From 630116a9c9905a9dae515979c533e4830d6783b0 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Sat, 27 Aug 2005 02:46:27 +0000 Subject: Bug 303704: Eliminate deprecated Bugzilla::DB routines from editgroups.cgi - Patch by Frédéric Buclin r=joel a=justdave MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- editgroups.cgi | 332 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 164 insertions(+), 168 deletions(-) (limited to 'editgroups.cgi') diff --git a/editgroups.cgi b/editgroups.cgi index b9759910b..62519fc54 100755 --- a/editgroups.cgi +++ b/editgroups.cgi @@ -41,7 +41,7 @@ use vars qw($template $vars); Bugzilla->login(LOGIN_REQUIRED); -print Bugzilla->cgi->header(); +print $cgi->header(); UserInGroup("creategroups") || ThrowUserError("auth_failure", {group => "creategroups", @@ -148,13 +148,14 @@ sub CheckGroupRegexp { unless ($action) { my @groups; - SendSQL("SELECT id,name,description,userregexp,isactive,isbuggroup " . - "FROM groups " . - "ORDER BY isbuggroup, name"); + my $group_list = + $dbh->selectall_arrayref('SELECT id, name, description, + userregexp, isactive, isbuggroup + FROM groups + ORDER BY isbuggroup, name'); - while (MoreSQLData()) { - my ($id, $name, $description, $regexp, $isactive, $isbuggroup) - = FetchSQLData(); + foreach (@$group_list) { + my ($id, $name, $description, $regexp, $isactive, $isbuggroup) = @$_; my $group = {}; $group->{'id'} = $id; $group->{'name'} = $name; @@ -168,7 +169,7 @@ unless ($action) { $vars->{'groups'} = \@groups; - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/list.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -195,29 +196,34 @@ if ($action eq 'changeform') { # this one my @groups; - SendSQL("SELECT groups.id, groups.name, groups.description," . - " CASE WHEN group_group_map.member_id IS NOT NULL THEN 1 ELSE 0 END," . - " CASE WHEN B.member_id IS NOT NULL THEN 1 ELSE 0 END," . - " CASE WHEN C.member_id IS NOT NULL THEN 1 ELSE 0 END" . - " FROM groups" . - " LEFT JOIN group_group_map" . - " ON group_group_map.member_id = groups.id" . - " AND group_group_map.grantor_id = $group_id" . - " AND group_group_map.grant_type = " . GROUP_MEMBERSHIP . - " LEFT JOIN group_group_map as B" . - " ON B.member_id = groups.id" . - " AND B.grantor_id = $group_id" . - " AND B.grant_type = " . GROUP_BLESS . - " LEFT JOIN group_group_map as C" . - " ON C.member_id = groups.id" . - " AND C.grantor_id = $group_id" . - " AND C.grant_type = " . GROUP_VISIBLE . - " ORDER by name"); - - while (MoreSQLData()) { - my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember, $membercansee) - = FetchSQLData(); - + my $group_list = + $dbh->selectall_arrayref('SELECT groups.id, groups.name, groups.description, + CASE WHEN group_group_map.member_id IS NOT NULL + THEN 1 ELSE 0 END, + CASE WHEN B.member_id IS NOT NULL + THEN 1 ELSE 0 END, + CASE WHEN C.member_id IS NOT NULL + THEN 1 ELSE 0 END + FROM groups + LEFT JOIN group_group_map + ON group_group_map.member_id = groups.id + AND group_group_map.grantor_id = ? + AND group_group_map.grant_type = ? + LEFT JOIN group_group_map as B + ON B.member_id = groups.id + AND B.grantor_id = ? + AND B.grant_type = ? + LEFT JOIN group_group_map as C + ON C.member_id = groups.id + AND C.grantor_id = ? + AND C.grant_type = ? + ORDER by name', + undef, ($group_id, GROUP_MEMBERSHIP, + $group_id, GROUP_BLESS, + $group_id, GROUP_VISIBLE)); + + foreach (@$group_list) { + my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember, $membercansee) = @$_; my $group = {}; $group->{'grpid'} = $grpid; $group->{'grpnam'} = $grpnam; @@ -236,7 +242,7 @@ if ($action eq 'changeform') { $vars->{'isbuggroup'} = $isbuggroup; $vars->{'groups'} = \@groups; - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/edit.