post_bug.cgi 15.5 KB
Newer Older
1
#!/usr/bin/perl -wT
2
# -*- Mode: perl; indent-tabs-mode: nil -*-
terry%netscape.com's avatar
terry%netscape.com committed
3
#
4 5 6 7 8 9 10 11 12 13
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
terry%netscape.com's avatar
terry%netscape.com committed
14
# The Original Code is the Bugzilla Bug Tracking System.
15
#
terry%netscape.com's avatar
terry%netscape.com committed
16
# The Initial Developer of the Original Code is Netscape Communications
17 18 19 20
# Corporation. Portions created by Netscape are
# Copyright (C) 1998 Netscape Communications Corporation. All
# Rights Reserved.
#
terry%netscape.com's avatar
terry%netscape.com committed
21
# Contributor(s): Terry Weissman <terry@mozilla.org>
22
#                 Dan Mosedale <dmose@mozilla.org>
23
#                 Joe Robins <jmrobins@tgix.com>
24
#                 Gervase Markham <gerv@gerv.net>
terry%netscape.com's avatar
terry%netscape.com committed
25

26
use strict;
27 28
use lib qw(.);

29
require "globals.pl";
30
use Bugzilla;
31
use Bugzilla::Constants;
32
use Bugzilla::Util;
33
use Bugzilla::Bug;
34
use Bugzilla::User;
35
use Bugzilla::Field;
36

37
# Shut up misguided -w warnings about "used only once". For some reason,
38
# "use vars" chokes on me when I try it here.
39 40
sub sillyness {
    my $zz;
41 42 43 44 45 46 47
    $zz = %::components;
    $zz = %::versions;
    $zz = @::legal_opsys;
    $zz = @::legal_platform;
    $zz = @::legal_priority;
    $zz = @::legal_product;
    $zz = @::legal_severity;
48
    $zz = %::target_milestone;
49
}
50

51 52 53
# Use global template variables.
use vars qw($vars $template);

54
my $user = Bugzilla->login(LOGIN_REQUIRED);
55
my $cgi = Bugzilla->cgi;
56 57
my $dbh = Bugzilla->dbh;

58 59
# do a match on the fields if applicable

60
&Bugzilla::User::match_field ($cgi, {
61 62
    'cc'            => { 'type' => 'multi'  },
    'assigned_to'   => { 'type' => 'single' },
63
    'qa_contact'    => { 'type' => 'single' },
64
});
65 66 67 68 69

# The format of the initial comment can be structured by adding fields to the
# enter_bug template and then referencing them in the comment template.
my $comment;

70 71
my $format = GetFormat("bug/create/comment",
                       scalar($cgi->param('format')), "txt");
72

73
$template->process($format->{'template'}, $vars, \$comment)
74 75 76
  || ThrowTemplateError($template->error());

ValidateComment($comment);
77

78
# Check that the product exists and that the user
79
# is allowed to enter bugs into this product.
80
my $product = $cgi->param('product');
81 82
CanEnterProductOrWarn($product);

83
my $product_id = get_product_id($product);
dmose%mozilla.org's avatar
dmose%mozilla.org committed
84

85
# Set cookies
86 87
if (defined $cgi->param('product')) {
    if (defined $cgi->param('version')) {
88 89 90
        $cgi->send_cookie(-name => "VERSION-$product",
                          -value => $cgi->param('version'),
                          -expires => "Fri, 01-Jan-2038 00:00:00 GMT");
91 92
    }
}
terry%netscape.com's avatar
terry%netscape.com committed
93

94
if (defined $cgi->param('maketemplate')) {
95
    $vars->{'url'} = $cgi->query_string();
terry%netscape.com's avatar
terry%netscape.com committed
96
    
97
    print $cgi->header();
98 99
    $template->process("bug/create/make-template.html.tmpl", $vars)
      || ThrowTemplateError($template->error());
100
    exit;
terry%netscape.com's avatar
terry%netscape.com committed
101 102
}

