# -*- Mode: perl; indent-tabs-mode: nil -*- # # The contents of this file are subject to the Mozilla Public # License Version 1.1 (the "License"); you may not use this file # except in compliance with the License. You may obtain a copy of # the License at http://www.mozilla.org/MPL/ # # Software distributed under the License is distributed on an "AS # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or # implied. See the License for the specific language governing # rights and limitations under the License. # # The Original Code is the Bugzilla Bug Tracking System. # # The Initial Developer of the Original Code is Everything Solved. # Portions created by Everything Solved are Copyright (C) 2006 # Everything Solved. All Rights Reserved. # # Contributor(s): Max Kanat-Alexander # Frédéric Buclin use strict; package Bugzilla::Object; use Bugzilla::Util; use Bugzilla::Error; use constant NAME_FIELD => 'name'; use constant ID_FIELD => 'id'; use constant LIST_ORDER => NAME_FIELD; ############################### #### Initialization #### ############################### sub new { my $invocant = shift; my $class = ref($invocant) || $invocant; my $object = $class->_init(@_); bless($object, $class) if $object; return $object; } # Note: Because this uses sql_istrcmp, if you make a new object use # Bugzilla::Object, make sure that you modify bz_setup_database # in Bugzilla::DB::Pg appropriately, to add the right LOWER # index. You can see examples already there. sub _init { my $class = shift; my ($param) = @_; my $dbh = Bugzilla->dbh; my $columns = join(',', $class->DB_COLUMNS); my $table = $class->DB_TABLE; my $name_field = $class->NAME_FIELD; my $id_field = $class->ID_FIELD; my $id = $param unless (ref $param eq 'HASH'); my $object; if (defined $id) { detaint_natural($id) || ThrowCodeError('param_must_be_numeric', {function => $class . '::_init'}); $object = $dbh->selectrow_hashref(qq{ SELECT $columns FROM $table WHERE $id_field = ?}, undef, $id); } elsif (defined $param->{'name'}) { trick_taint($param->{'name'}); $object = $dbh->selectrow_hashref(qq{ SELECT $columns FROM $table WHERE } . $dbh->sql_istrcmp($name_field, '?'), undef, $param->{'name'}); } else { ThrowCodeError('bad_arg', {argument => 'param', function => $class . '::_init'}); } return $object; } sub new_from_list { my $class = shift; my ($id_list) = @_; my $dbh = Bugzilla->dbh; my $columns = join(',', $class->DB_COLUMNS); my $table = $class->DB_TABLE; my $order = $class->LIST_ORDER; my $id_field = $class->ID_FIELD; my $objects; if (@$id_list) { my @detainted_ids; foreach my $id (@$id_list) { detaint_natural($id) || ThrowCodeError('param_must_be_numeric', {function => $class . '::new_from_list'}); push(@detainted_ids, $id); } $objects = $dbh->selectall_arrayref( "SELECT $columns FROM $table WHERE $id_field IN (" . join(',', @detainted_ids) . ") ORDER BY $order", {Slice=>{}}); } else { return []; } foreach my $object (@$objects) { bless($object, $class); } return $objects; } ############################### #### Accessors ###### ############################### sub id { return $_[0]->{'id'}; } sub name { return $_[0]->{'name'}; } ############################### #### Methods #### ############################### sub set { my ($self, $field, $value) = @_; # This method is protected. It's used to help implement set_ functions. caller->isa('Bugzilla::Object') || ThrowCodeError('protection_violation', { caller => caller, superclass => __PACKAGE__, function => 'Bugzilla::Object->set' }); my $validators = $self->VALIDATORS; if (exists $validators->{$field}) { my $validator = $validators->{$field}; $value = $self->$validator($value, $field); } $self->{$field} = $value; } sub update { my $self = shift; my $dbh = Bugzilla->dbh; my $table = $self->DB_TABLE; my $id_field = $self->ID_FIELD; my $columns = join(', ', map {"$_ = ?"} $self->UPDATE_COLUMNS); my @values; foreach my $column ($self->UPDATE_COLUMNS) { my $value = $self->{$column}; trick_taint($value) if defined $value; push(@values, $value); } $dbh->do("UPDATE $table SET $columns WHERE $id_field = ?", undef, @values, $self->id); } ############################### #### Subroutines ###### ############################### sub create { my ($class, $params) = @_; my $dbh = Bugzilla->dbh; $class->check_required_create_fields($params); my $field_values = $class->run_create_validators($params); return $class->insert_create_data($field_values); } sub check_required_create_fields { my ($class, $params) = @_; foreach my $field ($class->REQUIRED_CREATE_FIELDS) { ThrowCodeError('param_required', { function => "${class}->create", param => $field }) if !exists $params->{$field}; } } sub run_create_validators { my ($class, $params) = @_; my $validators = $class->VALIDATORS; my %field_values; # We do the sort just to make sure that validation always # happens in a consistent order. foreach my $field (sort keys %$params) { my $value; if (exists $validators->{$field}) { my $validator = $validators->{$field}; $value = $class->$validator($params->{$field}, $field); } else { $value = $params->{$field}; } # We want people to be able to explicitly set fields to NULL, # and that means they can be set to undef. trick_taint($value) if defined $value && !ref($value); $field_values{$field} = $value; } return \%field_values; } sub insert_create_data { my ($class, $field_values) = @_; my $dbh = Bugzilla->dbh; my (@field_names, @values); while (my ($field, $value) = each %$field_values) { push(@field_names, $field); push(@values, $value); } my $qmarks = '?,' x @field_names; chop($qmarks); my $table = $class->DB_TABLE; $dbh->do("INSERT INTO $table (" . join(', ', @field_names) . ") VALUES ($qmarks)", undef, @values); my $id = $dbh->bz_last_key($table, $class->ID_FIELD); return $class->new($id); } sub get_all { my $class = shift; my $dbh = Bugzilla->dbh; my $table = $class->DB_TABLE; my $order = $class->LIST_ORDER; my $id_field = $class->ID_FIELD; my $ids = $dbh->selectcol_arrayref(qq{ SELECT $id_field FROM $table ORDER BY $order}); my $objects = $class->new_from_list($ids); return @$objects; } 1; __END__ =head1 NAME Bugzilla::Object - A base class for objects in Bugzilla. =head1 SYNOPSIS my $object = new Bugzilla::Object(1); my $object = new Bugzilla::Object({name => 'TestProduct'}); my $id = $object->id; my $name = $object->name; =head1 DESCRIPTION Bugzilla::Object is a base class for Bugzilla objects. You never actually create a Bugzilla::Object directly, you only make subclasses of it. Basically, Bugzilla::Object exists to allow developers to create objects more easily. All you have to do is define C, C, and sometimes C and you have a whole new object. You should also define accessors for any columns other than C or C. =head1 CONSTANTS Frequently, these will be the only things you have to define in your subclass in order to have a fully-functioning object. C and C are required. =over =item C The name of the table that these objects are stored in. For example, for C this would be C. =item C The names of the columns that you want to read out of the database and into this object. This should be an array. =item C The name of the column that should be considered to be the unique "name" of this object. The 'name' is a B that uniquely identifies this Object in the database. Defaults to 'name'. When you specify C<{name => $name}> to C, this is the column that will be matched against in the DB. =item C The name of the column that represents the unique B ID of this object in the database. Defaults to 'id'. =item C The order that C and C should return objects in. This should be the name of a database column. Defaults to L. =item C The list of fields that B be specified when the user calls C. This should be an array. =item C A hashref that points to a function that will validate each param to L. Validators are called both by L and L. When they are called by L, the first argument will be the name of the class (what we normally call C<$class>). When they are called by L, the first argument will be a reference to the current object (what we normally call C<$self>). The second argument will be the value passed to L or Lfor that field. The third argument will be the name of the field being validated. This may be required by validators which validate several distinct fields. These functions should call L if they fail. The validator must return the validated value. =item C A list of columns to update when L is called. If a field can't be changed, it shouldn't be listed here. (For example, the L usually can't be updated.) =back =head1 METHODS =head2 Constructors =over =item C Description: The constructor is used to load an existing object from the database, by id or by name. Params: $param - If you pass an integer, the integer is the id of the object, from the database, that we want to read in. If you pass in a hash with C key, then the value of the name key is the case-insensitive name of the object from the DB. Returns: A fully-initialized object. =item C Description: Creates an array of objects, given an array of ids. Params: \@id_list - A reference to an array of numbers, database ids. If any of these are not numeric, the function will throw an error. If any of these are not valid ids in the database, they will simply be skipped. Returns: A reference to an array of objects. =back =head2 Database Manipulation =over =item C Description: Creates a new item in the database. Throws a User Error if any of the passed-in params are invalid. Params: C<$params> - hashref - A value to put in each database field for this object. Certain values must be set (the ones specified in L), and the function will throw a Code Error if you don't set them. Returns: The Object just created in the database. Notes: In order for this function to work in your subclass, your subclass's L must be of C type in the database. Your subclass also must define L and L. Subclass Implementors: This function basically just calls L, then L, and then finally L. So if you have a complex system that you need to implement, you can do it by calling these three functions instead of C. =item C =over =item B Part of L. Throws an error if any of the L have not been specified in C<$params> =item B =over =item C<$params> - The same as C<$params> from L. =back =item B (nothing) =back =item C Description: Runs the validation of input parameters for L. This subroutine exists so that it can be overridden by subclasses who need to do special validations of their input parameters. This method is B called by L. Params: The same as L. Returns: A hash, in a similar format as C<$params>, except that these are the values to be inserted into the database, not the values that were input to L. =item C Part of L. Takes the return value from L and inserts the data into the database. Returns a newly created object. =item C Saves the values currently in this object to the database. Only the fields specified in L will be updated. Returns nothing and takes no parameters. =back =head2 Subclass Helpers These functions are intended only for use by subclasses. If you call them from anywhere else, they will throw a C. =over =item C =over =item B Sets a certain hash member of this class to a certain value. Used for updating fields. Calls the validator for this field, if it exists. Subclasses should use this function to implement the various C mutators for their different fields. See L for more information. =item B =over =item C<$field> - The name of the hash member to update. This should be the same as the name of the field in L, if it exists there. =item C<$value> - The value that you're setting the field to. =back =item B (nothing) =back =back =head1 CLASS FUNCTIONS =over =item C Description: Returns all objects in this table from the database. Params: none. Returns: A list of objects, or an empty list if there are none. Notes: Note that you must call this as C<$class->get_all>. For example, Cget_all>. C will not work. =back =cut