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -250,7 +256,7 @@ if ($action eq 'changeform') { # if ($action eq 'add') { - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/create.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -273,37 +279,35 @@ if ($action eq 'new') { my $isactive = $cgi->param('isactive') ? 1 : 0; # Add the new group - SendSQL("INSERT INTO groups ( " . - "name, description, isbuggroup, userregexp, isactive, last_changed " . - " ) VALUES ( " . - SqlQuote($name) . ", " . - SqlQuote($desc) . ", " . - "1," . - SqlQuote($regexp) . ", " . - $isactive . ", NOW())" ); + $dbh->do('INSERT INTO groups + (name, description, isbuggroup, + userregexp, isactive, last_changed) + VALUES (?, ?, 1, ?, ?, NOW())', + undef, ($name, $desc, $regexp, $isactive)); + my $gid = $dbh->bz_last_key('groups', 'id'); my $admin = GroupNameToId('admin'); # Since we created a new group, give the "admin" group all privileges # initially. - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid, " . GROUP_MEMBERSHIP . ")"); - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid, " . GROUP_BLESS . ")"); - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid, " . GROUP_VISIBLE . ")"); + my $sth = $dbh->prepare('INSERT INTO group_group_map + (member_id, grantor_id, grant_type) + VALUES (?, ?, ?)'); + + $sth->execute($admin, $gid, GROUP_MEMBERSHIP); + $sth->execute($admin, $gid, GROUP_BLESS); + $sth->execute($admin, $gid, GROUP_VISIBLE); + # Permit all existing products to use the new group if makeproductgroups. if ($cgi->param('insertnew')) { - SendSQL("INSERT INTO group_control_map " . - "(group_id, product_id, entry, membercontrol, " . - "othercontrol, canedit) " . - "SELECT $gid, products.id, 0, " . - CONTROLMAPSHOWN . ", " . - CONTROLMAPNA . ", 0 " . - "FROM products"); + $dbh->do('INSERT INTO group_control_map + (group_id, product_id, entry, membercontrol, + othercontrol, canedit) + SELECT ?, products.id, 0, ?, ?, 0 FROM products', + undef, ($gid, CONTROLMAPSHOWN, CONTROLMAPNA)); } RederiveRegexp($regexp, $gid); - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/created.html.tmpl", $vars) || ThrowTemplateError($template->error()); exit; @@ -327,38 +331,24 @@ if ($action eq 'del') { ThrowUserError("system_group_not_deletable", { name => $name }); } - my $hasusers = 0; - SendSQL("SELECT user_id FROM user_group_map - WHERE group_id = $gid AND isbless = 0"); - if (FetchOneColumn()) { - $hasusers = 1; - } - - my $hasbugs = 0; - my $buglist = "0"; - SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid"); + my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map + WHERE group_id = ? AND isbless = 0 ' . + $dbh->sql_limit(1), + undef, $gid) || 0; - if (MoreSQLData()) { - $hasbugs = 1; + my $bug_ids = $dbh->selectcol_arrayref('SELECT bug_id FROM bug_group_map + WHERE group_id = ?', undef, $gid); - while (MoreSQLData()) { - my ($bug) = FetchSQLData(); - $buglist .