Skip to content

bugzilla
bugzilla
Commit 65d3dc0e authored by bugreport%peshkin.net's avatar bugreport%peshkin.net
Browse files
Options

bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported

r=bbaetz, gerv
parent cf9b4ba2
Show whitespace changes
Inline Side-by-side
Showing with 1604 additions and 1318 deletions
Bug.pm
View file @ 65d3dc0e
...@@ -37,8 +37,8 @@ use Bugzilla::Util; ...@@ -37,8 +37,8 @@ use Bugzilla::Util;
for my $key (qw (bug_id alias product version rep_platform op_sys bug_status for my $key (qw (bug_id alias product version rep_platform op_sys bug_status
resolution priority bug_severity component assigned_to resolution priority bug_severity component assigned_to
reporter bug_file_loc short_desc target_milestone reporter bug_file_loc short_desc target_milestone
qa_contact status_whiteboard creation_ts groupset qa_contact status_whiteboard creation_ts
delta_ts votes whoid usergroupset comment query error) ){ delta_ts votes whoid comment query error) ){
$ok_field{$key}++; $ok_field{$key}++;
} }
...@@ -105,10 +105,6 @@ sub initBug { ...@@ -105,10 +105,6 @@ sub initBug {
$self->{'whoid'} = $user_id; $self->{'whoid'} = $user_id;
&::SendSQL("SELECT groupset FROM profiles WHERE userid=$self->{'whoid'}");
my $usergroupset = &::FetchOneColumn();
if (!$usergroupset) { $usergroupset = '0' }
$self->{'usergroupset'} = $usergroupset;
my $query = " my $query = "
select select
...@@ -116,7 +112,7 @@ sub initBug { ...@@ -116,7 +112,7 @@ sub initBug {
resolution, priority, bug_severity, components.name, assigned_to, reporter, resolution, priority, bug_severity, components.name, assigned_to, reporter,
bug_file_loc, short_desc, target_milestone, qa_contact, bug_file_loc, short_desc, target_milestone, qa_contact,
status_whiteboard, date_format(creation_ts,'%Y-%m-%d %H:%i'), status_whiteboard, date_format(creation_ts,'%Y-%m-%d %H:%i'),
groupset, delta_ts, sum(votes.count) delta_ts, sum(votes.count)
from bugs left join votes using(bug_id), from bugs left join votes using(bug_id),
products, components products, components
where bugs.bug_id = $bug_id where bugs.bug_id = $bug_id
...@@ -124,10 +120,10 @@ sub initBug { ...@@ -124,10 +120,10 @@ sub initBug {
AND components.id = bugs.component_id AND components.id = bugs.component_id
group by bugs.bug_id"; group by bugs.bug_id";
&::SendSQL(&::SelectVisible($query, $user_id, $usergroupset)); &::SendSQL($query);
my @row; my @row = ();
if (@row = &::FetchSQLData()) { if ((@row = &::FetchSQLData()) && &::CanSeeBug($bug_id, $self->{'whoid'})) {
my $count = 0; my $count = 0;
my %fields; my %fields;
foreach my $field ("bug_id", "alias", "product", "version", "rep_platform", foreach my $field ("bug_id", "alias", "product", "version", "rep_platform",
...@@ -135,16 +131,14 @@ sub initBug { ...@@ -135,16 +131,14 @@ sub initBug {
"bug_severity", "component", "assigned_to", "reporter", "bug_severity", "component", "assigned_to", "reporter",
"bug_file_loc", "short_desc", "target_milestone", "bug_file_loc", "short_desc", "target_milestone",
"qa_contact", "status_whiteboard", "creation_ts", "qa_contact", "status_whiteboard", "creation_ts",
"groupset", "delta_ts", "votes") { "delta_ts", "votes") {
$fields{$field} = shift @row; $fields{$field} = shift @row;
if ($fields{$field}) { if ($fields{$field}) {
$self->{$field} = $fields{$field}; $self->{$field} = $fields{$field};
} }
$count++; $count++;
} }
} else { } elsif (@row) {
&::SendSQL("select groupset from bugs where bug_id = $bug_id");
if (@row = &::FetchSQLData()) {
$self->{'bug_id'} = $bug_id; $self->{'bug_id'} = $bug_id;
$self->{'error'} = "NotPermitted"; $self->{'error'} = "NotPermitted";
return $self; return $self;
...@@ -153,7 +147,6 @@ sub initBug { ...@@ -153,7 +147,6 @@ sub initBug {
$self->{'error'} = "NotFound"; $self->{'error'} = "NotFound";
return $self; return $self;
} }
}
$self->{'assigned_to'} = &::DBID_to_name($self->{'assigned_to'}); $self->{'assigned_to'} = &::DBID_to_name($self->{'assigned_to'});
$self->{'reporter'} = &::DBID_to_name($self->{'reporter'}); $self->{'reporter'} = &::DBID_to_name($self->{'reporter'});
...@@ -356,22 +349,6 @@ sub XML_Footer { ...@@ -356,22 +349,6 @@ sub XML_Footer {
return ("</bugzilla>\n"); return ("</bugzilla>\n");
} }
sub UserInGroup {
my $self = shift();
my ($groupname) = (@_);
if ($self->{'usergroupset'} eq "0") {
return 0;
}
&::ConnectToDatabase();
&::SendSQL("select (bit & $self->{'usergroupset'}) != 0 from groups where name = "
. &::SqlQuote($groupname));
my $bit = &::FetchOneColumn();
if ($bit) {
return 1;
}
return 0;
}
sub CanChangeField { sub CanChangeField {
my $self = shift(); my $self = shift();
my ($f, $oldvalue, $newvalue) = (@_); my ($f, $oldvalue, $newvalue) = (@_);
......
Bugzilla/Bug.pm
View file @ 65d3dc0e
...@@ -37,8 +37,8 @@ use Bugzilla::Util; ...@@ -37,8 +37,8 @@ use Bugzilla::Util;
for my $key (qw (bug_id alias product version rep_platform op_sys bug_status for my $key (qw (bug_id alias product version rep_platform op_sys bug_status
resolution priority bug_severity component assigned_to resolution priority bug_severity component assigned_to
reporter bug_file_loc short_desc target_milestone reporter bug_file_loc short_desc target_milestone
qa_contact status_whiteboard creation_ts groupset qa_contact status_whiteboard creation_ts
delta_ts votes whoid usergroupset comment query error) ){ delta_ts votes whoid comment query error) ){
$ok_field{$key}++; $ok_field{$key}++;
} }
...@@ -105,10 +105,6 @@ sub initBug { ...@@ -105,10 +105,6 @@ sub initBug {
$self->{'whoid'} = $user_id; $self->{'whoid'} = $user_id;
&::SendSQL("SELECT groupset FROM profiles WHERE userid=$self->{'whoid'}");
my $usergroupset = &::FetchOneColumn();
if (!$usergroupset) { $usergroupset = '0' }
$self->{'usergroupset'} = $usergroupset;
my $query = " my $query = "
select select
...@@ -116,7 +112,7 @@ sub initBug { ...@@ -116,7 +112,7 @@ sub initBug {
resolution, priority, bug_severity, components.name, assigned_to, reporter, resolution, priority, bug_severity, components.name, assigned_to, reporter,
bug_file_loc, short_desc, target_milestone, qa_contact, bug_file_loc, short_desc, target_milestone, qa_contact,
status_whiteboard, date_format(creation_ts,'%Y-%m-%d %H:%i'), status_whiteboard, date_format(creation_ts,'%Y-%m-%d %H:%i'),
groupset, delta_ts, sum(votes.count) delta_ts, sum(votes.count)
from bugs left join votes using(bug_id), from bugs left join votes using(bug_id),
products, components products, components
where bugs.bug_id = $bug_id where bugs.bug_id = $bug_id
...@@ -124,10 +120,10 @@ sub initBug { ...@@ -124,10 +120,10 @@ sub initBug {
AND components.id = bugs.component_id AND components.id = bugs.component_id
group by bugs.bug_id"; group by bugs.bug_id";
&::SendSQL(&::SelectVisible($query, $user_id, $usergroupset)); &::SendSQL($query);
my @row; my @row = ();
if (@row = &::FetchSQLData()) { if ((@row = &::FetchSQLData()) && &::CanSeeBug($bug_id, $self->{'whoid'})) {
my $count = 0; my $count = 0;
my %fields; my %fields;
foreach my $field ("bug_id", "alias", "product", "version", "rep_platform", foreach my $field ("bug_id", "alias", "product", "version", "rep_platform",
...@@ -135,16 +131,14 @@ sub initBug { ...@@ -135,16 +131,14 @@ sub initBug {
"bug_severity", "component", "assigned_to", "reporter", "bug_severity", "component", "assigned_to", "reporter",
"bug_file_loc", "short_desc", "target_milestone", "bug_file_loc", "short_desc", "target_milestone",
"qa_contact", "status_whiteboard", "creation_ts", "qa_contact", "status_whiteboard", "creation_ts",
"groupset", "delta_ts", "votes") { "delta_ts", "votes") {
$fields{$field} = shift @row; $fields{$field} = shift @row;
if ($fields{$field}) { if ($fields{$field}) {
$self->{$field} = $fields{$field}; $self->{$field} = $fields{$field};
} }
$count++; $count++;
} }
} else { } elsif (@row) {
&::SendSQL("select groupset from bugs where bug_id = $bug_id");
if (@row = &::FetchSQLData()) {
$self->{'bug_id'} = $bug_id; $self->{'bug_id'} = $bug_id;
$self->{'error'} = "NotPermitted"; $self->{'error'} = "NotPermitted";
return $self; return $self;
...@@ -153,7 +147,6 @@ sub initBug { ...@@ -153,7 +147,6 @@ sub initBug {
$self->{'error'} = "NotFound"; $self->{'error'} = "NotFound";
return $self; return $self;
} }
}
$self->{'assigned_to'} = &::DBID_to_name($self->{'assigned_to'}); $self->{'assigned_to'} = &::DBID_to_name($self->{'assigned_to'});
$self->{'reporter'} = &::DBID_to_name($self->{'reporter'}); $self->{'reporter'} = &::DBID_to_name($self->{'reporter'});
...@@ -356,22 +349,6 @@ sub XML_Footer { ...@@ -356,22 +349,6 @@ sub XML_Footer {
return ("</bugzilla>\n"); return ("</bugzilla>\n");
} }
sub UserInGroup {
my $self = shift();
my ($groupname) = (@_);
if ($self->{'usergroupset'} eq "0") {
return 0;
}
&::ConnectToDatabase();
&::SendSQL("select (bit & $self->{'usergroupset'}) != 0 from groups where name = "
. &::SqlQuote($groupname));
my $bit = &::FetchOneColumn();
if ($bit) {
return 1;
}
return 0;
}
sub CanChangeField { sub CanChangeField {
my $self = shift(); my $self = shift();
my ($f, $oldvalue, $newvalue) = (@_); my ($f, $oldvalue, $newvalue) = (@_);
......
Bugzilla/Search.pm
View file @ 65d3dc0e
...@@ -29,7 +29,7 @@ use strict; ...@@ -29,7 +29,7 @@ use strict;
# The caller MUST require CGI.pl and globals.pl before using this # The caller MUST require CGI.pl and globals.pl before using this
use vars qw($userid $usergroupset); use vars qw($userid);
package Bugzilla::Search; package Bugzilla::Search;
...@@ -117,7 +117,7 @@ sub init { ...@@ -117,7 +117,7 @@ sub init {
my @legal_fields = ("product", "version", "rep_platform", "op_sys", my @legal_fields = ("product", "version", "rep_platform", "op_sys",
"bug_status", "resolution", "priority", "bug_severity", "bug_status", "resolution", "priority", "bug_severity",
"assigned_to", "reporter", "component", "assigned_to", "reporter", "component",
"target_milestone", "groupset"); "target_milestone", "bug_group");
foreach my $field (keys %F) { foreach my $field (keys %F) {
if (lsearch(\@legal_fields, $field) != -1) { if (lsearch(\@legal_fields, $field) != -1) {
...@@ -322,6 +322,12 @@ sub init { ...@@ -322,6 +322,12 @@ sub init {
push(@wherepart, "$table.bug_id = bugs.bug_id"); push(@wherepart, "$table.bug_id = bugs.bug_id");
$f = "$table.thetext"; $f = "$table.thetext";
}, },
"^bug_group,(?!changed)" => sub {
push(@supptables, "LEFT JOIN bug_group_map bug_group_map_$chartid ON bugs.bug_id = bug_group_map_$chartid.bug_id");
push(@supptables, "LEFT JOIN groups groups_$chartid ON groups_$chartid.id = bug_group_map_$chartid.group_id");
$f = "groups_$chartid.name";
},
"^attachments\..*," => sub { "^attachments\..*," => sub {
my $table = "attachments_$chartid"; my $table = "attachments_$chartid";
push(@supptables, "attachments $table"); push(@supptables, "attachments $table");
...@@ -747,7 +753,7 @@ sub init { ...@@ -747,7 +753,7 @@ sub init {
# chart -1 is generated by other code above, not from the user- # chart -1 is generated by other code above, not from the user-
# submitted form, so we'll blindly accept any values in chart -1 # submitted form, so we'll blindly accept any values in chart -1
if ((!$chartfields{$f}) && ($chart != -1)) { if ((!$chartfields{$f}) && ($chart != -1)) {
my $errstr = "Can't use " . html_quote($f) . " as a field name. " . my $errstr = "Can't use $f as a field name. " .
