Bug 360231: importxml.pl ignores the maxattachmentsize and maxlocalattachment…

Bug 360231: importxml.pl ignores the maxattachmentsize and maxlocalattachment parameters when importing attachments r=dkl a=justdave

Bug 360231: importxml.pl ignores the maxattachmentsize and maxlocalattachment…
2f7a7d31 · Frédéric Buclin · 7eed51a8 · 2f7a7d31
Commit 2f7a7d31 authored Jan 09, 2014 by Frédéric Buclin
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 19 deletions

importxml.pl importxml.pl +31 -19

No files found.
--- a/importxml.pl
+++ b/importxml.pl
@@ -54,6 +54,7 @@ use lib qw(. lib);
 use Bugzilla;
 use Bugzilla::Object;
 use Bugzilla::Bug;
+use Bugzilla::Attachment;
 use Bugzilla::Product;
 use Bugzilla::Version;
 use Bugzilla::Component;
@@ -1053,6 +1054,7 @@ sub process_bug {

    $dbh->do( $query, undef, @values );
    my $id = $dbh->bz_last_key( 'bugs', 'bug_id' );
+    my $bug_obj = Bugzilla::Bug->new($id);

    # We are almost certain to get some uninitialized warnings
    # Since this is just for debugging the query, let's shut them up
@@ -1135,31 +1137,41 @@ sub process_bug {
            $err .= "No attachment ID specified, dropping attachment\n";
            next;
        }
-        if (!$exporter->is_insider && $att->{'isprivate'}) {
-            $err .= "Exporter not in insidergroup and attachment marked private.\n";
+
+        my $attacher;
+        if ($att->{'attacher'}) {
+            $attacher = Bugzilla::User->new({name => $att->{'attacher'}, cache => 1});
+        }
+        my $new_attacher = $attacher || $exporter;
+
+        if ($att->{'isprivate'} && !$new_attacher->is_insider) {
+            my $who = $new_attacher->login;
+            $err .= "$who not in insidergroup and attachment marked private.\n";
            $err .= "   Marking attachment public\n";
            $att->{'isprivate'} = 0;
        }

-        my $attacher_id = $att->{'attacher'} ? login_to_id($att->{'attacher'}) : undef;
-
-        $dbh->do("INSERT INTO attachments 
-                 (bug_id, creation_ts, modification_time, filename, description,
-                 mimetype, ispatch, isprivate, isobsolete, submitter_id) 
-                 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
-            undef, $id, $att->{'date'}, $att->{'date'}, $att->{'filename'},
-            $att->{'desc'}, $att->{'ctype'}, $att->{'ispatch'},
-            $att->{'isprivate'}, $att->{'isobsolete'}, $attacher_id || $exporterid);
-        my $att_id   = $dbh->bz_last_key( 'attachments', 'attach_id' );
-        my $att_data = $att->{'data'};
-        my $sth = $dbh->prepare("INSERT INTO attach_data (id, thedata) 
-                                 VALUES ($att_id, ?)" );
-        trick_taint($att_data);
-        $sth->bind_param( 1, $att_data, $dbh->BLOB_TYPE );
-        $sth->execute();
+        # We log in the user so that the attachment creator is set correctly.
+        Bugzilla->set_user($new_attacher);
+
+        my $attachment = Bugzilla::Attachment->create(
+            { bug           => $bug_obj,
+              creation_ts   => $att->{date},
+              data          => $att->{data},
+              description   => $att->{desc},
+              filename      => $att->{filename},
+              ispatch       => $att->{ispatch},
+              isprivate     => $att->{isprivate},
+              isobsolete    => $att->{isobsolete},
+              mimetype      => $att->{ctype},
+            });
+        my $att_id = $attachment->id;
+
+        # We log out the attacher as the remaining steps are not on his behalf.
+        Bugzilla->logout_request;

        $comments .= "Imported an attachment (id=$att_id)\n";
-        if (!$attacher_id) {
+        if (!$attacher) {
            if ($att->{'attacher'}) {
                $err .= "The original submitter of attachment $att_id was\n   ";
                $err .= $att->{'attacher'} . ", but he doesn't have an account here.\n";