summaryrefslogtreecommitdiffstats
path: root/editgroups.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'editgroups.cgi')
-rwxr-xr-xeditgroups.cgi470
1 files changed, 470 insertions, 0 deletions
diff --git a/editgroups.cgi b/editgroups.cgi
new file mode 100755
index 000000000..1f329d8ac
--- /dev/null
+++ b/editgroups.cgi
@@ -0,0 +1,470 @@
+#!/usr/bonsaitools/bin/perl -w
+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+#
+# The Original Code is the Bugzilla Bug Tracking System.
+#
+# The Initial Developer of the Original Code is Netscape Communications
+# Corporation. Portions created by Netscape are
+# Copyright (C) 1998 Netscape Communications Corporation. All
+# Rights Reserved.
+#
+# Contributor(s): Dave Miller <dave@intrec.com>
+
+# Code derived from editowners.cgi and editusers.cgi
+
+use diagnostics;
+use strict;
+
+require "CGI.pl";
+
+confirm_login();
+
+print "Content-type: text/html\n\n";
+
+if (!UserInGroup("creategroups")) {
+ PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!");
+ print "<H1>Sorry, you aren't a member of the 'creategroups' group.</H1>\n";
+ print "And so, you aren't allowed to edit the groups.\n";
+ print "<p>\n";
+ PutFooter();
+ exit;
+}
+
+my $action = trim($::FORM{action} || '');
+
+# TestGroup: check if the group name exists
+sub TestGroup ($)
+{
+ my $group = shift;
+
+ # does the group exist?
+ SendSQL("SELECT name
+ FROM groups
+ WHERE name=" . SqlQuote($group));
+ return FetchOneColumn();
+}
+
+sub ShowError ($)
+{
+ my $msgtext = shift;
+ print "<TABLE BGCOLOR=\"#FF0000\" CELLPADDING=15><TR><TD>";
+ print "<B>$msgtext</B>";
+ print "</TD></TR></TABLE><P>";
+ return 1;
+}
+
+#
+# Displays a text like "a.", "a or b.", "a, b or c.", "a, b, c or d."
+#
+
+sub PutTrailer (@)
+{
+ my (@links) = ("<a href=index.html>Back to the Main Bugs Page</a>", @_);
+
+ my $count = $#links;
+ my $num = 0;
+ print "<P>\n";
+ foreach (@links) {
+ print $_;
+ if ($num == $count) {
+ print ".\n";
+ }
+ elsif ($num == $count-1) {
+ print " or ";
+ }
+ else {
+ print ", ";
+ }
+ $num++;
+ }
+ PutFooter();
+}
+
+#
+# action='' -> No action specified, get a list.
+#
+
+unless ($action) {
+ PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in.");
+
+ print "<form method=post action=editgroups.cgi>\n";
+ print "<table border=1>\n";
+ print "<tr>";
+ print "<th>Bit</th>";
+ print "<th>Name</th>";
+ print "<th>Description</th>";
+ print "<th>User RegExp</th>";
+ print "<th>Action</th>";
+ print "</tr>\n";
+
+ SendSQL("SELECT bit,name,description,userregexp " .
+ "FROM groups " .
+ "WHERE isbuggroup != 0 " .