"If you think you're getting this in error, please copy the " . "If you think you're getting this in error, please copy the " .
"entire URL out of the address bar at the top of your browser " . "entire URL out of the address bar at the top of your browser " .
"window and email it to <109679\@bugzilla.org>"; "window and email it to <109679\@bugzilla.org>";
...@@ -807,11 +813,27 @@ sub init { ...@@ -807,11 +813,27 @@ sub init {
$suppseen{$str} = 1; $suppseen{$str} = 1;
} }
} }
my $query = ("SELECT DISTINCT " . join(', ', @fields) . my $query = ("SELECT DISTINCT " .
join(', ', @fields) .
", COUNT(DISTINCT ugmap.group_id) AS cntuseringroups, " .
" COUNT(DISTINCT bgmap.group_id) AS cntbugingroups, " .
" ((COUNT(DISTINCT ccmap.who) AND cclist_accessible) " .
" OR ((bugs.reporter = $::userid) AND bugs.reporter_accessible) " .
" OR bugs.assigned_to = $::userid ) AS canseeanyway " .
" FROM $suppstring" . " FROM $suppstring" .
" WHERE " . join(' AND ', (@wherepart, @andlist))); " LEFT JOIN bug_group_map AS bgmap " .
" ON bgmap.bug_id = bugs.bug_id " .
$query = &::SelectVisible($query, $::userid, $::usergroupset); " LEFT JOIN user_group_map AS ugmap " .
" ON bgmap.group_id = ugmap.group_id " .
" AND ugmap.user_id = $::userid " .
" AND ugmap.isbless = 0" .
" LEFT JOIN cc AS ccmap " .
" ON ccmap.who = $::userid AND ccmap.bug_id = bugs.bug_id " .
" WHERE " . join(' AND ', (@wherepart, @andlist)) .
" GROUP BY bugs.bug_id " .
" HAVING cntuseringroups = cntbugingroups" .
" OR canseeanyway"
);
if ($debug) { if ($debug) {
print "<p><code>" . value_quote($query) . "</code></p>\n"; print "<p><code>" . value_quote($query) . "</code></p>\n";
......
CGI.pl
View file @ 65d3dc0e
...@@ -289,11 +289,6 @@ sub ValidateBugID { ...@@ -289,11 +289,6 @@ sub ValidateBugID {
# converted-from-alias ID. # converted-from-alias ID.
$_[0] = $id; $_[0] = $id;
# Get the values of the usergroupset and userid global variables
# and write them to local variables for use within this function,
# setting those local variables to the default value of zero if
# the global variables are undefined.
# First check that the bug exists # First check that the bug exists
SendSQL("SELECT bug_id FROM bugs WHERE bug_id = $id"); SendSQL("SELECT bug_id FROM bugs WHERE bug_id = $id");
...@@ -303,7 +298,7 @@ sub ValidateBugID { ...@@ -303,7 +298,7 @@ sub ValidateBugID {
return if $skip_authorization; return if $skip_authorization;
return if CanSeeBug($id, $::userid, $::usergroupset); return if CanSeeBug($id, $::userid);
# The user did not pass any of the authorization tests, which means they # The user did not pass any of the authorization tests, which means they
# are not authorized to see the bug. Display an error and stop execution. # are not authorized to see the bug. Display an error and stop execution.
...@@ -438,30 +433,25 @@ sub PasswordForLogin { ...@@ -438,30 +433,25 @@ sub PasswordForLogin {
} }
sub quietly_check_login() { sub quietly_check_login() {
$::usergroupset = '0';
my $loginok = 0;
$::disabledreason = ''; $::disabledreason = '';
$::userid = 0; my $userid = 0;
if (defined $::COOKIE{"Bugzilla_login"} && if (defined $::COOKIE{"Bugzilla_login"} &&
defined $::COOKIE{"Bugzilla_logincookie"}) { defined $::COOKIE{"Bugzilla_logincookie"}) {
SendSQL("SELECT profiles.userid, profiles.groupset, " . SendSQL("SELECT profiles.userid," .
"profiles.login_name, " . " profiles.login_name, " .
"profiles.login_name = " . " profiles.disabledtext " .
SqlQuote($::COOKIE{"Bugzilla_login"}) .
" AND logincookies.ipaddr = " .
SqlQuote($ENV{"REMOTE_ADDR"}) .
", profiles.disabledtext " .
" FROM profiles, logincookies WHERE logincookies.cookie = " . " FROM profiles, logincookies WHERE logincookies.cookie = " .
SqlQuote($::COOKIE{"Bugzilla_logincookie"}) . SqlQuote($::COOKIE{"Bugzilla_logincookie"}) .
" AND profiles.userid = logincookies.userid"); " AND profiles.userid = logincookies.userid AND" .
" profiles.login_name = " .
SqlQuote($::COOKIE{"Bugzilla_login"}) .
" AND logincookies.ipaddr = " .
SqlQuote($ENV{"REMOTE_ADDR"}));
my @row; my @row;
if (@row = FetchSQLData()) { if (MoreSQLData()) {
my ($userid, $groupset, $loginname, $ok, $disabledtext) = (@row); ($userid, my $loginname, my $disabledtext) = FetchSQLData();
if ($ok) { if ($userid > 0) {
if ($disabledtext eq '') { if ($disabledtext eq '') {
$loginok = 1;
$::userid = $userid;
$::usergroupset = $groupset;
$::COOKIE{"Bugzilla_login"} = $loginname; # Makes sure case $::COOKIE{"Bugzilla_login"} = $loginname; # Makes sure case
# is in # is in
# canonical form. # canonical form.
...@@ -469,6 +459,7 @@ sub quietly_check_login() { ...@@ -469,6 +459,7 @@ sub quietly_check_login() {
detaint_natural($::COOKIE{"Bugzilla_logincookie"}); detaint_natural($::COOKIE{"Bugzilla_logincookie"});
} else { } else {
$::disabledreason = $disabledtext; $::disabledreason = $disabledtext;
$userid = 0;
} }
} }
} }
...@@ -478,13 +469,14 @@ sub quietly_check_login() { ...@@ -478,13 +469,14 @@ sub quietly_check_login() {
my $whoid = DBname_to_id($::FORM{'who'}); my $whoid = DBname_to_id($::FORM{'who'});
delete $::FORM{'who'} unless $whoid; delete $::FORM{'who'} unless $whoid;
} }
if (!$loginok) { if (!$userid) {
delete $::COOKIE{"Bugzilla_login"}; delete $::COOKIE{"Bugzilla_login"};
} }
$::userid = $userid;
ConfirmGroup($userid);
$vars->{'user'} = GetUserInfo($::userid); $vars->{'user'} = GetUserInfo($::userid);
return $userid;
return $loginok;
} }
# Populate a hash with information about this user. # Populate a hash with information about this user.
...@@ -500,10 +492,9 @@ sub GetUserInfo { ...@@ -500,10 +492,9 @@ sub GetUserInfo {
$user{'login'} = $::COOKIE{"Bugzilla_login"}; $user{'login'} = $::COOKIE{"Bugzilla_login"};
$user{'userid'} = $userid; $user{'userid'} = $userid;
SendSQL("SELECT mybugslink, realname, groupset, blessgroupset " . SendSQL("SELECT mybugslink, realname " .
"FROM profiles WHERE userid = $userid"); "FROM profiles WHERE userid = $userid");
($user{'showmybugslink'}, $user{'realname'}, $user{'groupset'}, ($user{'showmybugslink'}, $user{'realname'}) = FetchSQLData();
$user{'blessgroupset'}) = FetchSQLData();
SendSQL("SELECT name, query, linkinfooter FROM namedqueries " . SendSQL("SELECT name, query, linkinfooter FROM namedqueries " .
"WHERE userid = $userid"); "WHERE userid = $userid");
...@@ -516,10 +507,15 @@ sub GetUserInfo { ...@@ -516,10 +507,15 @@ sub GetUserInfo {
$user{'queries'} = \@queries; $user{'queries'} = \@queries;
SendSQL("select name, (bit & $user{'groupset'}) != 0 from groups"); $user{'canblessany'} = UserCanBlessAnything();
SendSQL("SELECT name FROM groups, user_group_map " .
"WHERE groups.id = user_group_map.group_id " .
"AND user_id = $userid " .
"AND NOT isbless");
while (MoreSQLData()) { while (MoreSQLData()) {
my ($name, $bit) = FetchSQLData(); my ($name) = FetchSQLData();
$groups{$name} = $bit; $groups{$name} = 1;
} }
$user{'groups'} = \%groups; $user{'groups'} = \%groups;
...@@ -561,6 +557,7 @@ sub confirm_login { ...@@ -561,6 +557,7 @@ sub confirm_login {
# to a later section. -Joe Robins, 8/3/00 # to a later section. -Joe Robins, 8/3/00
my $enteredlogin = ""; my $enteredlogin = "";
my $realcryptpwd = ""; my $realcryptpwd = "";
my $userid;
# If the form contains Bugzilla login and password fields, use Bugzilla's # If the form contains Bugzilla login and password fields, use Bugzilla's
# built-in authentication to authenticate the user (otherwise use LDAP below). # built-in authentication to authenticate the user (otherwise use LDAP below).
...@@ -570,7 +567,6 @@ sub confirm_login { ...@@ -570,7 +567,6 @@ sub confirm_login {
CheckEmailSyntax($enteredlogin); CheckEmailSyntax($enteredlogin);
# Retrieve the user's ID and crypted password from the database. # Retrieve the user's ID and crypted password from the database.
my $userid;
SendSQL("SELECT userid, cryptpassword FROM profiles SendSQL("SELECT userid, cryptpassword FROM profiles
WHERE login_name = " . SqlQuote($enteredlogin)); WHERE login_name = " . SqlQuote($enteredlogin));
($userid, $realcryptpwd) = FetchSQLData(); ($userid, $realcryptpwd) = FetchSQLData();
...@@ -765,9 +761,9 @@ sub confirm_login { ...@@ -765,9 +761,9 @@ sub confirm_login {
print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
} }
my $loginok = quietly_check_login(); $userid = quietly_check_login();
if ($loginok != 1) { if (!$userid) {
if ($::disabledreason) { if ($::disabledreason) {
my $cookiepath = Param("cookiepath"); my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
...@@ -810,7 +806,8 @@ Content-type: text/html ...@@ -810,7 +806,8 @@ Content-type: text/html
SendSQL("UPDATE logincookies SET lastused = null " . SendSQL("UPDATE logincookies SET lastused = null " .
"WHERE cookie = $::COOKIE{'Bugzilla_logincookie'}"); "WHERE cookie = $::COOKIE{'Bugzilla_logincookie'}");
} }
return $::userid; ConfirmGroup($userid);
return $userid;
} }
sub PutHeader { sub PutHeader {
......
attachment.cgi
View file @ 65d3dc0e
...@@ -50,7 +50,6 @@ require "CGI.pl"; ...@@ -50,7 +50,6 @@ require "CGI.pl";
ConnectToDatabase(); ConnectToDatabase();
# Check whether or not the user is logged in and, if so, set the $::userid # Check whether or not the user is logged in and, if so, set the $::userid
# and $::usergroupset variables.
quietly_check_login(); quietly_check_login();
################################################################################ ################################################################################
......
bug_form.pl
View file @ 65d3dc0e
...@@ -82,7 +82,7 @@ sub show_bug { ...@@ -82,7 +82,7 @@ sub show_bug {
bug_file_loc, short_desc, target_milestone, bug_file_loc, short_desc, target_milestone,
qa_contact, status_whiteboard, qa_contact, status_whiteboard,
date_format(creation_ts,'%Y-%m-%d %H:%i'), date_format(creation_ts,'%Y-%m-%d %H:%i'),
groupset, delta_ts, sum(votes.count), delta_ts calc_disp_date delta_ts, sum(votes.count), delta_ts calc_disp_date
FROM bugs LEFT JOIN votes USING(bug_id), products, components FROM bugs LEFT JOIN votes USING(bug_id), products, components
WHERE bugs.bug_id = $id WHERE bugs.bug_id = $id
AND bugs.product_id = products.id AND bugs.product_id = products.id
...@@ -106,7 +106,7 @@ sub show_bug { ...@@ -106,7 +106,7 @@ sub show_bug {
"bug_severity", "component", "assigned_to", "reporter", "bug_severity", "component", "assigned_to", "reporter",
"bug_file_loc", "short_desc", "target_milestone", "bug_file_loc", "short_desc", "target_milestone",
"qa_contact", "status_whiteboard", "creation_ts", "qa_contact", "status_whiteboard", "creation_ts",
"groupset", "delta_ts", "votes","calc_disp_date") "delta_ts", "votes", "calc_disp_date")
{ {
$value = shift(@row); $value = shift(@row);
if ($field eq "calc_disp_date") { if ($field eq "calc_disp_date") {
...@@ -221,22 +221,34 @@ sub show_bug { ...@@ -221,22 +221,34 @@ sub show_bug {
# Groups # Groups
my @groups; my @groups;
if ($::usergroupset ne '0' || $bug{'groupset'} ne '0') {
my $bug_groupset = $bug{'groupset'}; # For every group, we need to know if there is ANY bug_group_map
# record putting the current bug in that group and if there is ANY
SendSQL("SELECT bit, name, description, (bit & $bug_groupset != 0), # user_group_map record putting the user in that group.
