diff options
Diffstat (limited to 'request.cgi')
| -rwxr-xr-x | request.cgi | 102 |
1 files changed, 61 insertions, 41 deletions
diff --git a/request.cgi b/request.cgi index 16d7662e8..589d773fb 100755 --- a/request.cgi +++ b/request.cgi @@ -46,8 +46,12 @@ my $cgi = Bugzilla->cgi; Bugzilla->switch_to_shadow_db; my $template = Bugzilla->template; my $action = $cgi->param('action') || ''; +my $format = $template->get_format('request/queue', + scalar($cgi->param('format')), + scalar($cgi->param('ctype'))); -print $cgi->header(); +$cgi->set_dated_content_disp("inline", "requests", $format->{extension}); +print $cgi->header($format->{'ctype'}); ################################################################################ # Main Body Execution @@ -66,7 +70,7 @@ unless (defined $cgi->param('requestee') Bugzilla::User::match_field($fields); if ($action eq 'queue') { - queue(); + queue($format); } else { my $flagtypes = get_flag_types(); @@ -84,8 +88,8 @@ else { } $vars->{'components'} = [ sort { $a cmp $b } keys %components ]; - $template->process('request/queue.html.tmpl', $vars) - || ThrowTemplateError($template->error()); + $template->process($format->{'template'}, $vars) + || ThrowTemplateError($template->error()); } exit; @@ -94,6 +98,7 @@ exit; ################################################################################ sub queue { + my $format = shift; my $cgi = Bugzilla->cgi; my $dbh = Bugzilla->dbh; my $template = Bugzilla->template; @@ -114,7 +119,11 @@ sub queue { flags.attach_id, attachments.description, requesters.realname, requesters.login_name, requestees.realname, requestees.login_name, COUNT(privs.group_id), - " . $dbh->sql_date_format('flags.modification_date', '%Y.%m.%d %H:%i') . + " . $dbh->sql_date_format('flags.modification_date', '%Y.%m.%d %H:%i') . ", + attachments.ispatch, + bugs.bug_status, + bugs.priority, + bugs.bug_severity " . # Use the flags and flagtypes tables for information about the flags, # the bugs and attachments tables for target info, the profiles tables # for setter and requestee info, the products/components tables @@ -174,48 +183,57 @@ sub queue { # need to display a "status" column in the report because the value for that # column will always be the same. my @excluded_columns = (); - - # Filter requests by status: "pending", "granted", "denied", "all" - # (which means any), or "fulfilled" (which means "granted" or "denied"). - if ($status) { - if ($status eq "+-") { - push(@criteria, "flags.status IN ('+', '-')"); - push(@excluded_columns, 'status') unless $cgi->param('do_union'); - } - elsif ($status ne "all") { - push(@criteria, "flags.status = '$status'"); - push(@excluded_columns, 'status') unless $cgi->param('do_union'); - } - } - + my $do_union = $cgi->param('do_union'); + # Filter results by exact email address of requester or requestee. if (defined $cgi->param('requester') && $cgi->param('requester') ne "") { my $requester = $dbh->quote($cgi->param('requester')); trick_taint($requester); # Quoted above push(@criteria, $dbh->sql_istrcmp('requesters.login_name', $requester)); - push(@excluded_columns, 'requester') unless $cgi->param('do_union'); + push(@excluded_columns, 'requester') unless $do_union; } if (defined $cgi->param('requestee') && $cgi->param('requestee') ne "") { if ($cgi->param('requestee') ne "-") { my $requestee = $dbh->quote($cgi->param('requestee')); trick_taint($requestee); # Quoted above - push(@criteria, $dbh->sql_istrcmp('requestees.login_name', - $requestee)); + push(@criteria, $dbh->sql_istrcmp('requestees.login_name', $requestee)); + } + else { + push(@criteria, "flags.requestee_id IS NULL"); + } + push(@excluded_columns, 'requestee') unless $do_union; + } + + # If the user wants requester = foo OR requestee = bar, we have to join + # these criteria separately as all other criteria use AND. + if (@criteria == 2 && $do_union) { + my $union = join(' OR ', @criteria); + @criteria = ("($union)"); + } + + # Filter requests by status: "pending", "granted", "denied", "all" + # (which means any), or "fulfilled" (which means "granted" or "denied"). + if ($status) { + if ($status eq "+-") { + push(@criteria, "flags.status IN ('+', '-')"); + push(@excluded_columns, 'status'); + } + elsif ($status ne "all") { + push(@criteria, "flags.status = '$status'"); + push(@excluded_columns, 'status'); } - else { push(@criteria, "flags.requestee_id IS NULL") } - push(@excluded_columns, 'requestee') unless $cgi->param('do_union'); } - + # Filter results by exact product or component. if (defined $cgi->param('product') && $cgi->param('product') ne "") { my $product = Bugzilla::Product->check(scalar $cgi->param('product')); push(@criteria, "bugs.product_id = " . $product->id); - push(@excluded_columns, 'product') unless $cgi->param('do_union'); + push(@excluded_columns, 'product'); if (defined $cgi->param('component') && $cgi->param('component') ne "") { my $component = Bugzilla::Component->check({ product => $product, name => scalar $cgi->param('component') }); push(@criteria, "bugs.component_id = " . $component->id); - push(@excluded_columns, 'component') unless $cgi->param('do_union'); + push(@excluded_columns, 'component'); } } @@ -233,15 +251,11 @@ sub queue { my $quoted_form_type = $dbh->quote($form_type); trick_taint($quoted_form_type); # Already SQL quoted push(@criteria, "flagtypes.name = " . $quoted_form_type); - push(@excluded_columns, 'type') unless $cgi->param('do_union'); + push(@excluded_columns, 'type'); } - - # Add the criteria to the query. We do an intersection by default - # but do a union if the "do_union" URL parameter (for which there is no UI - # because it's an advanced feature that people won't usually want) is true. - my $and_or = $cgi->param('do_union') ? " OR " : " AND "; - $query .= " AND (" . join($and_or, @criteria) . ") " if scalar(@criteria); - + + $query .= ' AND ' . join(' AND ', @criteria) if scalar(@criteria); + # Group the records by flag ID so we don't get multiple rows of data # for each flag. This is only necessary because of the code that # removes flags on bugs the user is unauthorized to access. @@ -250,9 +264,9 @@ sub queue { products.name, components.name, flags.attach_id, attachments.description, requesters.realname, requesters.login_name, requestees.realname, - requestees.login_name, flags.modification_date, + requestees.login_name, flags.modification_date, attachments.ispatch cclist_accessible, bugs.reporter, bugs.reporter_accessible, - bugs.assigned_to'); + bugs.assigned_to, attachments.ispatch'); # Group the records, in other words order them by the group column # so the loop in the display template can break them up into separate @@ -278,7 +292,7 @@ sub queue { # Pass the query to the template for use when debugging this script. $vars->{'query'} = $query; $vars->{'debug'} = $cgi->param('debug') ? 1 : 0; - + my $results = $dbh->selectall_arrayref($query); my @requests = (); foreach my $result (@$results) { @@ -295,7 +309,11 @@ sub queue { 'requester' => ($data[9] ? "$data[9] <$data[10]>" : $data[10]) , 'requestee' => ($data[11] ? "$data[11] <$data[12]>" : $data[12]) , 'restricted' => $data[13] ? 1 : 0, - 'created' => $data[14] + 'created' => $data[14], + 'ispatch' => $data[15], + 'bug_status' => $data[16], + 'priority' => $data[17], + 'bug_severity' => $data[18], }; push(@requests, $request); } @@ -318,9 +336,11 @@ sub queue { } $vars->{'components'} = [ sort { $a cmp $b } keys %components ]; + $vars->{'urlquerypart'} = $cgi->canonicalise_query('ctype'); + # Generate and return the UI (HTML page) from the appropriate template. - $template->process("request/queue.html.tmpl", $vars) - || ThrowTemplateError($template->error()); + $template->process($format->{'template'}, $vars) + || ThrowTemplateError($template->error()); } ################################################################################ |