabase();
GetVersionTable();
-quietly_check_login();
+if (!defined $::FORM{'product'}) {
+ # Reference to a subset of %::proddesc, which the user is allowed to see
+ my %products;
+
+ if (Param("usebuggroups")) {
+ # OK, now only add products the user can see
+ confirm_login();
+ foreach my $p (@::legal_product) {
+ if (!GroupExists($p) || UserInGroup($p)) {
+ $products{$p} = $::proddesc{$p};
+ }
+ }
+ }
+ else {
+ %products = %::proddesc;
+ }
-######################################################################
-# Begin Data/Security Validation
-######################################################################
+ my $prodsize = scalar(keys %products);
+ if ($prodsize == 0) {
+ DisplayError("Either no products have been defined ".
+ "or you have not been given access to any.\n");
+ exit;
+ }
+ elsif ($prodsize > 1) {
+ $::vars->{'proddesc'} = \%products;
+ $::vars->{'target'} = "describecomponents.cgi";
+ $::vars->{'title'} = "Bugzilla component description";
+ $::vars->{'h2'} =
+ "Please specify the product whose components you want described.";
+
+ print "Content-type: text/html\n\n";
+ $::template->process("global/choose_product.tmpl", $::vars)
+ || DisplayError("Template process failed: " . $::template->error());
+ exit;
+ }
-# If this installation uses bug groups to restrict access to products,
-# only show the user products that don't have their own bug group or
-# those whose bug group the user is a member of. Otherwise, if this
-# installation doesn't use bug groups, show the user all legal products.
-my @products;
-if ( Param("usebuggroups") ) {
- @products = grep( !GroupExists($_) || UserInGroup($_) , @::legal_product );
-} else {
- @products = @::legal_product;
+ $::FORM{'product'} = (keys %::proddesc)[0];
}
-if ( defined $::FORM{'product'} ) {
- # Make sure the user specified a valid product name. Note that
- # if the user specifies a valid product name but is not authorized
- # to access that product, they will receive a different error message
- # which could enable people guessing product names to determine
- # whether or not certain products exist in Bugzilla, even if they
- # cannot get any other information about that product.
- grep( $::FORM{'product'} eq $_ , @::legal_product )
- || DisplayError("The product name is invalid.")
- && exit;
-
- # Make sure the user is authorized to access this product.
- if ( Param("usebuggroups") && GroupExists($::FORM{'product'}) ) {
- UserInGroup($::FORM{'product'})
+my $product = $::FORM{'product'};
+
+# Make sure the user specified a valid product name. Note that
+# if the user specifies a valid product name but is not authorized
+# to access that product, they will receive a different error message
+# which could enable people guessing product names to determine
+# whether or not certain products exist in Bugzilla, even if they
+# cannot get any other information about that product.
+grep($product eq $_ , @::legal_product)
+ || DisplayError("The product name is invalid.")
+ && exit;
+
+# Make sure the user is authorized to access this product.
+if (Param("usebuggroups") && GroupExists($product) && !$::userid) {
+ confirm_login();
+ UserInGroup($product)
|| DisplayError("You are not authorized to access that product.")
- && exit;
- }
+ && exit;
}
######################################################################
# End Data/Security Validation
######################################################################
-print "Content-type: text/html\n\n";
-
-my $product = $::FORM{'product'};
-if (!defined $product || lsearch(\@products, $product) < 0) {
-
- PutHeader("Bugzilla component description");
- print "
-<FORM>
-Please specify the product whose components you want described.
-<P>
-Product: <SELECT NAME=product>
-";
- print make_options(\@products);
- print "
-</SELECT>
-<P>
-<INPUT TYPE=\"submit\" VALUE=\"Submit\">
-</FORM>
-";
- PutFooter();
- exit;
-}
-
-
-PutHeader("Bugzilla component description", "Bugzilla component description",
- $product);
+my @components;
+SendSQL("SELECT value, initialowner, initialqacontact, description FROM " .
+ "components WHERE program = " . SqlQuote($product) . " ORDER BY " .
+ "value");
+while (MoreSQLData()) {
+ my ($name, $initialowner, $initialqacontact, $description) =
+ FetchSQLData();
-print "
-<TABLE>
-<tr>
-<th align=left>Component</th>
-<th align=left>Default owner</th>
-";
+ my %component;
-my $emailsuffix = Param("emailsuffix");
-my $useqacontact = Param("useqacontact");
+ $component{'name'} = $name;
+ $component{'initialowner'} = $initialowner ?
+ DBID_to_name($initialowner) : '';
+ $component{'initialqacontact'} = $initialqacontact ?
+ DBID_to_name($initialqacontact) : '';
+ $component{'description'} = $description;
-my $cols = 2;
-if ($useqacontact) {
- print "<th align=left>Default qa contact</th>";
- $cols++;
+ push @components, \%component;
}
-my $colbut1 = $cols - 1;
+$::vars->{'product'} = $product;
+$::vars->{'components'} = \@components;
-print "</tr>";
-
-SendSQL("select value, initialowner, initialqacontact, description from components where program = " . SqlQuote($product) . " order by value");
-
-my @data;
-while (MoreSQLData()) {
- push @data, [FetchSQLData()];
-}
-foreach (@data) {
- my ($component, $initialownerid, $initialqacontactid, $description) = @$_;
-
- my ($initialowner, $initialqacontact) = ($initialownerid ? DBID_to_name ($initialownerid) : '',
- $initialqacontactid ? DBID_to_name ($initialqacontactid) : '');
-
- print qq|
-<tr><td colspan=$cols><hr></td></tr>
-<tr><td rowspan=2><a name="|
-.value_quote($component).
-qq|">$component</a></td>
-<td><a href="mailto:$initialowner$emailsuffix">$initialowner</a></td>
-|;
- if ($useqacontact) {
- print qq|
-<td><a href="mailto:$initialqacontact$emailsuffix">$initialqacontact</a></td>
-|;
- }
- print "</tr><tr><td colspan=$colbut1>$description</td></tr>\n";
-}
-
-print "<tr><td colspan=$cols><hr></td></tr></table>\n";
+print "Content-type: text/html\n\n";
+$::template->process("info/describe-components.tmpl", $::vars)
+ || DisplayError("Template process failed: " . $::template->error());
-PutFooter();