(bit & $::usergroupset != 0) FROM groups # The LEFT JOINs are checking for record existence.
WHERE isbuggroup != 0 " . #
# Include active groups as well as inactive groups to which SendSQL("SELECT DISTINCT groups.id, name, description," .
# the bug already belongs. This way the bug can be removed " bug_group_map.group_id IS NOT NULL," .
# from an inactive group but can only be added to active ones. " user_group_map.group_id IS NOT NULL," .
"AND ((isactive = 1 AND (bit & $::usergroupset != 0)) OR " isactive" .
(bit & $bug_groupset != 0))"); " FROM groups" .
" LEFT JOIN bug_group_map" .
" ON bug_group_map.group_id = groups.id" .
" AND bug_id = $bug{'bug_id'}" .
" LEFT JOIN user_group_map" .
" ON user_group_map.group_id = groups.id" .
" AND user_id = $::userid" .
" AND NOT isbless" .
" WHERE isbuggroup");
$user{'inallgroups'} = 1; $user{'inallgroups'} = 1;
while (MoreSQLData()) { while (MoreSQLData()) {
my ($bit, $name, $description, $ison, $ingroup) = FetchSQLData(); my ($groupid, $name, $description, $ison, $ingroup, $isactive)
= FetchSQLData();
$bug{'inagroup'} = 1 if ($ison);
# For product groups, we only want to display the checkbox if either # For product groups, we only want to display the checkbox if either
# (1) The bit is already set, or # (1) The bit is already set, or
# (2) The user is in the group, but either: # (2) The user is in the group, but either:
...@@ -245,24 +257,23 @@ sub show_bug { ...@@ -245,24 +257,23 @@ sub show_bug {
# This means that all product groups will be skipped, but # This means that all product groups will be skipped, but
# non-product bug groups will still be displayed. # non-product bug groups will still be displayed.
if($ison || if($ison ||
($ingroup && (($name eq $bug{'product'}) || ($isactive && ($ingroup && (!Param("usebuggroups") || ($name eq $bug{'product'}) ||
(!defined $::proddesc{$name})))) (!defined $::proddesc{$name})))))
{ {
$user{'inallgroups'} &= $ingroup; $user{'inallgroups'} &= $ingroup;
push (@groups, { "bit" => $bit, push (@groups, { "bit" => $groupid,
"ison" => $ison, "ison" => $ison,
"ingroup" => $ingroup, "ingroup" => $ingroup,
"description" => $description }); "description" => $description });
} }
} }
# If the bug is restricted to a group, display checkboxes that allow # If the bug is restricted to a group, get flags that allow
# the user to set whether or not the reporter # the user to set whether or not the reporter
# and cc list can see the bug even if they are not members of all # and cc list can see the bug even if they are not members of all
# groups to which the bug is restricted. # groups to which the bug is restricted.
if ($bug{'groupset'} != 0) { if ($bug{'inagroup'}) {
$bug{'inagroup'} = 1;
# Determine whether or not the bug is always accessible by the # Determine whether or not the bug is always accessible by the
# reporter, QA contact, and/or users on the cc: list. # reporter, QA contact, and/or users on the cc: list.
...@@ -273,7 +284,6 @@ sub show_bug { ...@@ -273,7 +284,6 @@ sub show_bug {
($bug{'reporter_accessible'}, ($bug{'reporter_accessible'},
$bug{'cclist_accessible'}) = FetchSQLData(); $bug{'cclist_accessible'}) = FetchSQLData();
} }
}
$vars->{'groups'} = \@groups; $vars->{'groups'} = \@groups;
my $movers = Param("movers"); my $movers = Param("movers");
......
buglist.cgi
View file @ 65d3dc0e
...@@ -207,23 +207,24 @@ sub GetQuip { ...@@ -207,23 +207,24 @@ sub GetQuip {
return $quip; return $quip;
} }
sub GetGroupsByGroupSet { sub GetGroupsByUserId {
my ($groupset) = @_; my ($userid) = @_;
return if !$groupset; return if !$userid;
SendSQL(" SendSQL("
SELECT bit, name, description, isactive SELECT groups.id, name, description, isactive
FROM groups FROM groups, user_group_map
WHERE (bit & $groupset) != 0 WHERE user_id = $userid AND NOT isbless
AND isbuggroup != 0 AND user_group_map.group_id = groups.id
AND isbuggroup
ORDER BY description "); ORDER BY description ");
my @groups; my @groups;
while (MoreSQLData()) { while (MoreSQLData()) {
my $group = {}; my $group = {};
($group->{'bit'}, $group->{'name'}, ($group->{'id'}, $group->{'name'},
$group->{'description'}, $group->{'isactive'}) = FetchSQLData(); $group->{'description'}, $group->{'isactive'}) = FetchSQLData();
push(@groups, $group); push(@groups, $group);
} }
...@@ -379,7 +380,6 @@ sub DefineColumn { ...@@ -379,7 +380,6 @@ sub DefineColumn {
# Column: ID Name Title # Column: ID Name Title
DefineColumn("id" , "bugs.bug_id" , "ID" ); DefineColumn("id" , "bugs.bug_id" , "ID" );
DefineColumn("groupset" , "bugs.groupset" , "Groupset" );
DefineColumn("opendate" , "bugs.creation_ts" , "Opened" ); DefineColumn("opendate" , "bugs.creation_ts" , "Opened" );
DefineColumn("changeddate" , "bugs.delta_ts" , "Changed" ); DefineColumn("changeddate" , "bugs.delta_ts" , "Changed" );
DefineColumn("severity" , "bugs.bug_severity" , "Severity" ); DefineColumn("severity" , "bugs.bug_severity" , "Severity" );
...@@ -437,9 +437,6 @@ else { ...@@ -437,9 +437,6 @@ else {
# and are hard-coded into the display templates. # and are hard-coded into the display templates.
@displaycolumns = grep($_ ne 'id', @displaycolumns); @displaycolumns = grep($_ ne 'id', @displaycolumns);
# IMPORTANT! Never allow the groupset column to be displayed!
@displaycolumns = grep($_ ne 'groupset', @displaycolumns);
# Add the votes column to the list of columns to be displayed # Add the votes column to the list of columns to be displayed
# in the bug list if the user is searching for bugs with a certain # in the bug list if the user is searching for bugs with a certain
# number of votes and the votes column is not already on the list. # number of votes and the votes column is not already on the list.
...@@ -458,10 +455,8 @@ if (trim($::FORM{'votes'}) && !grep($_ eq 'votes', @displaycolumns)) { ...@@ -458,10 +455,8 @@ if (trim($::FORM{'votes'}) && !grep($_ eq 'votes', @displaycolumns)) {
# Generate the list of columns that will be selected in the SQL query. # Generate the list of columns that will be selected in the SQL query.
# The bug ID and groupset are always selected because bug IDs are always # The bug ID is always selected because bug IDs are always displayed
# displayed and we need the groupset to determine whether or not the bug my @selectcolumns = ("id");
# is visible to the user.
my @selectcolumns = ("id", "groupset");
# Display columns are selected because otherwise we could not display them. # Display columns are selected because otherwise we could not display them.
push (@selectcolumns, @displaycolumns); push (@selectcolumns, @displaycolumns);
...@@ -721,7 +716,7 @@ if ($dotweak) { ...@@ -721,7 +716,7 @@ if ($dotweak) {
$vars->{'bugstatuses'} = [ keys %$bugstatuses ]; $vars->{'bugstatuses'} = [ keys %$bugstatuses ];
# The groups to which the user belongs. # The groups to which the user belongs.
$vars->{'groups'} = GetGroupsByGroupSet($::usergroupset) if $::usergroupset ne '0'; $vars->{'groups'} = GetGroupsByUserId($::userid);
# If all bugs being changed are in the same product, the user can change # If all bugs being changed are in the same product, the user can change
# their version and component, so generate a list of products, a list of # their version and component, so generate a list of products, a list of
......
checksetup.pl
View file @ 65d3dc0e
...@@ -1360,7 +1360,6 @@ $table{attachstatusdefs} = ...@@ -1360,7 +1360,6 @@ $table{attachstatusdefs} =
# #
$table{bugs} = $table{bugs} =
'bug_id mediumint not null auto_increment primary key, 'bug_id mediumint not null auto_increment primary key,
groupset bigint not null,
assigned_to mediumint not null, # This is a comment. assigned_to mediumint not null, # This is a comment.
bug_file_loc text, bug_file_loc text,
bug_severity enum($my_severities) not null, bug_severity enum($my_severities) not null,
...@@ -1454,16 +1453,7 @@ $table{dependencies} = ...@@ -1454,16 +1453,7 @@ $table{dependencies} =
index(dependson)'; index(dependson)';
# Group bits must be a power of two. Groups are identified by a bit; sets of # User regexp is which email addresses are put into this group.
# groups are indicated by or-ing these values together.
#
# isbuggroup is nonzero if this is a group that controls access to a set
# of bugs. In otherword, the groupset field in the bugs table should only
# have this group's bit set if isbuggroup is nonzero.
#
# User regexp is which email addresses are initially put into this group.
# This is only used when an email account is created; otherwise, profiles
# may be individually tweaked to add them in and out of groups.
# #
# 2001-04-10 myk@mozilla.org: # 2001-04-10 myk@mozilla.org:
# isactive determines whether or not a group is active. An inactive group # isactive determines whether or not a group is active. An inactive group
...@@ -1473,14 +1463,14 @@ $table{dependencies} = ...@@ -1473,14 +1463,14 @@ $table{dependencies} =
# http://bugzilla.mozilla.org/show_bug.cgi?id=75482 # http://bugzilla.mozilla.org/show_bug.cgi?id=75482
$table{groups} = $table{groups} =
'bit bigint not null, 'id mediumint not null auto_increment primary key,
name varchar(255) not null, name varchar(255) not null,
description text not null, description text not null,
isbuggroup tinyint not null, isbuggroup tinyint not null,
last_changed datetime not null,
userregexp tinytext not null, userregexp tinytext not null,
isactive tinyint not null default 1, isactive tinyint not null default 1,
unique(bit),
unique(name)'; unique(name)';
$table{logincookies} = $table{logincookies} =
...@@ -1511,13 +1501,10 @@ $table{profiles} = ...@@ -1511,13 +1501,10 @@ $table{profiles} =
login_name varchar(255) not null, login_name varchar(255) not null,
cryptpassword varchar(34), cryptpassword varchar(34),
realname varchar(255), realname varchar(255),
groupset bigint not null,
disabledtext mediumtext not null, disabledtext mediumtext not null,
mybugslink tinyint not null default 1, mybugslink tinyint not null default 1,
blessgroupset bigint not null default 0,
emailflags mediumtext, emailflags mediumtext,
refreshed_when datetime not null,
unique(login_name)'; unique(login_name)';
...@@ -1610,6 +1597,38 @@ $table{tokens} = ...@@ -1610,6 +1597,38 @@ $table{tokens} =
index(userid)'; index(userid)';
# group membership tables for tracking group and privilege
#
# This table determines the groups that a user belongs to
# directly or due to regexp and which groups can be blessed
# by a user.
#
# isderived:
# if 0 - record was explicitly granted
# if 1 - record was created by evaluating a regexp or group hierarchy
$table{user_group_map} =
'user_id mediumint not null,
group_id mediumint not null,
isbless tinyint not null default 0,
isderived tinyint not null default 0,
unique(user_id, group_id, isderived, isbless)';
$table{group_group_map} =
'member_id mediumint not null,
grantor_id mediumint not null,
isbless tinyint not null default 0,
unique(member_id, grantor_id, isbless)';