103
umask 0;
terry%netscape.com's avatar
terry%netscape.com committed
104

105
# Some sanity checking
106 107
my $component_id = get_component_id($product_id,
                                    scalar($cgi->param('component')));
108
$component_id || ThrowUserError("require_component");
terry%netscape.com's avatar
terry%netscape.com committed
109

110 111
if (!defined $cgi->param('short_desc')
    || trim($cgi->param('short_desc')) eq "") {
112
    ThrowUserError("require_summary");
113 114
}

115 116 117
# Check that if required a description has been provided
# This has to go somewhere after 'maketemplate' 
#  or it breaks bookmarks with no comments.
118
if (Param("commentoncreate") && !trim($cgi->param('comment'))) {
119 120 121
    ThrowUserError("description_required");
}

122 123 124 125 126
# If bug_file_loc is "http://", the default, use an empty value instead.
$cgi->param('bug_file_loc', '') if $cgi->param('bug_file_loc') eq 'http://';

my $sql_product = SqlQuote($cgi->param('product'));
my $sql_component = SqlQuote($cgi->param('component'));
127 128

# Default assignee is the component owner.
129
if (!UserInGroup("editbugs") || $cgi->param('assigned_to') eq "") {
130
    SendSQL("SELECT initialowner FROM components " .
131
            "WHERE id = $component_id");
132
    $cgi->param(-name => 'assigned_to', -value => FetchOneColumn());
133
} else {
134 135
    $cgi->param(-name => 'assigned_to',
                -value => DBNameToIdAndCheck(trim($cgi->param('assigned_to'))));
terry%netscape.com's avatar
terry%netscape.com committed
136 137
}

138
my @bug_fields = ("version", "rep_platform",
139
                  "bug_severity", "priority", "op_sys", "assigned_to",
140
                  "bug_status", "everconfirmed", "bug_file_loc", "short_desc",
141
                  "target_milestone", "status_whiteboard");
142

143 144 145 146 147 148 149 150 151
if (Param("usebugaliases")) {
   my $alias = trim($cgi->param('alias') || "");
   if ($alias ne "") {
       ValidateBugAlias($alias);
       $cgi->param('alias', $alias);
       push (@bug_fields,"alias");
   }
}

152
# Retrieve the default QA contact if the field is empty
153
if (Param("useqacontact")) {
154
    my $qa_contact;
155 156
    if (!UserInGroup("editbugs") || !defined $cgi->param('qa_contact')
        || trim($cgi->param('qa_contact')) eq "") {
157 158 159 160
        SendSQL("SELECT initialqacontact FROM components " .
                "WHERE id = $component_id");
        $qa_contact = FetchOneColumn();
    } else {
161
        $qa_contact = DBNameToIdAndCheck(trim($cgi->param('qa_contact')));
162 163
    }

164
    if ($qa_contact) {
165
        $cgi->param(-name => 'qa_contact', -value => $qa_contact);
166 167 168 169
        push(@bug_fields, "qa_contact");
    }
}

170
if (UserInGroup("editbugs") || UserInGroup("canconfirm")) {
171
    # Default to NEW if the user hasn't selected another status
172
    if (!defined $cgi->param('bug_status')) {
173 174
        $cgi->param(-name => 'bug_status', -value => "NEW");
    }
175 176
} else {
    # Default to UNCONFIRMED if we are using it, NEW otherwise
177
    $cgi->param(-name => 'bug_status', -value => 'UNCONFIRMED');
178
    SendSQL("SELECT votestoconfirm FROM products WHERE id = $product_id");
179 180
    if (!FetchOneColumn()) {   
        $cgi->param(-name => 'bug_status', -value => "NEW");
181 182 183
    }
}

184
if (!defined $cgi->param('target_milestone')) {
185
    SendSQL("SELECT defaultmilestone FROM products WHERE name=$sql_product");
186
    $cgi->param(-name => 'target_milestone', -value => FetchOneColumn());
187 188
}

189
if (!Param('letsubmitterchoosepriority')) {
190
    $cgi->param(-name => 'priority', -value => Param('defaultpriority'));
191 192
}