+ "ORDER BY bit");
+
+ while (MoreSQLData()) {
+ my ($bit, $name, $desc, $regexp) = FetchSQLData();
+ print "<tr>\n";
+ print "<td valign=middle>$bit</td>\n";
+ print "<td><input size=20 name=\"name-$bit\" value=\"$name\">\n";
+ print "<input type=hidden name=\"oldname-$bit\" value=\"$name\"></td>\n";
+ print "<td><input size=40 name=\"desc-$bit\" value=\"$desc\">\n";
+ print "<input type=hidden name=\"olddesc-$bit\" value=\"$desc\"></td>\n";
+ print "<td><input size=30 name=\"regexp-$bit\" value=\"$regexp\">\n";
+ print "<input type=hidden name=\"oldregexp-$bit\" value=\"$regexp\"></td>\n";
+ print "<td align=center valign=middle><a href=\"editgroups.cgi?action=del&group=$bit\">Delete</a></td>\n";
+ print "</tr>\n";
+ }
+
+ print "<tr>\n";
+ print "<td colspan=4></td>\n";
+ print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n";
+ print "</tr>\n";
+ print "</table>\n";
+ print "<input type=hidden name=\"action\" value=\"update\">";
+ print "<input type=submit value=\"Submit changes\">\n";
+ print "</form>\n";
+
+ print "<p>";
+ print "<b>Name</b> is what is used with the UserInGroup() function in any
+customized cgi files you write that use a given group. It can also be used by
+people submitting bugs by email to limit a bug to a certain groupset. It
+may not contain any spaces.<p>";
+ print "<b>Description</b> is what will be shown in the bug reports to
+members of the group where they can choose whether the bug will be restricted
+to others in the same group.<p>";
+ print "<b>User RegExp</b> is optional, and if filled in, will automatically
+grant membership to this group to anyone creating a new account with an
+email address that matches this regular expression.<p>";
+ print "In addition, the following groups that determine user privileges
+exist. You can not edit these, but you need to know they are here, because
+you can't duplicate the Names of any of them in your user groups either.<p>";
+
+ print "<table border=1>\n";
+ print "<tr>";
+ print "<th>Bit</th>";
+ print "<th>Name</th>";
+ print "<th>Description</th>";
+ print "</tr>\n";
+
+ SendSQL("SELECT bit,name,description " .
+ "FROM groups " .
+ "WHERE isbuggroup = 0 " .
+ "ORDER BY bit");
+
+ while (MoreSQLData()) {
+ my ($bit, $name, $desc) = FetchSQLData();
+ print "<tr>\n";
+ print "<td>$bit</td>\n";
+ print "<td>$name</td>\n";
+ print "<td>$desc</td>\n";
+ print "</tr>\n";
+ }
+
+ print "</table><p>\n";
+
+ PutFooter();
+ exit;
+}
+
+#
+# action='add' -> present form for parameters for new group
+#
+# (next action will be 'new')
+#
+
+if ($action eq 'add') {
+ PutHeader("Add group");
+
+ print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
+ print "<TABLE BORDER=1 CELLPADDING=4 CELLSPACING=0><TR>\n";
+ print "<th>New Name</th>";
+ print "<th>New Description</th>";
+ print "<th>New User RegExp</th>";
+ print "</tr><tr>";
+ print "<td><input size=20 name=\"name\"></td>\n";
+ print "<td><input size=40 name=\"desc\"></td>\n";
+ print "<td><input size=30 name=\"regexp\"></td>\n";
+ print "</TR></TABLE>\n<HR>\n";
+ print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
+ print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"new\">\n";
+ print "</FORM>";
+
+ print "<p>";
+ print "<b>Name</b> is what is used with the UserInGroup() function in any
+customized cgi files you write that use a given group. It can also be used by
+people submitting bugs by email to limit a bug to a certain groupset. It
+may not contain any spaces.<p>";
+ print "<b>Description</b> is what will be shown in the bug reports to
+members of the group where they can choose whether the bug will be restricted
+to others in the same group.<p>";
+ print "<b>User RegExp</b> is optional, and if filled in, will automatically
+grant membership to this group to anyone creating a new account with an
+email address that matches this regular expression.<p>";
+
+ PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
+ exit;
+}
+
+
+
+#
+# action='new' -> add group entered in the 'action=add' screen
+#
+
+if ($action eq 'new') {
+ PutHeader("Adding new group");
+
+ # Cleanups and valididy checks
+ my $name = trim($::FORM{name} || '');
+ my $desc = trim($::FORM{desc} || '');
+ my $regexp = trim($::FORM{regexp} || '');
+
+ unless ($name) {
+ ShowError("You must enter a name for the new group.<BR>" .
+ "Please click the <b>Back</b> button and try again.");
+ PutFooter();
+ exit;
+ }
+ unless ($desc) {
+ ShowError("You must enter a description for the new group.<BR>" .
+ "Please click the <b>Back</b> button and try again.");
+ PutFooter();
+ exit;
+ }
+ if (TestGroup($name)) {
+ ShowError("The group '" . $name . "' already exists.<BR>" .