# This table determines which groups a user must be a member of
# in order to see a bug.
$table{bug_group_map} =
'bug_id mediumint not null,
group_id mediumint not null,
unique(bug_id, group_id),
index(group_id)';
# 2002-07-19, davef@tetsubo.com, bug 67950: # 2002-07-19, davef@tetsubo.com, bug 67950:
# Store quips in the db. # Store quips in the db.
$table{quips} = $table{quips} =
...@@ -1617,7 +1636,6 @@ $table{quips} = ...@@ -1617,7 +1636,6 @@ $table{quips} =
userid mediumint not null default 0, userid mediumint not null default 0,
quip text not null'; quip text not null';
########################################################################### ###########################################################################
# Create tables # Create tables
########################################################################### ###########################################################################
...@@ -1692,7 +1710,7 @@ sub GroupDoesExist ($) ...@@ -1692,7 +1710,7 @@ sub GroupDoesExist ($)
# #
# This subroutine checks if a group exist. If not, it will be automatically # This subroutine checks if a group exist. If not, it will be automatically
# created with the next available bit set # created with the next available groupid
# #
sub AddGroup { sub AddGroup {
...@@ -1701,57 +1719,19 @@ sub AddGroup { ...@@ -1701,57 +1719,19 @@ sub AddGroup {
return if GroupDoesExist($name); return if GroupDoesExist($name);
# get highest bit number
my $sth = $dbh->prepare("SELECT bit FROM groups ORDER BY bit DESC");
$sth->execute;
my @row = $sth->fetchrow_array;
# normalize bits
my $bit;
if (defined $row[0]) {
$bit = $row[0] << 1;
} else {
$bit = 1;
}
print "Adding group $name ...\n"; print "Adding group $name ...\n";
$sth = $dbh->prepare('INSERT INTO groups my $sth = $dbh->prepare('INSERT INTO groups
(bit, name, description, userregexp, isbuggroup) (name, description, userregexp, isbuggroup)
VALUES (?, ?, ?, ?, ?)'); VALUES (?, ?, ?, ?)');
$sth->execute($bit, $name, $desc, $userregexp, 0); $sth->execute($name, $desc, $userregexp, 0);
return $bit;
}
# $sth = $dbh->prepare("select last_insert_id()");
# BugZilla uses --GROUPS-- to assign various rights to its users. $sth->execute();
# my ($last) = $sth->fetchrow_array();
return $last;
AddGroup 'tweakparams', 'Can tweak operating parameters';
AddGroup 'editusers', 'Can edit or disable users';
AddGroup 'creategroups', 'Can create and destroy groups.';
AddGroup 'editcomponents', 'Can create, destroy, and edit components.';
AddGroup 'editkeywords', 'Can create, destroy, and edit keywords.';
# Add the groupset field here because this code is run before the
# code that updates the database structure.
&AddField('profiles', 'groupset', 'bigint not null');
if (!GroupDoesExist("editbugs")) {
my $id = AddGroup('editbugs', 'Can edit all aspects of any bug.', ".*");
$dbh->do("UPDATE profiles SET groupset = groupset | $id");
}
if (!GroupDoesExist("canconfirm")) {
my $id = AddGroup('canconfirm', 'Can confirm a bug.', ".*");
$dbh->do("UPDATE profiles SET groupset = groupset | $id");
} }
########################################################################### ###########################################################################
# Populate the list of fields. # Populate the list of fields.
########################################################################### ###########################################################################
...@@ -1818,9 +1798,9 @@ AddFDef("(to_days(now()) - to_days(bugs.delta_ts))", "Days since bug changed", ...@@ -1818,9 +1798,9 @@ AddFDef("(to_days(now()) - to_days(bugs.delta_ts))", "Days since bug changed",
AddFDef("longdesc", "Comment", 0); AddFDef("longdesc", "Comment", 0);
AddFDef("alias", "Alias", 0); AddFDef("alias", "Alias", 0);
AddFDef("everconfirmed", "Ever Confirmed", 0); AddFDef("everconfirmed", "Ever Confirmed", 0);
AddFDef("groupset", "Groupset", 0);
AddFDef("reporter_accessible", "Reporter Accessible", 0); AddFDef("reporter_accessible", "Reporter Accessible", 0);
AddFDef("cclist_accessible", "CC Accessible", 0); AddFDef("cclist_accessible", "CC Accessible", 0);
AddFDef("bug_group", "Group", 0);
# Oops. Bug 163299 # Oops. Bug 163299
$dbh->do("DELETE FROM fielddefs WHERE name='cc_accessible'"); $dbh->do("DELETE FROM fielddefs WHERE name='cc_accessible'");
...@@ -1938,180 +1918,8 @@ CheckEnumField('bugs', 'rep_platform', @my_platforms); ...@@ -1938,180 +1918,8 @@ CheckEnumField('bugs', 'rep_platform', @my_platforms);
########################################################################### ###########################################################################
# Create Administrator --ADMIN--
###########################################################################
# Prompt the user for the email address and name of an administrator. Create
# that login, if it doesn't exist already, and make it a member of all groups.
sub bailout { # this is just in case we get interrupted while getting passwd
system("stty","echo"); # re-enable input echoing
exit 1;
}
$sth = $dbh->prepare(<<_End_Of_SQL_);
SELECT login_name
FROM profiles
WHERE groupset=9223372036854775807
_End_Of_SQL_
$sth->execute;
# when we have no admin users, prompt for admin email address and password ...
if ($sth->rows == 0) {
my $login = "";
my $realname = "";
my $pass1 = "";
my $pass2 = "*";
my $admin_ok = 0;
my $admin_create = 1;
my $mailcheckexp = Param('emailregexp');
my $mailcheck = Param('emailregexpdesc');
print "\nLooks like we don't have an administrator set up yet. Either this is your\n";
print "first time using Bugzilla, or your administrator's privs might have accidently\n";
print "gotten deleted at some point.\n";
while(! $admin_ok ) {
while( $login eq "" ) {
print "Enter the e-mail address of the administrator: ";
$login = $answer{'ADMIN_EMAIL'}
|| ($silent && die("cant preload ADMIN_EMAIL"))
|| <STDIN>;
chomp $login;
if(! $login ) {
print "\nYou DO want an administrator, don't you?\n";
}
unless ($login =~ /$mailcheckexp/) {
print "\nThe login address is invalid:\n";
print "$mailcheck\n";
print "You can change this test on the params page once checksetup has successfully\n";
print "completed.\n\n";
# Go round, and ask them again
$login = "";
}
}
$login = $dbh->quote($login);
$sth = $dbh->prepare(<<_End_Of_SQL_);
SELECT login_name
FROM profiles
WHERE login_name=$login
_End_Of_SQL_
$sth->execute;
if ($sth->rows > 0) {
print "$login already has an account.\n";
print "Make this user the administrator? [Y/n] ";
my $ok = $answer{'ADMIN_OK'}
|| ($silent && die("cant preload ADMIN_OK"))
|| <STDIN>;
chomp $ok;
if ($ok !~ /^n/i) {
$admin_ok = 1;
$admin_create = 0;
} else {
print "OK, well, someone has to be the administrator. Try someone else.\n";
$login = "";
}
} else {
print "You entered $login. Is this correct? [Y/n] ";
my $ok = $answer{'ADMIN_OK'}
|| ($silent && die("cant preload ADMIN_OK"))
|| <STDIN>;
chomp $ok;
if ($ok !~ /^n/i) {
$admin_ok = 1;
} else {
print "That's okay, typos happen. Give it another shot.\n";
$login = "";
}
}
}
if ($admin_create) {
while( $realname eq "" ) {
print "Enter the real name of the administrator: ";
$realname = $answer{'ADMIN_REALNAME'}
|| ($silent && die("cant preload ADMIN_REALNAME"))
|| <STDIN>;
chomp $realname;
if(! $realname ) {
print "\nReally. We need a full name.\n";
}
}
# trap a few interrupts so we can fix the echo if we get aborted.
$SIG{HUP} = \&bailout;
$SIG{INT} = \&bailout;
$SIG{QUIT} = \&bailout;
$SIG{TERM} = \&bailout;
system("stty","-echo"); # disable input echoing
while( $pass1 ne $pass2 ) {
while( $pass1 eq "" || $pass1 !~ /^[a-zA-Z0-9-_]{3,16}$/ ) {
print "Enter a password for the administrator account: ";
$pass1 = $answer{'ADMIN_PASSWORD'}
|| ($silent && die("cant preload ADMIN_PASSWORD"))
|| <STDIN>;
chomp $pass1;
if(! $pass1 ) {
print "\n\nIt's just plain stupid to not have a password. Try again!\n";
} elsif ( $pass1 !~ /^.{3,16}$/ ) {
print "The password must be 3-16 characters in length.";
}
}
print "\nPlease retype the password to verify: ";
$pass2 = $answer{'ADMIN_PASSWORD'}
|| ($silent && die("cant preload ADMIN_PASSWORD"))
|| <STDIN>;
chomp $pass2;
if ($pass1 ne $pass2) {
print "\n\nPasswords don't match. Try again!\n";
$pass1 = "";
$pass2 = "*";
}
}
# Crypt the administrator's password
my $cryptedpassword = Crypt($pass1);
system("stty","echo"); # re-enable input echoing
$SIG{HUP} = 'DEFAULT'; # and remove our interrupt hooks
$SIG{INT} = 'DEFAULT';
$SIG{QUIT} = 'DEFAULT';
$SIG{TERM} = 'DEFAULT';
$realname = $dbh->quote($realname);
$cryptedpassword = $dbh->quote($cryptedpassword);
$dbh->do(<<_End_Of_SQL_);
INSERT INTO profiles
(login_name, realname, cryptpassword, groupset)
VALUES ($login, $realname, $cryptedpassword, 0x7fffffffffffffff)
_End_Of_SQL_
} else {
$dbh->do(<<_End_Of_SQL_);
UPDATE profiles
SET groupset=0x7fffffffffffffff
WHERE login_name=$login
_End_Of_SQL_
}
print "\n$login is now set up as the administrator account.\n";
}
###########################################################################
# Create initial test product if there are no products present. # Create initial test product if there are no products present.
########################################################################### ###########################################################################
$sth = $dbh->prepare(<<_End_Of_SQL_);
SELECT userid
FROM profiles
WHERE groupset=9223372036854775807
_End_Of_SQL_
$sth->execute;
my ($adminuid) = $sth->fetchrow_array;
if (!$adminuid) { die "No administator!" } # should never get here
$sth = $dbh->prepare("SELECT description FROM products"); $sth = $dbh->prepare("SELECT description FROM products");
$sth->execute; $sth->execute;
unless ($sth->rows) { unless ($sth->rows) {
...@@ -2126,19 +1934,20 @@ unless ($sth->rows) { ...@@ -2126,19 +1934,20 @@ unless ($sth->rows) {
$sth->execute; $sth->execute;
my ($product_id) = $sth->fetchrow_array; my ($product_id) = $sth->fetchrow_array;
$dbh->do(qq{INSERT INTO versions (value, product_id) VALUES ("other", $product_id)}); $dbh->do(qq{INSERT INTO versions (value, product_id) VALUES ("other", $product_id)});
# note: since admin user is not yet known, components gets a 0 for
# initialowner and this is fixed during final checks.
$dbh->do("INSERT INTO components (name, product_id, description, initialowner, initialqacontact) $dbh->do("INSERT INTO components (name, product_id, description, initialowner, initialqacontact)
VALUES (" . VALUES (" .
"'TestComponent', $product_id, " . "'TestComponent', $product_id, " .
"'This is a test component in the test product database. " . "'This is a test component in the test product database. " .
"This ought to be blown away and replaced with real stuff in " . "This ought to be blown away and replaced with real stuff in " .