= "," . $bug; - } - } + my $hasbugs = scalar(@$bug_ids) ? 1 : 0; + my $buglist = join(',', @$bug_ids); - my $hasproduct = 0; - SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name)); - if (MoreSQLData()) { - $hasproduct = 1; - } + my $hasproduct = get_product_id($name) ? 1 : 0; - my $hasflags = 0; - SendSQL("SELECT id FROM flagtypes - WHERE grant_group_id = $gid OR request_group_id = $gid"); - if (FetchOneColumn()) { - $hasflags = 1; - } + my $hasflags = $dbh->selectrow_array('SELECT 1 FROM flagtypes + WHERE grant_group_id = ? + OR request_group_id = ? ' . + $dbh->sql_limit(1), + undef, ($gid, $gid)) || 0; $vars->{'gid'} = $gid; $vars->{'name'} = $name; @@ -369,7 +359,7 @@ if ($action eq 'del') { $vars->{'hasflags'} = $hasflags; $vars->{'buglist'} = $buglist; - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/delete.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -394,53 +384,62 @@ if ($action eq 'delete') { my $cantdelete = 0; - SendSQL("SELECT user_id FROM user_group_map - WHERE group_id = $gid AND isbless = 0"); - if (FetchOneColumn()) { - if (!defined $cgi->param('removeusers')) { - $cantdelete = 1; - } + my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map + WHERE group_id = ? AND isbless = 0 ' . + $dbh->sql_limit(1), + undef, $gid) || 0; + if ($hasusers && !defined $cgi->param('removeusers')) { + $cantdelete = 1; } - SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid"); - if (FetchOneColumn()) { - if (!defined $cgi->param('removebugs')) { - $cantdelete = 1; - } + + my $hasbugs = $dbh->selectrow_array('SELECT 1 FROM bug_group_map + WHERE group_id = ? ' . + $dbh->sql_limit(1), + undef, $gid) || 0; + if ($hasbugs && !defined $cgi->param('removebugs')) { + $cantdelete = 1; } - SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name)); - if (FetchOneColumn()) { - if (!defined $cgi->param('unbind')) { - $cantdelete = 1; - } + + if (get_product_id($name) && !defined $cgi->param('unbind')) { + $cantdelete = 1; } - SendSQL("SELECT id FROM flagtypes - WHERE grant_group_id = $gid OR request_group_id = $gid"); - if (FetchOneColumn()) { - if (!defined $cgi->param('removeflags')) { - $cantdelete = 1; - } + + my $hasflags = $dbh->selectrow_array('SELECT 1 FROM flagtypes + WHERE grant_group_id = ? + OR request_group_id = ? ' . + $dbh->sql_limit(1), + undef, ($gid, $gid)) || 0; + if ($hasflags && !defined $cgi->param('removeflags')) { + $cantdelete = 1; } if (!$cantdelete) { - SendSQL("UPDATE flagtypes SET grant_group_id = NULL - WHERE grant_group_id = $gid"); - SendSQL("UPDATE flagtypes SET request_group_id = NULL - WHERE request_group_id = $gid"); - SendSQL("DELETE FROM user_group_map WHERE group_id = $gid"); - SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid"); - SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid"); - SendSQL("DELETE FROM group_control_map WHERE group_id = $gid"); - SendSQL("DELETE FROM whine_schedules WHERE " . - "mailto_type = " . MAILTO_GROUP . " " . - "AND mailto = $gid"); - SendSQL("DELETE FROM groups WHERE id = $gid"); + $dbh->do('UPDATE flagtypes SET grant_group_id = ? + WHERE grant_group_id = ?', + undef, (undef, $gid)); + $dbh->do('UPDATE flagtypes SET request_group_id = ? + WHERE request_group_id = ?', + undef, (undef, $gid)); + $dbh->do('DELETE