193
GetVersionTable();
194 195

# Some more sanity checking
196 197 198 199 200 201 202 203 204 205 206 207
check_form_field($cgi, 'product',      \@::legal_product);
check_form_field($cgi, 'rep_platform', \@::legal_platform);
check_form_field($cgi, 'bug_severity', \@::legal_severity);
check_form_field($cgi, 'priority',     \@::legal_priority);
check_form_field($cgi, 'op_sys',       \@::legal_opsys);
check_form_field($cgi, 'bug_status',   ['UNCONFIRMED', 'NEW']);
check_form_field($cgi, 'version',          $::versions{$product});
check_form_field($cgi, 'component',        $::components{$product});
check_form_field($cgi, 'target_milestone', $::target_milestone{$product});
check_form_field_defined($cgi, 'assigned_to');
check_form_field_defined($cgi, 'bug_file_loc');
check_form_field_defined($cgi, 'comment');
208

209 210 211
my $everconfirmed = ($cgi->param('bug_status') eq 'UNCONFIRMED') ? 0 : 1;
$cgi->param(-name => 'everconfirmed', -value => $everconfirmed);

212
my @used_fields;
213
foreach my $field (@bug_fields) {
214
    if (defined $cgi->param($field)) {
215
        push (@used_fields, $field);
216 217
    }
}
218

219
$cgi->param(-name => 'product_id', -value => $product_id);
220
push(@used_fields, "product_id");
221
$cgi->param(-name => 'component_id', -value => $component_id);
222 223
push(@used_fields, "component_id");

224 225 226 227
my %ccids;

# Create the ccid hash for inserting into the db
# use a hash rather than a list to avoid adding users twice
228 229 230 231 232
if (defined $cgi->param('cc')) {
    foreach my $person ($cgi->param('cc')) {
        my $ccid = DBNameToIdAndCheck($person);
        if ($ccid && !$ccids{$ccid}) {
           $ccids{$ccid} = 1;
233 234 235
        }
    }
}
236 237 238 239 240
# Check for valid keywords and create list of keywords to be added to db
# (validity routine copied from process_bug.cgi)
my @keywordlist;
my %keywordseen;

241 242
if ($cgi->param('keywords') && UserInGroup("editbugs")) {
    foreach my $keyword (split(/[\s,]+/, $cgi->param('keywords'))) {
243 244 245 246 247
        if ($keyword eq '') {
           next;
        }
        my $i = GetKeywordIdFromName($keyword);
        if (!$i) {
248 249
            ThrowUserError("unknown_keyword",
                           { keyword => $keyword });
250 251 252 253 254 255 256
        }
        if (!$keywordseen{$i}) {
            push(@keywordlist, $i);
            $keywordseen{$i} = 1;
        }
    }
}
257

258 259
# Check for valid dependency info. 
foreach my $field ("dependson", "blocked") {
260
    if (UserInGroup("editbugs") && $cgi->param($field)) {
261
        my @validvalues;
262
        foreach my $id (split(/[\s,]+/, $cgi->param($field))) {
263
            next unless $id;
264
            ValidateBugID($id, $field);
265 266
            push(@validvalues, $id);
        }
267
        $cgi->param(-name => $field, -value => join(",", @validvalues));
268 269
    }
}
270
# Gather the dependency list, and make sure there are no circular refs
271
my %deps;
272
if (UserInGroup("editbugs")) {
273 274
    %deps = Bugzilla::Bug::ValidateDependencies(scalar($cgi->param('dependson')),
                                                scalar($cgi->param('blocked')));
275 276
}

277 278 279 280 281
# get current time
SendSQL("SELECT NOW()");
my $timestamp = FetchOneColumn();
my $sql_timestamp = SqlQuote($timestamp);

282
# Build up SQL string to add bug.
283
# creation_ts will only be set when all other fields are defined.
284
my $sql = "INSERT INTO bugs " . 
285
  "(" . join(",", @used_fields) . ", reporter, delta_ts, " .
286
  "estimated_time, remaining_time, deadline) " .
287
  "VALUES (";
terry%netscape.com's avatar
terry%netscape.com committed
288