"a finished installation of bugzilla.', $adminuid, 0)"); "a finished installation of Bugzilla.', 0, 0)");
$dbh->do(qq{INSERT INTO milestones (product_id, value) VALUES ($product_id,"---")}); $dbh->do(qq{INSERT INTO milestones (product_id, value) VALUES ($product_id,"---")});
} }
########################################################################### ###########################################################################
# Update the tables to the current definition # Update the tables to the current definition
########################################################################### ###########################################################################
...@@ -2238,8 +2047,10 @@ sub TableExists ($) ...@@ -2238,8 +2047,10 @@ sub TableExists ($)
# really old fields that were added before checksetup.pl existed # really old fields that were added before checksetup.pl existed
# but aren't in very old bugzilla's (like 2.1) # but aren't in very old bugzilla's (like 2.1)
# Steve Stock (sstock@iconnect-inc.com) # Steve Stock (sstock@iconnect-inc.com)
# bug 157756 - groupsets replaced by maps
# AddField('bugs', 'groupset', 'bigint not null');
AddField('bugs', 'target_milestone', 'varchar(20) not null default "---"'); AddField('bugs', 'target_milestone', 'varchar(20) not null default "---"');
AddField('bugs', 'groupset', 'bigint not null');
AddField('bugs', 'qa_contact', 'mediumint not null'); AddField('bugs', 'qa_contact', 'mediumint not null');
AddField('bugs', 'status_whiteboard', 'mediumtext not null'); AddField('bugs', 'status_whiteboard', 'mediumtext not null');
AddField('products', 'disallownew', 'tinyint not null'); AddField('products', 'disallownew', 'tinyint not null');
...@@ -2673,7 +2484,8 @@ if (!GetFieldDef('bugs', 'everconfirmed')) { ...@@ -2673,7 +2484,8 @@ if (!GetFieldDef('bugs', 'everconfirmed')) {
} }
AddField('products', 'maxvotesperbug', 'smallint not null default 10000'); AddField('products', 'maxvotesperbug', 'smallint not null default 10000');
AddField('products', 'votestoconfirm', 'smallint not null'); AddField('products', 'votestoconfirm', 'smallint not null');
AddField('profiles', 'blessgroupset', 'bigint not null'); # bug 157756 - groupsets replaced by maps
# AddField('profiles', 'blessgroupset', 'bigint not null');
# 2000-03-21 Adding a table for target milestones to # 2000-03-21 Adding a table for target milestones to
# database - matthew@zeroknowledge.com # database - matthew@zeroknowledge.com
...@@ -3216,6 +3028,222 @@ if (($fielddef = GetFieldDef("attachments", "creation_ts")) && ...@@ -3216,6 +3028,222 @@ if (($fielddef = GetFieldDef("attachments", "creation_ts")) &&
ChangeFieldType("attachments", "creation_ts", "datetime NOT NULL"); ChangeFieldType("attachments", "creation_ts", "datetime NOT NULL");
} }
# 2002-08-XX - bugreport@peshkin.net - bug 157756
#
# If the whole groups system is new, but the installation isn't,
# convert all the old groupset groups, etc...
#
# This requires:
# 1) define groups ids in group table
# 2) populate user_group_map with grants from old groupsets and blessgroupsets
# 3) populate bug_group_map with data converted from old bug groupsets
# 4) convert activity logs to use group names instead of numbers
# 5) identify the admin from the old all-ones groupset
#
# ListBits(arg) returns a list of UNKNOWN<n> if the group
# has been deleted for all bits set in arg. When the activity
# records are converted from groupset numbers to lists of
# group names, ListBits is used to fill in a list of references
# to groupset bits for groups that no longer exist.
#
sub ListBits {
my ($num) = @_;
my @res = ();
my $curr = 1;
while (1) {
# Convert a big integer to a list of bits
my $sth = $dbh->prepare("SELECT ($num & ~$curr) > 0,
($num & $curr),
($num & ~$curr),
$curr << 1");
$sth->execute;
my ($more, $thisbit, $remain, $nval) = $sth->fetchrow_array;
push @res,"UNKNOWN<$curr>" if ($thisbit);
$curr = $nval;
$num = $remain;
last if (!$more);
}
return @res;
}
my @admins = ();
# The groups system needs to be converted if groupset exists
if (GetFieldDef("profiles", "groupset")) {
AddField('groups', 'last_changed', 'datetime not null');
# Some mysql versions will promote any unique key to primary key
# so all unique keys are removed first and then added back in
$dbh->do("ALTER TABLE groups DROP INDEX bit") if GetIndexDef("groups","bit");
$dbh->do("ALTER TABLE groups DROP INDEX name") if GetIndexDef("groups","name");
$dbh->do("ALTER TABLE groups DROP PRIMARY KEY");
AddField('groups', 'id', 'mediumint not null auto_increment primary key');
$dbh->do("ALTER TABLE groups ADD UNIQUE (name)");
AddField('profiles', 'refreshed_when', 'datetime not null');
# Convert all existing groupset records to map entries before removing
# groupset fields or removing "bit" from groups.
$sth = $dbh->prepare("SELECT bit, id FROM groups
WHERE bit > 0");
$sth->execute();
while (my ($bit, $gid) = $sth->fetchrow_array) {
# Create user_group_map membership grants for old groupsets.
# Get each user with the old groupset bit set
my $sth2 = $dbh->prepare("SELECT userid FROM profiles
WHERE (groupset & $bit) != 0");
$sth2->execute();
while (my ($uid) = $sth2->fetchrow_array) {
# Check to see if the user is already a member of the group
# and, if not, insert a new record.
my $query = "SELECT user_id FROM user_group_map
WHERE group_id = $gid AND user_id = $uid
AND isbless = 0";
my $sth3 = $dbh->prepare($query);
$sth3->execute();
if ( !$sth3->fetchrow_array() ) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES($uid, $gid, 0, 0)");
}
}
# Create user can bless group grants for old groupsets.
# Get each user with the old blessgroupset bit set
$sth2 = $dbh->prepare("SELECT userid FROM profiles
WHERE (blessgroupset & $bit) != 0");
$sth2->execute();
while (my ($uid) = $sth2->fetchrow_array) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES($uid, $gid, 1, 0)");
}
# Create bug_group_map records for old groupsets.
# Get each bug with the old group bit set.
$sth2 = $dbh->prepare("SELECT bug_id FROM bugs
WHERE (groupset & $bit) != 0");
$sth2->execute();
while (my ($bug_id) = $sth2->fetchrow_array) {
# Insert the bug, group pair into the bug_group_map.
$dbh->do("INSERT INTO bug_group_map
(bug_id, group_id)
VALUES($bug_id, $gid)");
}
}
# Replace old activity log groupset records with lists of names of groups.
# Start by defining the bug_group field and getting its id.
AddFDef("bug_group", "Group", 0);
$sth = $dbh->prepare("SELECT fieldid FROM fielddefs WHERE name = " . $dbh->quote('bug_group'));
$sth->execute();
my ($bgfid) = $sth->fetchrow_array;
# Get the field id for the old groupset field
$sth = $dbh->prepare("SELECT fieldid FROM fielddefs WHERE name = " . $dbh->quote('groupset'));
$sth->execute();
my ($gsid) = $sth->fetchrow_array;
# Get all bugs_activity records from groupset changes
$sth = $dbh->prepare("SELECT bug_id, bug_when, who, added, removed
FROM bugs_activity WHERE fieldid = $gsid");
$sth->execute();
while (my ($bug_id, $bug_when, $who, $added, $removed) = $sth->fetchrow_array) {
$added ||= 0;
$removed ||= 0;
# Get names of groups added.
my $sth2 = $dbh->prepare("SELECT name FROM groups WHERE (bit & $added) != 0 AND (bit & $removed) = 0");
$sth2->execute();
my @logadd = ();
while (my ($n) = $sth2->fetchrow_array) {
push @logadd, $n;
}
# Get names of groups removed.
$sth2 = $dbh->prepare("SELECT name FROM groups WHERE (bit & $removed) != 0 AND (bit & $added) = 0");
$sth2->execute();
my @logrem = ();
while (my ($n) = $sth2->fetchrow_array) {
push @logrem, $n;
}
# Get list of group bits added that correspond to missing groups.
$sth2 = $dbh->prepare("SELECT ($added & ~BIT_OR(bit)) FROM groups");
$sth2->execute();
my ($miss) = $sth2->fetchrow_array;
if ($miss) {
push @logadd, ListBits($miss);
print "\nWARNING - GROUPSET ACTIVITY ON BUG $bug_id CONTAINS DELETED GROUPS\n";
}
# Get list of group bits deleted that correspond to missing groups.
$sth2 = $dbh->prepare("SELECT ($removed & ~BIT_OR(bit)) FROM groups");
$sth2->execute();
($miss) = $sth2->fetchrow_array;
if ($miss) {
push @logrem, ListBits($miss);
print "\nWARNING - GROUPSET ACTIVITY ON BUG $bug_id CONTAINS DELETED GROUPS\n";
}
my $logr = "";
my $loga = "";
$logr = join(", ", @logrem) . '?' if @logrem;
$loga = join(", ", @logadd) . '?' if @logadd;
# Replace to old activity record with the converted data.
$dbh->do("UPDATE bugs_activity SET fieldid = $bgfid, added = " .
$dbh->quote($loga) . ", removed = " .
$dbh->quote($logr) .
" WHERE bug_id = $bug_id AND bug_when = " . $dbh->quote($bug_when) .
" AND who = $who AND fieldid = $gsid");
}
# Replace groupset changes with group name changes in profiles_activity.
# Get profiles_activity records for groupset.
$sth = $dbh->prepare("SELECT userid, profiles_when, who, newvalue, oldvalue
FROM profiles_activity WHERE fieldid = $gsid");
$sth->execute();
while (my ($uid, $uwhen, $uwho, $added, $removed) = $sth->fetchrow_array) {
$added ||= 0;
$removed ||= 0;
# Get names of groups added.
my $sth2 = $dbh->prepare("SELECT name FROM groups WHERE (bit & $added) != 0 AND (bit & $removed) = 0");
$sth2->execute();
my @logadd = ();
while (my ($n) = $sth2->fetchrow_array) {
push @logadd, $n;
}
# Get names of groups removed.
$sth2 = $dbh->prepare("SELECT name FROM groups WHERE (bit & $removed) != 0 AND (bit & $added) = 0");
$sth2->execute();
my @logrem = ();
while (my ($n) = $sth2->fetchrow_array) {
push @logrem, $n;
}
my $ladd = "";
my $lrem = "";
$ladd = join(", ", @logadd) . '?' if @logadd;
$lrem = join(", ", @logrem) . '?' if @logrem;
# Replace profiles_activity record for groupset change with group list.
$dbh->do("UPDATE profiles_activity SET fieldid = $bgfid, newvalue = " .
$dbh->quote($ladd) . ", oldvalue = " .
$dbh->quote($lrem) .
" WHERE userid = $uid AND profiles_when = " .
$dbh->quote($uwhen) .
" AND who = $uwho AND fieldid = $gsid");
}
# Identify admin group.
my $sth = $dbh->prepare("SELECT id FROM groups
WHERE name = 'admin'");
$sth->execute();
my ($adminid) = $sth->fetchrow_array();
# find existing admins
# Don't lose admins from DBs where Bug 157704 applies
$sth = $dbh->prepare("SELECT userid, (groupset & 65536), login_name FROM profiles
WHERE (groupset | 65536) = 9223372036854775807");
$sth->execute();
while ( my ($userid, $iscomplete, $login_name) = $sth->fetchrow_array() ) {
# existing administrators are made members of group "admin"
print "\nWARNING - $login_name IS AN ADMIN IN SPITE OF BUG 157704\n\n"
if (!$iscomplete);
push @admins, $userid;
}
DropField('profiles','groupset');
DropField('profiles','blessgroupset');
DropField('bugs','groupset');
DropField('groups','bit');
$dbh->do("DELETE FROM fielddefs WHERE name = " . $dbh->quote('groupset'));
}
# If you had to change the --TABLE-- definition in any way, then add your # If you had to change the --TABLE-- definition in any way, then add your
# differential change code *** A B O V E *** this comment. # differential change code *** A B O V E *** this comment.
# #
...@@ -3225,9 +3253,291 @@ if (($fielddef = GetFieldDef("attachments", "creation_ts")) && ...@@ -3225,9 +3253,291 @@ if (($fielddef = GetFieldDef("attachments", "creation_ts")) &&
# AddField/DropField/ChangeFieldType/RenameField code above. This would then # AddField/DropField/ChangeFieldType/RenameField code above. This would then
# be honored by everyone who updates his Bugzilla installation. # be honored by everyone who updates his Bugzilla installation.