FROM user_group_map WHERE group_id = ?', + undef, $gid); + $dbh->do('DELETE FROM group_group_map WHERE grantor_id = ?', + undef, $gid); + $dbh->do('DELETE FROM bug_group_map WHERE group_id = ?', + undef, $gid); + $dbh->do('DELETE FROM group_control_map WHERE group_id = ?', + undef, $gid); + $dbh->do('DELETE FROM whine_schedules + WHERE mailto_type = ? AND mailto = ?', + undef, (MAILTO_GROUP, $gid)); + $dbh->do('DELETE FROM groups WHERE id = ?', + undef, $gid); } $vars->{'gid'} = $gid; $vars->{'name'} = $name; $vars->{'cantdelete'} = $cantdelete; - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/deleted.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -474,7 +473,7 @@ if ($action eq 'postchanges') { $vars->{'regexp'} = $regexp; } - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/change.html.tmpl", $vars) || ThrowTemplateError($template->error()); exit; @@ -487,19 +486,20 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { my $gid = CheckGroupID($cgi->param('group')); - my $sth = $dbh->prepare("SELECT name, userregexp FROM groups - WHERE id = ?"); - $sth->execute($gid); - my ($name, $regexp) = $sth->fetchrow_array(); + my ($name, $regexp) = + $dbh->selectrow_array('SELECT name, userregexp FROM groups + WHERE id = ?', undef, $gid); + $dbh->bz_lock_tables('groups WRITE', 'profiles READ', 'user_group_map WRITE'); - $sth = $dbh->prepare("SELECT user_group_map.user_id, profiles.login_name - FROM user_group_map - INNER JOIN profiles - ON user_group_map.user_id = profiles.userid - WHERE user_group_map.group_id = ? - AND grant_type = ? - AND isbless = 0"); + + my $sth = $dbh->prepare("SELECT user_group_map.user_id, profiles.login_name + FROM user_group_map + INNER JOIN profiles + ON user_group_map.user_id = profiles.userid + WHERE user_group_map.group_id = ? + AND grant_type = ? + AND isbless = 0"); $sth->execute($gid, GRANT_DIRECT); my @users; @@ -507,11 +507,12 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { WHERE user_id = ? AND isbless = 0 AND group_id = ?"); + while ( my ($userid, $userlogin) = $sth->fetchrow_array() ) { if ((($regexp =~ /\S/) && ($userlogin =~ m/$regexp/i)) || ($action eq 'remove_all')) { - $sth2->execute($userid,$gid); + $sth2->execute($userid, $gid); my $user = {}; $user->{'login'} = $userlogin; @@ -519,10 +520,8 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { } } - $sth = $dbh->prepare("UPDATE groups - SET last_changed = NOW() - WHERE id = ?"); - $sth->execute($gid); + $dbh->do('UPDATE groups SET last_changed = NOW() + WHERE id = ?', undef, $gid); $dbh->bz_unlock_tables(); $vars->{'users'} = \@users; @@ -531,7 +530,7 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { $vars->{'remove_all'} = ($action eq 'remove_all'); $vars->{'gid'} = $gid; - print Bugzilla->cgi->header(); + print $cgi->header(); $template->process("admin/groups/remove.