+ "Please click the <b>Back</b> button and try again.");
+ PutFooter();
+ exit;
+ }
+
+ # Major hack for bit values... perl can't handle 64-bit ints, so I can't
+ # just do the math to get the next available bit number, gotta handle
+ # them as strings... also, we're actually only going to allow 63 bits
+ # because that's all that opblessgroupset masks for (the high bit is off
+ # to avoid signing issues).
+
+ my @bitvals = ('1','2','4','8','16','32','64','128','256','512','1024',
+ '2048','4096','8192','16384','32768',
+
+ '65535','131072','262144','524288','1048576','2097152',
+ '4194304','8388608','16777216','33554432','67108864',
+ '134217728','268435456','536870912','1073741824',
+ '2147483648',
+
+ '4294967296','8589934592','17179869184','34359738368',
+ '68719476736','137438953472','274877906944',
+ '549755813888','1099511627776','2199023255552',
+ '4398046511104','8796093022208','17592186044416',
+ '35184372088832','70368744177664','140737488355328',
+
+ '281474976710656','562949953421312','1125899906842624',
+ '2251799813685248','4503599627370496','9007199254740992',
+ '18014398509481984','36028797018963968','72057594037927936',
+ '144115188075855872','288230376151711744',
+ '576460752303423488','1152921504606846976',
+ '2305843009213693958','4611686018427387916');
+
+ # First the next available bit
+ my $bit = "";
+ foreach (@bitvals) {
+ if ($bit == "") {
+ SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($_));
+ if (!FetchOneColumn()) { $bit = $_; }
+ }
+ }
+ if ($bit == "") {
+ ShowError("Sorry, you already have the maximum number of groups " .
+ "defined.<BR><BR>You must delete a group first before you " .
+ "can add any more.</B>");
+ PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
+ exit;
+ }
+
+ # Add the new group
+ SendSQL("INSERT INTO groups ( " .
+ "bit, name, description, isbuggroup, userregexp" .
+ " ) VALUES ( " .
+ $bit . "," .
+ SqlQuote($name) . "," .
+ SqlQuote($desc) . "," .
+ "1," .
+ SqlQuote($regexp) . ")" );
+
+ print "OK, done.<p>\n";
+ print "Your new group was assigned bit #$bit.<p>";
+ PutTrailer("<a href=\"editgroups.cgi?action=add\">Add another group</a>",
+ "<a href=\"editgroups.cgi\">Back to the group list</a>");
+ exit;
+}
+
+#
+# action='del' -> ask if user really wants to delete
+#
+# (next action would be 'delete')
+#
+
+if ($action eq 'del') {
+ PutHeader("Delete group");
+ my $bit = trim($::FORM{group} || '');
+ unless ($bit) {
+ ShowError("No group specified.<BR>" .
+ "Click the <b>Back</b> button and try again.");
+ PutFooter();
+ exit;
+ }
+ SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($bit));
+ if (!FetchOneColumn()) {
+ ShowError("That group doesn't exist.<BR>" .
+ "Click the <b>Back</b> button and try again.");
+ PutFooter();
+ exit;
+ }
+ SendSQL("SELECT name,description " .
+ "FROM groups " .
+ "WHERE bit = " . SqlQuote($bit));
+
+ my ($name, $desc) = FetchSQLData();
+ print "<table border=1>\n";
+ print "<tr>";
+ print "<th>Bit</th>";
+ print "<th>Name</th>";
+ print "<th>Description</th>";
+ print "</tr>\n";
+ print "<tr>\n";
+ print "<td>$bit</td>\n";
+ print "<td>$name</td>\n";
+ print "<td>$desc</td>\n";
+ print "</tr>\n";
+ print "</table>\n";
+
+ print "<H2>Confirmation</H2>\n";
+ print "<P>Do you really want to delete this group?<P>\n";
+
+ print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
+ print "<INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n";
+ print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n";
+ print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$bit\">\n";
+ print "</FORM>";
+
+ PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>");
+ exit;
+}
+
+#
+# action='delete' -> really delete the group
+#
+
+if ($action eq 'delete') {
+ PutHeader("Deleting user");
+ ShowError("This function has not been implemented yet! (Sorry)<br>" .