# #
#
# BugZilla uses --GROUPS-- to assign various rights to its users.
#
AddGroup('tweakparams', 'Can tweak operating parameters');
AddGroup('editusers', 'Can edit or disable users');
AddGroup('creategroups', 'Can create and destroy groups.');
AddGroup('editcomponents', 'Can create, destroy, and edit components.');
AddGroup('editkeywords', 'Can create, destroy, and edit keywords.');
AddGroup('admin', 'Administrators');
if (!GroupDoesExist("editbugs")) {
my $id = AddGroup('editbugs', 'Can edit all aspects of any bug.', ".*");
my $sth = $dbh->prepare("SELECT userid FROM profiles");
$sth->execute();
while (my ($userid) = $sth->fetchrow_array()) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $id, 0, 0)");
}
}
if (!GroupDoesExist("canconfirm")) {
my $id = AddGroup('canconfirm', 'Can confirm a bug.', ".*");
my $sth = $dbh->prepare("SELECT userid FROM profiles");
$sth->execute();
while (my ($userid) = $sth->fetchrow_array()) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $id, 0, 0)");
}
}
###########################################################################
# Create Administrator --ADMIN--
###########################################################################
sub bailout { # this is just in case we get interrupted while getting passwd
system("stty","echo"); # re-enable input echoing
exit 1;
}
if (@admins) {
# Identify admin group.
my $sth = $dbh->prepare("SELECT id FROM groups
WHERE name = 'admin'");
$sth->execute();
my ($adminid) = $sth->fetchrow_array();
foreach my $userid (@admins) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $adminid, 0, 0)");
# Existing administrators are made blessers of group "admin"
# but only explitly defined blessers can bless group admin.
# Other groups can be blessed by any admin (by default) or additional
# defined blessers.
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $adminid, 1, 0)");
}
$sth = $dbh->prepare("SELECT id FROM groups");
$sth->execute();
while ( my ($id) = $sth->fetchrow_array() ) {
# Admins can bless every group.
$dbh->do("INSERT INTO group_group_map
(member_id, grantor_id, isbless)
VALUES ($adminid, $id, 1)");
# Admins are initially members of every group.
next if ($id == $adminid);
$dbh->do("INSERT INTO group_group_map
(member_id, grantor_id, isbless)
VALUES ($adminid, $id, 0)");
}
}
my @groups = ();
$sth = $dbh->prepare("select id from groups");
$sth->execute();
while ( my @row = $sth->fetchrow_array() ) {
push (@groups, $row[0]);
}
# Prompt the user for the email address and name of an administrator. Create
# that login, if it doesn't exist already, and make it a member of all groups.
$sth = $dbh->prepare("SELECT user_id FROM groups, user_group_map" .
" WHERE name = 'admin' AND id = group_id");
$sth->execute;
# when we have no admin users, prompt for admin email address and password ...
if ($sth->rows == 0) {
my $login = "";
my $realname = "";
my $pass1 = "";
my $pass2 = "*";
my $admin_ok = 0;
my $admin_create = 1;
my $mailcheckexp = "";
my $mailcheck = "";
# Here we look to see what the emailregexp is set to so we can
# check the email addy they enter. Bug 96675. If they have no
# params (likely but not always the case), we use the default.
if (-e "data/params") {
require "data/params"; # if they have a params file, use that
}
if (Param('emailregexp')) {
$mailcheckexp = Param('emailregexp');
$mailcheck = Param('emailregexpdesc');
} else {
$mailcheckexp = '^[^@]+@[^@]+\\.[^@]+$';
$mailcheck = 'A legal address must contain exactly one \'@\',
and at least one \'.\' after the @.';
}
print "\nLooks like we don't have an administrator set up yet. Either this is your\n";
print "first time using Bugzilla, or your administrator's privileges might have accidently\n";
print "been deleted.\n";
while(! $admin_ok ) {
while( $login eq "" ) {
print "Enter the e-mail address of the administrator: ";
$login = $answer{'ADMIN_EMAIL'}
|| ($silent && die("cant preload ADMIN_EMAIL"))
|| <STDIN>;
chomp $login;
if(! $login ) {
print "\nYou DO want an administrator, don't you?\n";
}
unless ($login =~ /$mailcheckexp/) {
print "\nThe login address is invalid:\n";
print "$mailcheck\n";
print "You can change this test on the params page once checksetup has successfully\n";
print "completed.\n\n";
# Go round, and ask them again
$login = "";
}
}
$login = $dbh->quote($login);
$sth = $dbh->prepare("SELECT login_name FROM profiles" .
" WHERE login_name=$login");
$sth->execute;
if ($sth->rows > 0) {
print "$login already has an account.\n";
print "Make this user the administrator? [Y/n] ";
my $ok = $answer{'ADMIN_OK'}
|| ($silent && die("cant preload ADMIN_OK"))
|| <STDIN>;
chomp $ok;
if ($ok !~ /^n/i) {
$admin_ok = 1;
$admin_create = 0;
} else {
print "OK, well, someone has to be the administrator. Try someone else.\n";
$login = "";
}
} else {
print "You entered $login. Is this correct? [Y/n] ";
my $ok = $answer{'ADMIN_OK'}
|| ($silent && die("cant preload ADMIN_OK"))
|| <STDIN>;
chomp $ok;
if ($ok !~ /^n/i) {
$admin_ok = 1;
} else {
print "That's okay, typos happen. Give it another shot.\n";
$login = "";
}
}
}
if ($admin_create) {
while( $realname eq "" ) {
print "Enter the real name of the administrator: ";
$realname = $answer{'ADMIN_REALNAME'}
|| ($silent && die("cant preload ADMIN_REALNAME"))
|| <STDIN>;
chomp $realname;
if(! $realname ) {
print "\nReally. We need a full name.\n";
}
}
# trap a few interrupts so we can fix the echo if we get aborted.
$SIG{HUP} = \&bailout;
$SIG{INT} = \&bailout;
$SIG{QUIT} = \&bailout;
$SIG{TERM} = \&bailout;
system("stty","-echo"); # disable input echoing
while( $pass1 ne $pass2 ) {
while( $pass1 eq "" || $pass1 !~ /^[a-zA-Z0-9-_]{3,16}$/ ) {
print "Enter a password for the administrator account: ";
$pass1 = $answer{'ADMIN_PASSWORD'}
|| ($silent && die("cant preload ADMIN_PASSWORD"))
|| <STDIN>;
chomp $pass1;
if(! $pass1 ) {
print "\n\nIt's just plain stupid to not have a password. Try again!\n";
} elsif ( $pass1 !~ /^.{3,16}$/ ) {
print "The password must be 3-16 characters in length.";
}
}
print "\nPlease retype the password to verify: ";
$pass2 = $answer{'ADMIN_PASSWORD'}
|| ($silent && die("cant preload ADMIN_PASSWORD"))
|| <STDIN>;
chomp $pass2;
if ($pass1 ne $pass2) {
print "\n\nPasswords don't match. Try again!\n";
$pass1 = "";
$pass2 = "*";
}
}
# Crypt the administrator's password
my $cryptedpassword = Crypt($pass1);
system("stty","echo"); # re-enable input echoing
$SIG{HUP} = 'DEFAULT'; # and remove our interrupt hooks
$SIG{INT} = 'DEFAULT';
$SIG{QUIT} = 'DEFAULT';
$SIG{TERM} = 'DEFAULT';
$realname = $dbh->quote($realname);
$cryptedpassword = $dbh->quote($cryptedpassword);
$dbh->do("INSERT INTO profiles (login_name, realname, cryptpassword)" .
" VALUES ($login, $realname, $cryptedpassword)");
}
# Put the admin in each group if not already
my $query = "select userid from profiles where login_name = $login";
$sth = $dbh->prepare($query);
$sth->execute();
my ($userid) = $sth->fetchrow_array();
foreach my $group (@groups) {
my $query = "SELECT user_id FROM user_group_map
WHERE group_id = $group AND user_id = $userid
AND isbless = 0";
$sth = $dbh->prepare($query);
$sth->execute();
if ( !$sth->fetchrow_array() ) {
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $group, 0, 0)");
}
}
# the admin also gets an explicit bless capability for the admin group
my $sth = $dbh->prepare("SELECT id FROM groups
WHERE name = 'admin'");
$sth->execute();
my ($id) = $sth->fetchrow_array();
$dbh->do("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($userid, $id, 1, 0)");
foreach my $group ( @groups ) {
$dbh->do("INSERT INTO group_group_map
(member_id, grantor_id, isbless)
VALUES ($id, $group, 1)");
}
print "\n$login is now set up as an administrator account.\n";
}
# #
# Final checks... # Final checks...
$sth = $dbh->prepare("SELECT user_id FROM groups, user_group_map" .
" WHERE groups.name = 'admin'" .
" AND groups.id = user_group_map.group_id");
$sth->execute;
my ($adminuid) = $sth->fetchrow_array;
if (!$adminuid) { die "No administrator!" } # should never get here
# when test product was created, admin was unknown
$dbh->do("UPDATE components SET initialowner = $adminuid WHERE initialowner = 0");
unlink "data/versioncache"; unlink "data/versioncache";
print "Reminder: Bugzilla now requires version 8.7 or later of sendmail.\n" unless $silent; print "Reminder: Bugzilla now requires version 8.7 or later of sendmail.\n" unless $silent;
contrib/bug_email.pl
View file @ 65d3dc0e
...@@ -37,7 +37,7 @@ ...@@ -37,7 +37,7 @@
# #
# You need to work with bug_email.pl the MIME::Parser installed. # You need to work with bug_email.pl the MIME::Parser installed.
# #
# $Id: bug_email.pl,v 1.13 2002/08/26 06:17:21 bbaetz%student.usyd.edu.au Exp $ # $Id: bug_email.pl,v 1.14 2002/09/22 17:15:03 bugreport%peshkin.net Exp $
############################################################### ###############################################################
# 02/12/2000 (SML) # 02/12/2000 (SML)
......
docs/sgml/administration.sgml
View file @ 65d3dc0e
...@@ -212,33 +212,11 @@ ...@@ -212,33 +212,11 @@
you for this username and password.</para> you for this username and password.</para>
<tip> <tip>
<para>If you wish to add more administrative users, you must use the <para>If you wish to add more administrative users, add them to
MySQL interface. Run "mysql" from the command line, and use these the "admin" group and, optionally, add edit the tweakparams, editusers,
commands: creategroups, editcomponents, and editkeywords groups to add the
<simplelist> entire admin group to those groups.
<member>
<prompt>mysql&gt;</prompt>
<command>use bugs;</command>
</member>
<member>
<prompt>mysql&gt;</prompt>
<command>
update profiles set groupset=0x7ffffffffffffff where login_name =
"(user's login name)";
</command>
</member>
</simplelist>
</para> </para>
<para>Yes, that is
<emphasis>fourteen</emphasis>
<quote>f</quote>
's. A whole lot of f-ing going on if you want to create a new
administator.</para>
</tip> </tip>
</section> </section>
...@@ -698,10 +676,22 @@ ...@@ -698,10 +676,22 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Fill out the "New Name", "New Description", and <para>Fill out the "Group", "Description", and
"New User RegExp" fields. "New User RegExp" allows you to automatically "User RegExp" fields. "New User RegExp" allows you to automatically
place all users who fulfill the Regular Expression into the new group. place all users who fulfill the Regular Expression into the new group.
When you have finished, click "Add".</para> When you have finished, click "Add".</para>
<warning>
<para>The User Regexp is a perl regexp and, if not anchored, will match
any part of an address. So, if you do not want to grant access
into 'mycompany.com' to 'badperson@mycompany.com.hacker.net', use
'@mycompany\.com$' as the regexp.</para>
</warning>
</listitem>
<listitem>
<para>After you add your new group, edit the new group. On the
edit page, you can specify other groups that should be included
in this group and which groups should be permitted to add and delete
users from this group.</para>
</listitem> </listitem>
</orderedlist> </orderedlist>
...@@ -712,17 +702,6 @@ ...@@ -712,17 +702,6 @@
<para>Turn on "usebuggroups" and "usebuggroupsentry" in the "Edit <para>Turn on "usebuggroups" and "usebuggroupsentry" in the "Edit
Parameters" screen.</para> Parameters" screen.</para>
<warning>
<para>XXX is this still true?
"usebuggroupsentry" has the capacity to prevent the
administrative user from directly altering bugs because of
conflicting group permissions. If you plan on using
"usebuggroupsentry", you should plan on restricting
administrative account usage to administrative duties only. In
other words, manage bugs with an unpriveleged user account, and
manage users, groups, Products, etc. with the administrative
account.</para>
</warning>
</listitem> </listitem>
<listitem> <listitem>
...@@ -734,13 +713,6 @@ ...@@ -734,13 +713,6 @@
</listitem> </listitem>
</orderedlist> </orderedlist>
<warning>
<para>Bugzilla currently has a limit of 64 groups per installation. If
you have more than about 50 products, you should consider
running multiple Bugzillas. Ask in the newsgroup for other
suggestions for working around this restriction.</para>
</warning>
<para> <para>
Note that group permissions are such that you need to be a member Note that group permissions are such that you need to be a member
of <emphasis>all</emphasis> the groups a bug is in, for whatever of <emphasis>all</emphasis> the groups a bug is in, for whatever
......
docs/xml/administration.xml
View file @ 65d3dc0e
...@@ -212,33 +212,11 @@ ...@@ -212,33 +212,11 @@
you for this username and password.</para> you for this username and password.</para>
<tip> <tip>
<para>If you wish to add more administrative users, you must use the <para>If you wish to add more administrative users, add them to
MySQL interface. Run "mysql" from the command line, and use these the "admin" group and, optionally, add edit the tweakparams, editusers,
commands: creategroups, editcomponents, and editkeywords groups to add the
<simplelist> entire admin group to those groups.