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -550,7 +549,6 @@ ThrowCodeError("action_unrecognized", $vars); sub doGroupChanges { my $cgi = Bugzilla->cgi; my $dbh = Bugzilla->dbh; - my $sth; $dbh->bz_lock_tables('groups WRITE', 'group_group_map WRITE', 'user_group_map WRITE', 'profiles READ', @@ -563,8 +561,8 @@ sub doGroupChanges { # The name and the description of system groups cannot be edited. # We then need to know if the group being edited is a system group. - SendSQL("SELECT isbuggroup FROM groups WHERE id = $gid"); - my ($isbuggroup) = FetchSQLData(); + my $isbuggroup = $dbh->selectrow_array('SELECT isbuggroup FROM groups + WHERE id = ?', undef, $gid); my $name; my $desc; my $isactive; @@ -583,27 +581,36 @@ sub doGroupChanges { if ($name ne $cgi->param('oldname')) { $chgs = 1; - $sth = $dbh->do("UPDATE groups SET name = ? WHERE id = ?", - undef, $name, $gid); + $dbh->do('UPDATE groups SET name = ? WHERE id = ?', + undef, ($name, $gid)); } if ($desc ne $cgi->param('olddesc')) { $chgs = 1; - $sth = $dbh->do("UPDATE groups SET description = ? WHERE id = ?", - undef, $desc, $gid); + $dbh->do('UPDATE groups SET description = ? WHERE id = ?', + undef, ($desc, $gid)); } if ($isactive ne $cgi->param('oldisactive')) { $chgs = 1; - $sth = $dbh->do("UPDATE groups SET isactive = ? WHERE id = ?", - undef, $isactive, $gid); + $dbh->do('UPDATE groups SET isactive = ? WHERE id = ?', + undef, ($isactive, $gid)); } } if ($regexp ne $cgi->param('oldregexp')) { $chgs = 1; - $sth = $dbh->do("UPDATE groups SET userregexp = ? WHERE id = ?", - undef, $regexp, $gid); + $dbh->do('UPDATE groups SET userregexp = ? WHERE id = ?', + undef, ($regexp, $gid)); RederiveRegexp($regexp, $gid); } + my $sthInsert = $dbh->prepare('INSERT INTO group_group_map + (member_id, grantor_id, grant_type) + VALUES (?, ?, ?)'); + + my $sthDelete = $dbh->prepare('DELETE FROM group_group_map + WHERE member_id = ? + AND grantor_id = ? + AND grant_type = ?'); + foreach my $b (grep {/^oldgrp-\d*$/} $cgi->param()) { if (defined($cgi->param($b))) { $b =~ /^oldgrp-(\d+)$/; @@ -612,13 +619,9 @@ sub doGroupChanges { if (($v != $gid) && ($cgi->param("oldgrp-$v") != $grp)) { $chgs = 1; if ($grp != 0) { - SendSQL("INSERT INTO group_group_map - (member_id, grantor_id, grant_type) - VALUES ($v, $gid," . GROUP_MEMBERSHIP . ")"); + $sthInsert->execute($v, $gid, GROUP_MEMBERSHIP); } else { - SendSQL("DELETE FROM group_group_map - WHERE member_id = $v AND grantor_id = $gid - AND grant_type = " . GROUP_MEMBERSHIP); + $sthDelete->execute($v, $gid, GROUP_MEMBERSHIP); } } @@ -627,13 +630,9 @@ sub doGroupChanges { if ((defined $oldbless) and ($oldbless != $bless)) { $chgs = 1; if ($bless != 0) { - SendSQL("INSERT INTO group_group_map - (member_id, grantor_id, grant_type) - VALUES ($v, $gid," . GROUP_BLESS . ")"); + $sthInsert->execute($v, $gid, GROUP_BLESS); } else { - SendSQL("DELETE FROM group_group_map - WHERE member_id = $v AND grantor_id = $gid - AND grant_type = " . GROUP_BLESS); + $sthDelete->execute($v, $gid, GROUP_BLESS); } } @@ -642,22 +641,19 @@ sub doGroupChanges { && ($cgi->param("oldcansee-$v") != $cansee)) { $chgs = 1; if ($cansee != 0) { - SendSQL("INSERT INTO group_group_map - (member_id, grantor_id, grant_type) - VALUES ($v, $gid," . GROUP_VISIBLE . ")"); + $sthInsert->execute($v, $gid, GROUP_VISIBLE); } else { - SendSQL("DELETE FROM group_group_map - WHERE member_id = $v AND grantor_id = $gid - AND grant_type = " . GROUP_VISIBLE); + $sthDelete->execute($v, $gid, GROUP_VISIBLE); } } } } - + if ($chgs) { # mark the changes - SendSQL("UPDATE groups SET last_changed = NOW() WHERE id = $gid"); + $dbh->do('UPDATE groups SET last_changed = NOW() + WHERE id = ?', undef, $gid); } $dbh->bz_unlock_tables(); return $gid, $chgs, $name, $regexp; -- cgit v1.2.3-24-g4f1b