summaryrefslogtreecommitdiffstats
path: root/describecomponents.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'describecomponents.cgi')
-rwxr-xr-xdescribecomponents.cgi67
1 files changed, 22 insertions, 45 deletions
diff --git a/describecomponents.cgi b/describecomponents.cgi
index c00f39bed..87a1eed32 100755
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -20,6 +20,7 @@
#
# Contributor(s): Terry Weissman <terry@mozilla.org>
# Bradley Baetz <bbaetz@student.usyd.edu.au>
+# Frédéric Buclin <LpSolit@gmail.com>
use strict;
use lib qw(.);
@@ -27,83 +28,59 @@ use lib qw(.);
use Bugzilla;
use Bugzilla::Constants;
require "globals.pl";
-
-use vars qw(@legal_product);
+use Bugzilla::Product;
my $user = Bugzilla->login();
-GetVersionTable();
-
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
my $template = Bugzilla->template;
my $vars = {};
-my $product = trim($cgi->param('product') || '');
-my $product_id = get_product_id($product);
-if (!$product_id || !$user->can_enter_product($product)) {
+print $cgi->header();
+
+my $product_name = trim($cgi->param('product') || '');
+my $product = new Bugzilla::Product({'name' => $product_name});
+
+unless ($product && $user->can_enter_product($product->name)) {
# Products which the user is allowed to see.
- my @products = @{$user->get_enterable_products()};
+ my @products = @{$user->get_enterable_products};
if (scalar(@products) == 0) {
ThrowUserError("no_products");
}
- elsif (scalar(@products) > 1) {
- # XXX - For backwards-compatibility with old template
- # interfaces, we now create a proddesc hash. This can go away
- # once we update the templates.
- my %product_desc;
- foreach my $product (@products) {
- $product_desc{$product->name} = $product->description;
- }
- $vars->{'proddesc'} = \%product_desc;
+ # If there is only one product available but the user entered
+ # another product name, we display a list with this single
+ # product only, to not confuse the user with components of a
+ # product he didn't request.
+ elsif (scalar(@products) > 1 || $product_name) {
+ $vars->{'products'} = \@products;
$vars->{'target'} = "describecomponents.cgi";
# If an invalid product name is given, or the user is not
# allowed to access that product, a message is displayed
# with a list of the products the user can choose from.
- if ($product) {
+ if ($product_name) {
$vars->{'message'} = "product_invalid";
- $vars->{'product'} = $product;
+ # Do not use $product->name here, else you could use
+ # this way to determine whether the product exists or not.
+ $vars->{'product'} = $product_name;
}
- print $cgi->header();
$template->process("global/choose-product.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
}
- # Else, if there is only one product:
- $product = $products[0]->name;
- $product_id = $products[0]->id;
+ # If there is only one product available and the user didn't specify
+ # any product name, we show this product.
+ $product = $products[0];
}
######################################################################
# End Data/Security Validation
######################################################################
-my @components;
-my $comps = $dbh->selectall_arrayref(
- q{SELECT name, initialowner, initialqacontact, description
- FROM components
- WHERE product_id = ?
- ORDER BY name}, undef, $product_id);
-foreach my $comp (@$comps) {
- my ($name, $initialowner, $initialqacontact, $description) = @$comp;
- my %component;
-
- $component{'name'} = $name;
- $component{'initialowner'} = $initialowner ?
- DBID_to_name($initialowner) : '';
- $component{'initialqacontact'} = $initialqacontact ?
- DBID_to_name($initialqacontact) : '';
- $component{'description'} = $description;
-
- push @components, \%component;
-}
-
$vars->{'product'} = $product;
-$vars->{'components'} = \@components;
-print $cgi->header();
$template->process("reports/components.html.tmpl", $vars)
|| ThrowTemplateError($template->error());