<member>
<prompt>mysql&gt;</prompt>
<command>use bugs;</command>
</member>
<member>
<prompt>mysql&gt;</prompt>
<command>
update profiles set groupset=0x7ffffffffffffff where login_name =
"(user's login name)";
</command>
</member>
</simplelist>
</para> </para>
<para>Yes, that is
<emphasis>fourteen</emphasis>
<quote>f</quote>
's. A whole lot of f-ing going on if you want to create a new
administator.</para>
</tip> </tip>
</section> </section>
...@@ -698,10 +676,22 @@ ...@@ -698,10 +676,22 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Fill out the "New Name", "New Description", and <para>Fill out the "Group", "Description", and
"New User RegExp" fields. "New User RegExp" allows you to automatically "User RegExp" fields. "New User RegExp" allows you to automatically
place all users who fulfill the Regular Expression into the new group. place all users who fulfill the Regular Expression into the new group.
When you have finished, click "Add".</para> When you have finished, click "Add".</para>
<warning>
<para>The User Regexp is a perl regexp and, if not anchored, will match
any part of an address. So, if you do not want to grant access
into 'mycompany.com' to 'badperson@mycompany.com.hacker.net', use
'@mycompany\.com$' as the regexp.</para>
</warning>
</listitem>
<listitem>
<para>After you add your new group, edit the new group. On the
edit page, you can specify other groups that should be included
in this group and which groups should be permitted to add and delete
users from this group.</para>
</listitem> </listitem>
</orderedlist> </orderedlist>
...@@ -712,17 +702,6 @@ ...@@ -712,17 +702,6 @@
<para>Turn on "usebuggroups" and "usebuggroupsentry" in the "Edit <para>Turn on "usebuggroups" and "usebuggroupsentry" in the "Edit
Parameters" screen.</para> Parameters" screen.</para>
<warning>
<para>XXX is this still true?
"usebuggroupsentry" has the capacity to prevent the
administrative user from directly altering bugs because of
conflicting group permissions. If you plan on using
"usebuggroupsentry", you should plan on restricting
administrative account usage to administrative duties only. In
other words, manage bugs with an unpriveleged user account, and
manage users, groups, Products, etc. with the administrative
account.</para>
</warning>
</listitem> </listitem>
<listitem> <listitem>
...@@ -734,13 +713,6 @@ ...@@ -734,13 +713,6 @@
</listitem> </listitem>
</orderedlist> </orderedlist>
<warning>
<para>Bugzilla currently has a limit of 64 groups per installation. If
you have more than about 50 products, you should consider
running multiple Bugzillas. Ask in the newsgroup for other
suggestions for working around this restriction.</para>
</warning>
<para> <para>
Note that group permissions are such that you need to be a member Note that group permissions are such that you need to be a member
of <emphasis>all</emphasis> the groups a bug is in, for whatever of <emphasis>all</emphasis> the groups a bug is in, for whatever
......
duplicates.cgi
View file @ 65d3dc0e
...@@ -40,7 +40,7 @@ GetVersionTable(); ...@@ -40,7 +40,7 @@ GetVersionTable();
quietly_check_login(); quietly_check_login();
use vars qw (%FORM $userid $usergroupset @legal_product); use vars qw (%FORM $userid @legal_product);
my %dbmcount; my %dbmcount;
my %count; my %count;
...@@ -160,9 +160,7 @@ if (scalar(%count)) { ...@@ -160,9 +160,7 @@ if (scalar(%count)) {
# Limit to a single product if requested # Limit to a single product if requested
$query .= (" AND bugs.product_id = " . $product_id) if $product_id; $query .= (" AND bugs.product_id = " . $product_id) if $product_id;
SendSQL(SelectVisible($query, SendSQL($query);
$userid,
$usergroupset));
while (MoreSQLData()) { while (MoreSQLData()) {
# Note: maximum row count is dealt with in the template. # Note: maximum row count is dealt with in the template.
...@@ -170,6 +168,7 @@ if (scalar(%count)) { ...@@ -170,6 +168,7 @@ if (scalar(%count)) {
my ($id, $component, $bug_severity, $op_sys, $target_milestone, my ($id, $component, $bug_severity, $op_sys, $target_milestone,
$short_desc, $bug_status, $resolution) = FetchSQLData(); $short_desc, $bug_status, $resolution) = FetchSQLData();
next if (!CanSeeBug($id, $::userid));
# Limit to open bugs only if requested # Limit to open bugs only if requested
next if $openonly && ($resolution ne ""); next if $openonly && ($resolution ne "");
......
editgroups.cgi
View file @ 65d3dc0e
...@@ -19,6 +19,7 @@ ...@@ -19,6 +19,7 @@
# Rights Reserved. # Rights Reserved.
# #
# Contributor(s): Dave Miller <justdave@syndicomm.com> # Contributor(s): Dave Miller <justdave@syndicomm.com>
# Joel Peshkin <bugreport@peshkin.net>
# Jacob Steenhagen <jake@bugzilla.org> # Jacob Steenhagen <jake@bugzilla.org>
# Code derived from editowners.cgi and editusers.cgi # Code derived from editowners.cgi and editusers.cgi
...@@ -99,36 +100,36 @@ sub PutTrailer (@) ...@@ -99,36 +100,36 @@ sub PutTrailer (@)
unless ($action) { unless ($action) {
PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in."); PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in.");
print "<form method=post action=editgroups.cgi>\n";
print "<table border=1>\n"; print "<table border=1>\n";
print "<tr>"; print "<tr>";
print "<th>Bit</th>";
print "<th>Name</th>"; print "<th>Name</th>";
print "<th>Description</th>"; print "<th>Description</th>";
print "<th>User RegExp</th>"; print "<th>User RegExp</th>";
print "<th>Active</th>"; print "<th>Use For Bugs</th>";
print "<th>Type</th>";
print "<th>Action</th>"; print "<th>Action</th>";
print "</tr>\n"; print "</tr>\n";
SendSQL("SELECT bit,name,description,userregexp,isactive " . SendSQL("SELECT id,name,description,userregexp,isactive,isbuggroup " .
"FROM groups " . "FROM groups " .
"WHERE isbuggroup != 0 " . "ORDER BY isbuggroup, name");
"ORDER BY bit");
while (MoreSQLData()) { while (MoreSQLData()) {
my ($bit, $name, $desc, $regexp, $isactive) = FetchSQLData(); my ($groupid, $name, $desc, $regexp, $isactive, $isbuggroup) = FetchSQLData();
print "<tr>\n"; print "<tr>\n";
print "<td valign=middle>$bit</td>\n"; print "<td>$name</td>\n";
print "<td><input size=20 name=\"name-$bit\" value=\"$name\">\n"; print "<td>$desc</td>\n";
print "<input type=hidden name=\"oldname-$bit\" value=\"$name\"></td>\n"; print "<td>$regexp&nbsp</td>\n";
print "<td><input size=40 name=\"desc-$bit\" value=\"$desc\">\n"; print "<td align=center>";
print "<input type=hidden name=\"olddesc-$bit\" value=\"$desc\"></td>\n"; print "X" if $isactive;
print "<td><input size=30 name=\"regexp-$bit\" value=\"$regexp\">\n"; print "&nbsp</td>\n";
print "<input type=hidden name=\"oldregexp-$bit\" value=\"$regexp\"></td>\n"; print "<td> &nbsp ";
print "<td><input type=\"checkbox\" name=\"isactive-$bit\" value=\"1\"" . ($isactive ? " checked" : "") . ">\n"; print (($isbuggroup == 0 ) ? "system" : "user");
print "<input type=hidden name=\"oldisactive-$bit\" value=\"$isactive\"></td>\n"; print "&nbsp</td>\n";
print "<td align=center valign=middle><a href=\"editgroups.cgi?action=del&group=$bit\">Delete</a></td>\n"; print "<td align=center valign=middle>
print "</tr>\n"; <a href=\"editgroups.cgi?action=changeform&group=$groupid\">Edit</a>";
print " | <a href=\"editgroups.cgi?action=del&group=$groupid\">Delete</a>" if ($isbuggroup != 0);
print "</td></tr>\n";
} }
print "<tr>\n"; print "<tr>\n";
...@@ -136,62 +137,135 @@ unless ($action) { ...@@ -136,62 +137,135 @@ unless ($action) {
print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n"; print "<td><a href=\"editgroups.cgi?action=add\">Add Group</a></td>\n";
print "</tr>\n"; print "</tr>\n";
print "</table>\n"; print "</table>\n";
print "<input type=hidden name=\"action\" value=\"update\">";
print "<input type=submit value=\"Submit changes\">\n";
print "<p>"; print "<p>";
print "<b>Name</b> is what is used with the UserInGroup() function in any print "<b>Name</b> is what is used with the UserInGroup() function in any
customized cgi files you write that use a given group. It can also be used by customized cgi files you write that use a given group. It can also be used by
people submitting bugs by email to limit a bug to a certain groupset. <p>"; people submitting bugs by email to limit a bug to a certain set of groups. <p>";
print "<b>Description</b> is what will be shown in the bug reports to print "<b>Description</b> is what will be shown in the bug reports to
members of the group where they can choose whether the bug will be restricted members of the group where they can choose whether the bug will be restricted
to others in the same group.<p>"; to others in the same group.<p>";
print "<b>User RegExp</b> is optional, and if filled in, will automatically print "<b>User RegExp</b> is optional, and if filled in, will automatically
grant membership to this group to anyone creating a new account with an grant membership to this group to anyone creating a new account with an
email address that matches this regular expression.<p>"; email address that matches this perl regular expression. Do not forget the trailing \'\$\'. Example \'\@mycompany\\.com\$\'<p>";
print "The <b>Active</b> flag determines whether or not the group is active. print "The <b>Use For Bugs</b> flag determines whether or not the group is eligible to be used for bugs.
If you deactivate a group it will no longer be possible for users to add bugs If you remove this flag, it will no longer be possible for users to add bugs
to that group, although bugs already in the group will remain in the group. to this group, although bugs already in the group will remain in the group.
Deactivating a group is a much less drastic way to stop a group from growing Doing so is a much less drastic way to stop a group from growing
than deleting the group would be.<p>"; than deleting the group as well as a way to maintain lists of users without cluttering the lists of groups used for bug restrictions.<p>";
print "In addition, the following groups that determine user privileges print "The <b>Type</b> field identifies system groups.<p>";
exist. You can only edit the User rexexp on these groups. You should also take
care not to duplicate the Names of any of them in your user groups.<p>";
print "Also please note that both of the Submit Changes buttons on this page
will submit the changes in both tables. There are two buttons simply for the
sake of convience.<p>";
print "<table border=1>\n"; PutFooter();
print "<tr>"; exit;
print "<th>Bit</th>"; }
print "<th>Name</th>";
print "<th>Description</th>";
print "<th>User RegExp</th>";
print "</tr>\n";
SendSQL("SELECT bit,name,description,userregexp " . #
"FROM groups " . #
"WHERE isbuggroup = 0 " . # action='changeform' -> present form for altering an existing group
"ORDER BY bit"); #
# (next action will be 'postchanges')
#
while (MoreSQLData()) { if ($action eq 'changeform') {
my ($bit, $name, $desc, $regexp) = FetchSQLData(); PutHeader("Change Group");
print "<tr>\n";
print "<td>$bit</td>\n"; my $gid = trim($::FORM{group} || '');
print "<td>$name</td>\n"; unless ($gid) {
print "<input type=hidden name=\"name-$bit\" value=\"$name\">\n"; ShowError("No group specified.<BR>" .
print "<input type=hidden name=\"oldname-$bit\" value=\"$name\">\n"; "Click the <b>Back</b> button and try again.");
print "<td>$desc</td>\n"; PutFooter();
print "<td><input type=text size=30 name=\"regexp-$bit\" value=\"$regexp\"></td>\n"; exit;
print "<input type=hidden name=\"oldregexp-$bit\" value=\"$regexp\">\n";
print "</tr>\n";
} }
print "</table><p>\n"; SendSQL("SELECT id, name, description, userregexp, isactive, isbuggroup
print "<input type=submit value=\"Submit changes\">\n"; FROM groups WHERE id=" . SqlQuote($gid));
print "</form>\n"; my ($group_id, $name, $description, $rexp, $isactive, $isbuggroup)
= FetchSQLData();
PutFooter(); print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
print "<TABLE BORDER=1 CELLPADDING=4>";
print "<TR><TH>Group:</TH><TD>";
if ($isbuggroup == 0) {
print "$name";
} else {
print "<INPUT TYPE=HIDDEN NAME=\"oldname\" VALUE=$name>
<INPUT SIZE=60 NAME=\"name\" VALUE=\"$name\">";
}
print "</TD></TR><TR><TH>Description:</TH><TD>";
if ($isbuggroup == 0) {
print "$description";
} else {
print "<INPUT TYPE=HIDDEN NAME=\"olddesc\" VALUE=\"$description\">
<INPUT SIZE=70 NAME=\"desc\" VALUE=\"$description\">";
}
print "</TD></TR><TR>
<TH>User Regexp:</TH><TD>";
print "<INPUT TYPE=HIDDEN NAME=\"oldrexp\" VALUE=\"$rexp\">
<INPUT SIZE=40 NAME=\"rexp\" VALUE=\"$rexp\"></TD></TR>";
if ($isbuggroup == 1) {
print "<TR><TH>Use For Bugs:</TH><TD>
<INPUT TYPE=checkbox NAME =\"isactive\" VALUE=1 " . (($isactive == 1) ? "CHECKED" : "") . ">
<INPUT TYPE=HIDDEN NAME=\"oldisactive\" VALUE=$isactive>
</TD>
</TR>";
}
print "</TABLE>
<BR>
Users become members of this group in one of three ways:
<BR>
- by being explicity included when the user is edited
<BR>
- by matching the user regexp above
<BR>
- by being a member of one of the groups included in this group
by checking the boxes
below. <P>\n";
print "<TABLE>";
print "<TR><TD COLSPAN=4>Members of these groups can grant membership to this group</TD></TR>";
print "<TR><TD ALIGN=CENTER>|</TD><TD COLSPAN=3>Members of these groups are included in this group</TD></TR>";
print "<TR><TD ALIGN=CENTER>|</TD><TD ALIGN=CENTER>|</TD><TD COLSPAN=2></TD><TR>";
# For each group, we use left joins to establish the existance of
# a record making that group a member of this group
# and the existance of a record permitting that group to bless
# this one
SendSQL("SELECT groups.id, groups.name, groups.description," .