+ "Try again later");
+
+ print "
+Deleting a group is not as easy as it sounds:<p>
+<OL>
+<LI>All users have to be checked to ensure anyone who is a member of this group is first removed from membership.
+<LI>All bugs have to be checked to ensure no bugs are set to use this group.
+</OL>
+If the above is not done, conflicts may occur if a new group is created that uses a bit number that has already been used in the past.<p>
+Deleting a group will be implemented very shortly, stay tuned!
+I just figured most people would be more interested in adding and editing
+groups for the time being, so I would get that done first, so I could get this out here for people to use. :)<p>
+Watch <a href=\"http://bugzilla.mozilla.org/show_bug.cgi?id=25010\">Bug 25010</a> on Mozilla's bugzilla for details.
+<p>
+";
+
+ PutTrailer("<a href=editgroups.cgi>Back to group list</a>");
+ exit;
+}
+
+#
+# action='update' -> update the groups
+#
+
+if ($action eq 'update') {
+ PutHeader("Updating groups");
+
+ my $chgs = 0;
+
+ foreach my $b (grep(/^name-\d*$/, keys %::FORM)) {
+ if ($::FORM{$b}) {
+ my $v = substr($b, 5);
+
+# print "Old: '" . $::FORM{"oldname-$v"} . "', '" . $::FORM{"olddesc-$v"} .
+# "', '" . $::FORM{"oldregexp-$v"} . "'<br>";
+# print "New: '" . $::FORM{"name-$v"} . "', '" . $::FORM{"desc-$v"} .
+# "', '" . $::FORM{"regexp-$v"} . "'<br>";
+
+ if ($::FORM{"oldname-$v"} ne $::FORM{"name-$v"}) {
+ $chgs = 1;
+ SendSQL("SELECT name FROM groups WHERE name=" .
+ SqlQuote($::FORM{"name-$v"}));
+ if (!FetchOneColumn()) {
+ SendSQL("UPDATE groups SET name=" .
+ SqlQuote($::FORM{"name-$v"}) .
+ " WHERE bit=" . SqlQuote($v));
+ print "Group $v name updated.<br>\n";
+ } else {
+ ShowError("Duplicate name '" . $::FORM{"name-$v"} .
+ "' specified for group $v.<BR>" .
+ "Update of group $v name skipped.");
+ }
+ }
+ if ($::FORM{"olddesc-$v"} ne $::FORM{"desc-$v"}) {
+ $chgs = 1;
+ SendSQL("SELECT description FROM groups WHERE description=" .
+ SqlQuote($::FORM{"desc-$v"}));
+ if (!FetchOneColumn()) {
+ SendSQL("UPDATE groups SET description=" .
+ SqlQuote($::FORM{"desc-$v"}) .
+ " WHERE bit=" . SqlQuote($v));
+ print "Group $v description updated.<br>\n";
+ } else {
+ ShowError("Duplicate description '" . $::FORM{"desc-$v"} .
+ "' specified for group $v.<BR>" .
+ "Update of group $v description skipped.");
+ }
+ }
+ if ($::FORM{"oldregexp-$v"} ne $::FORM{"regexp-$v"}) {
+ $chgs = 1;
+ SendSQL("UPDATE groups SET userregexp=" .
+ SqlQuote($::FORM{"regexp-$v"}) .
+ " WHERE bit=" . SqlQuote($v));
+ print "Group $v user regexp updated.<br>\n";
+ }
+ }
+ }
+ if (!$chgs) {
+ print "You didn't change anything!<BR>\n";
+ print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n";
+ } else {
+ print "Done.<p>\n";
+ }
+ PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
+ exit;
+}
+
+#
+# No valid action found
+#
+
+PutHeader("Error");
+print "I don't have a clue what you want.<BR>\n";
+
+foreach ( sort keys %::FORM) {
+ print "$_: $::FORM{$_}<BR>\n";
+}
+
+PutTrailer("<a href=editgroups.cgi>Try the group list</a>");