289
foreach my $field (@used_fields) {
290
    $sql .= SqlQuote($cgi->param($field)) . ",";
terry%netscape.com's avatar
terry%netscape.com committed
291 292
}

293
$comment =~ s/\r\n?/\n/g;     # Get rid of \r.
294
$comment = trim($comment);
295
# If comment is all whitespace, it'll be null at this point. That's
296 297
# OK except for the fact that it causes e-mail to be suppressed.
$comment = $comment ? $comment : " ";
298

299
$sql .= "$::userid, $sql_timestamp, ";
300 301 302

# Time Tracking
if (UserInGroup(Param("timetrackinggroup")) &&
303
    defined $cgi->param('estimated_time')) {
304

305
    my $est_time = $cgi->param('estimated_time');
306
    Bugzilla::Bug::ValidateTime($est_time, 'estimated_time');
307
    $sql .= SqlQuote($est_time) . "," . SqlQuote($est_time) . ",";
308
} else {
309
    $sql .= "0, 0, ";
310
}
311

312
if ((UserInGroup(Param("timetrackinggroup"))) && ($cgi->param('deadline'))) {
313 314 315
    validate_date($cgi->param('deadline'))
      || ThrowUserError('illegal_date', {date => $cgi->param('deadline'),
                                         format => 'YYYY-MM-DD'});
316
    $sql .= SqlQuote($cgi->param('deadline'));  
317 318 319 320
} else {
    $sql .= "NULL";
}

321
$sql .= ")";
322

323
# Groups
324
my @groupstoadd = ();
325 326
foreach my $b (grep(/^bit-\d*$/, $cgi->param())) {
    if ($cgi->param($b)) {
327
        my $v = substr($b, 4);
328
        detaint_natural($v)
329
          || ThrowCodeError("group_id_invalid");
330 331 332 333 334
        if (!GroupIsActive($v)) {
            # Prevent the user from adding the bug to an inactive group.
            # Should only happen if there is a bug in Bugzilla or the user
            # hacked the "enter bug" form since otherwise the UI 
            # for adding the bug to the group won't appear on that form.
335
            $vars->{'bit'} = $v;
336
            ThrowCodeError("inactive_group");
337
        }
338
        my ($permit) = $user->in_group_id($v);
339 340 341 342 343 344 345 346
        if (!$permit) {
            SendSQL("SELECT othercontrol FROM group_control_map
                     WHERE group_id = $v AND product_id = $product_id");
            my ($othercontrol) = FetchSQLData();
            $permit = (($othercontrol == CONTROLMAPSHOWN)
                       || ($othercontrol == CONTROLMAPDEFAULT));
        }
        if ($permit) {
347 348
            push(@groupstoadd, $v)
        }
349 350 351
    }
}

352
SendSQL("SELECT DISTINCT groups.id, groups.name, " .
353
        "membercontrol, othercontrol, description " .
354 355 356 357 358 359 360 361 362 363 364 365 366 367 368
        "FROM groups LEFT JOIN group_control_map " .
        "ON group_id = id AND product_id = $product_id " .
        " WHERE isbuggroup != 0 AND isactive != 0 ORDER BY description");
while (MoreSQLData()) {
    my ($id, $groupname, $membercontrol, $othercontrol ) = FetchSQLData();
    $membercontrol ||= 0;
    $othercontrol ||= 0;
    # Add groups required
    if (($membercontrol == CONTROLMAPMANDATORY)
       || (($othercontrol == CONTROLMAPMANDATORY) 
            && (!UserInGroup($groupname)))) {
        # User had no option, bug needs to be in this group.
        push(@groupstoadd, $id)
    }
}
369

370
# Add the bug report to the DB.
371 372 373 374 375
$dbh->bz_lock_tables('bugs WRITE', 'bug_group_map WRITE', 'longdescs WRITE',
                     'cc WRITE', 'keywords WRITE', 'dependencies WRITE',
                     'bugs_activity WRITE', 'groups READ', 'user_group_map READ',
                     'keyworddefs READ', 'fielddefs READ');

376
SendSQL($sql);
377

378
# Get the bug ID back.
379
my $id = $dbh->bz_last_key('bugs', 'bug_id');
terry%netscape.com's avatar
terry%netscape.com committed
380

381 382 383 384 385 386
# Add the group restrictions
foreach my $grouptoadd (@groupstoadd) {
    SendSQL("INSERT INTO bug_group_map (bug_id, group_id)
             VALUES ($id, $grouptoadd)");
}

387 388 389
# Add the initial comment, allowing for the fact that it may be private
my $privacy = 0;
if (Param("insidergroup") && UserInGroup(Param("insidergroup"))) {
390
    $privacy = $cgi->param('commentprivacy') ? 1 : 0;
391 392 393
}

SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext, isprivate) 
394
         VALUES ($id, " . SqlQuote($user->id) . ", $sql_timestamp, " .
395
        SqlQuote($comment) . ", $privacy)");
terry%netscape.com's avatar
terry%netscape.com committed
396

397 398 399
# Insert the cclist into the database
foreach my $ccid (keys(%ccids)) {
    SendSQL("INSERT INTO cc (bug_id, who) VALUES ($id, $ccid)");
terry%netscape.com's avatar
terry%netscape.com committed
400 401
}

402
my @all_deps;
403 404 405 406 407
if (UserInGroup("editbugs")) {
    foreach my $keyword (@keywordlist) {
        SendSQL("INSERT INTO keywords (bug_id, keywordid) 
                 VALUES ($id, $keyword)");
    }
408 409 410 411 412 413 414 415
    if (@keywordlist) {
        # Make sure that we have the correct case for the kw
        SendSQL("SELECT name FROM keyworddefs WHERE id IN ( " .
                join(',', @keywordlist) . ")");
        my @list;
        while (MoreSQLData()) {
            push (@list, FetchOneColumn());
        }
416 417
        SendSQL("UPDATE bugs SET delta_ts = $sql_timestamp," .
                " keywords = " . SqlQuote(join(', ', @list)) .
418 419
                " WHERE bug_id = $id");
    }
420 421 422 423
    if ($cgi->param('dependson') || $cgi->param('blocked')) {
        foreach my $pair (["blocked", "dependson"], ["dependson", "blocked"]) {
            my ($me, $target) = @{$pair};

424 425 426 427 428
            foreach my $i (@{$deps{$target}}) {
                SendSQL("INSERT INTO dependencies ($me, $target) values " .
                        "($id, $i)");
                push(@all_deps, $i); # list for mailing dependent bugs
                # Log the activity for the other bug:
429
                LogActivityEntry($i, $me, "", $id, $user->id, $timestamp);
430 431 432
            }
        }
    }
433 434
}

435 436 437 438 439 440 441
# All fields related to the newly created bug are set.
# The bug can now be made accessible.
$dbh->do("UPDATE bugs SET creation_ts = ? WHERE bug_id = ?",
          undef, ($timestamp, $id));

$dbh->bz_unlock_tables();

442
# Email everyone the details of the new bug 
443
$vars->{'mailrecipients'} = {'changer' => Bugzilla->user->login};
444

445
$vars->{'id'} = $id;
446
my $bug = new Bugzilla::Bug($id, $::userid);
447
$vars->{'bug'} = $bug;
terry%netscape.com's avatar
terry%netscape.com committed
448

449
ThrowCodeError("bug_error", { bug => $bug }) if $bug->error;
450 451 452 453 454 455

$vars->{'sentmail'} = [];

push (@{$vars->{'sentmail'}}, { type => 'created',
                                id => $id,
                              });
456

457
foreach my $i (@all_deps) {
458
    push (@{$vars->{'sentmail'}}, { type => 'dep', id => $i, });
459
}
460

461
my @bug_list;
462 463
if ($cgi->cookie("BUGLIST")) {
    @bug_list = split(/:/, $cgi->cookie("BUGLIST"));
464
}
465 466
$vars->{'bug_list'} = \@bug_list;

467
print $cgi->header();
468 469
$template->process("bug/create/created.html.tmpl", $vars)
  || ThrowTemplateError($template->error());
470

471