" group_group_map.member_id IS NOT NULL," .
" B.member_id IS NOT NULL" .
" FROM groups" .
" LEFT JOIN group_group_map" .
" ON group_group_map.member_id = groups.id" .
" AND group_group_map.grantor_id = $group_id" .
" AND group_group_map.isbless = 0" .
" LEFT JOIN group_group_map as B" .
" ON B.member_id = groups.id" .
" AND B.grantor_id = $group_id" .
" AND B.isbless" .
" WHERE groups.id != $group_id ORDER by name");
while (MoreSQLData()) {
my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember) = FetchSQLData();
my $grpchecked = $grpmember ? "CHECKED" : "";
my $blesschecked = $blessmember ? "CHECKED" : "";
print "<TR>";
print "<TD><INPUT TYPE=checkbox NAME=\"bless-$grpid\" $blesschecked VALUE=1>";
print "<INPUT TYPE=HIDDEN NAME=\"oldbless-$grpid\" VALUE=$blessmember></TD>";
print "<TD><INPUT TYPE=checkbox NAME=\"grp-$grpid\" $grpchecked VALUE=1>";
print "<INPUT TYPE=HIDDEN NAME=\"oldgrp-$grpid\" VALUE=$grpmember></TD>";
print "<TD><B>$grpnam</B></TD>";
print "<TD>$grpdesc</TD>";
print "</TR>\n";
}
print "</TABLE><BR>";
print "<INPUT TYPE=SUBMIT VALUE=\"Submit\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"postchanges\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=$gid>\n";
print "</FORM>";
PutTrailer("<a href=editgroups.cgi>Back to group list</a>");
exit; exit;
} }
...@@ -209,7 +283,7 @@ if ($action eq 'add') { ...@@ -209,7 +283,7 @@ if ($action eq 'add') {
print "<th>New Name</th>"; print "<th>New Name</th>";
print "<th>New Description</th>"; print "<th>New Description</th>";
print "<th>New User RegExp</th>"; print "<th>New User RegExp</th>";
print "<th>Active</th>"; print "<th>Use For Bugs</th>";
print "</tr><tr>"; print "</tr><tr>";
print "<td><input size=20 name=\"name\"></td>\n"; print "<td><input size=20 name=\"name\"></td>\n";
print "<td><input size=40 name=\"desc\"></td>\n"; print "<td><input size=40 name=\"desc\"></td>\n";
...@@ -223,17 +297,17 @@ if ($action eq 'add') { ...@@ -223,17 +297,17 @@ if ($action eq 'add') {
print "<p>"; print "<p>";
print "<b>Name</b> is what is used with the UserInGroup() function in any print "<b>Name</b> is what is used with the UserInGroup() function in any
customized cgi files you write that use a given group. It can also be used by customized cgi files you write that use a given group. It can also be used by
people submitting bugs by email to limit a bug to a certain groupset. It people submitting bugs by email to limit a bug to a certain set of groups. It
may not contain any spaces.<p>"; may not contain any spaces.<p>";
print "<b>Description</b> is what will be shown in the bug reports to print "<b>Description</b> is what will be shown in the bug reports to
members of the group where they can choose whether the bug will be restricted members of the group where they can choose whether the bug will be restricted
to others in the same group.<p>"; to others in the same group.<p>";
print "The <b>Active</b> flag determines whether or not the group is active. print "The <b>Use For Bugs</b> flag determines whether or not the group is eligible to be used for bugs.
If you deactivate a group it will no longer be possible for users to add bugs If you clear this, it will no longer be possible for users to add bugs
to that group, although bugs already in the group will remain in the group. to this group, although bugs already in the group will remain in the group.
Deactivating a group is a much less drastic way to stop a group from growing Doing so is a much less drastic way to stop a group from growing
than deleting the group would be. <b>Note: If you are creating a group, you than deleting the group would be. <b>Note: If you are creating a group, you
probably want it to be active, in which case you should leave this checked.</b><p>"; probably want it to be usable for bugs, in which case you should leave this checked.</b><p>";
print "<b>User RegExp</b> is optional, and if filled in, will automatically print "<b>User RegExp</b> is optional, and if filled in, will automatically
grant membership to this group to anyone creating a new account with an grant membership to this group to anyone creating a new account with an
email address that matches this regular expression.<p>"; email address that matches this regular expression.<p>";
...@@ -287,62 +361,30 @@ if ($action eq 'new') { ...@@ -287,62 +361,30 @@ if ($action eq 'new') {
exit; exit;
} }
# Major hack for bit values... perl can't handle 64-bit ints, so I can't if (!eval {qr/$regexp/}) {
# just do the math to get the next available bit number, gotta handle ShowError("The regular expression you entered is invalid. " .
# them as strings... also, we're actually only going to allow 63 bits "Please click the <b>Back</b> button and try again.");
# because that's all that opblessgroupset masks for (the high bit is off PutFooter();
# to avoid signing issues).
my @bitvals = ('1','2','4','8','16','32','64','128','256','512','1024',
'2048','4096','8192','16384','32768',
'65536','131072','262144','524288','1048576','2097152',
'4194304','8388608','16777216','33554432','67108864',
'134217728','268435456','536870912','1073741824',
'2147483648',
'4294967296','8589934592','17179869184','34359738368',
'68719476736','137438953472','274877906944',
'549755813888','1099511627776','2199023255552',
'4398046511104','8796093022208','17592186044416',
'35184372088832','70368744177664','140737488355328',
'281474976710656','562949953421312','1125899906842624',
'2251799813685248','4503599627370496','9007199254740992',
'18014398509481984','36028797018963968','72057594037927936',
'144115188075855872','288230376151711744',
'576460752303423488','1152921504606846976',
'2305843009213693952','4611686018427387904');
# First the next available bit
my $bit = "";
foreach (@bitvals) {
if ($bit eq "") {
SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($_));
if (!FetchOneColumn()) { $bit = $_; }
}
}
if ($bit eq "") {
ShowError("Sorry, you already have the maximum number of groups " .
"defined.<BR><BR>You must delete a group first before you " .
"can add any more.</B>");
PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
exit; exit;
} }
# Add the new group # Add the new group
SendSQL("INSERT INTO groups ( " . SendSQL("INSERT INTO groups ( " .
"bit, name, description, isbuggroup, userregexp, isactive" . "name, description, isbuggroup, userregexp, isactive, last_changed " .
" ) VALUES ( " . " ) VALUES ( " .
$bit . "," . SqlQuote($name) . ", " .
SqlQuote($name) . "," . SqlQuote($desc) . ", " .
SqlQuote($desc) . "," .
"1," . "1," .
SqlQuote($regexp) . "," . SqlQuote($regexp) . ", " .
$isactive . ")" ); $isactive . ", NOW())" );
SendSQL("SELECT last_insert_id()");
my $gid = FetchOneColumn();
my $admin = GroupNameToId('admin');
SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless)
VALUES ($admin, $gid, 0)");
SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless)
VALUES ($admin, $gid, 1)");
print "OK, done.<p>\n"; print "OK, done.<p>\n";
print "Your new group was assigned bit #$bit.<p>";
PutTrailer("<a href=\"editgroups.cgi?action=add\">Add another group</a>", PutTrailer("<a href=\"editgroups.cgi?action=add\">Add another group</a>",
"<a href=\"editgroups.cgi\">Back to the group list</a>"); "<a href=\"editgroups.cgi\">Back to the group list</a>");
exit; exit;
...@@ -356,14 +398,14 @@ if ($action eq 'new') { ...@@ -356,14 +398,14 @@ if ($action eq 'new') {
if ($action eq 'del') { if ($action eq 'del') {
PutHeader("Delete group"); PutHeader("Delete group");
my $bit = trim($::FORM{group} || ''); my $gid = trim($::FORM{group} || '');
unless ($bit) { unless ($gid) {
ShowError("No group specified.<BR>" . ShowError("No group specified.<BR>" .
"Click the <b>Back</b> button and try again."); "Click the <b>Back</b> button and try again.");
PutFooter(); PutFooter();
exit; exit;
} }
SendSQL("SELECT bit FROM groups WHERE bit=" . SqlQuote($bit)); SendSQL("SELECT id FROM groups WHERE id=" . SqlQuote($gid));
if (!FetchOneColumn()) { if (!FetchOneColumn()) {
ShowError("That group doesn't exist.<BR>" . ShowError("That group doesn't exist.<BR>" .
"Click the <b>Back</b> button and try again."); "Click the <b>Back</b> button and try again.");
...@@ -372,17 +414,17 @@ if ($action eq 'del') { ...@@ -372,17 +414,17 @@ if ($action eq 'del') {
} }
SendSQL("SELECT name,description " . SendSQL("SELECT name,description " .
"FROM groups " . "FROM groups " .
"WHERE bit = " . SqlQuote($bit)); "WHERE id = " . SqlQuote($gid));
my ($name, $desc) = FetchSQLData(); my ($name, $desc) = FetchSQLData();
print "<table border=1>\n"; print "<table border=1>\n";
print "<tr>"; print "<tr>";
print "<th>Bit</th>"; print "<th>Id</th>";
print "<th>Name</th>"; print "<th>Name</th>";
print "<th>Description</th>"; print "<th>Description</th>";
print "</tr>\n"; print "</tr>\n";
print "<tr>\n"; print "<tr>\n";
print "<td>$bit</td>\n"; print "<td>$gid</td>\n";
print "<td>$name</td>\n"; print "<td>$name</td>\n";
print "<td>$desc</td>\n"; print "<td>$desc</td>\n";
print "</tr>\n"; print "</tr>\n";
...@@ -390,19 +432,19 @@ if ($action eq 'del') { ...@@ -390,19 +432,19 @@ if ($action eq 'del') {
print "<FORM METHOD=POST ACTION=editgroups.cgi>\n"; print "<FORM METHOD=POST ACTION=editgroups.cgi>\n";
my $cantdelete = 0; my $cantdelete = 0;
SendSQL("SELECT login_name FROM profiles WHERE " . SendSQL("SELECT user_id FROM user_group_map
"(groupset & $bit) OR (blessgroupset & $bit)"); WHERE group_id = $gid AND isbless = 0");
if (!FetchOneColumn()) {} else { if (!FetchOneColumn()) {} else {
$cantdelete = 1; $cantdelete = 1;
print " print "
<B>One or more users belong to this group. You cannot delete this group while <B>One or more users belong to this group. You cannot delete this group while
there are users in it.</B><BR> there are users in it.</B><BR>
<A HREF=\"editusers.cgi?action=list&query=" . <A HREF=\"editusers.cgi?action=list&group=$gid\">Show me which users.</A> - <INPUT TYPE=CHECKBOX NAME=\"removeusers\">Remove all users from
url_quote("(groupset & $bit) OR (blessgroupset & $bit)") . "\">Show me which users.</A> - <INPUT TYPE=CHECKBOX NAME=\"removeusers\">Remove all users from
this group for me<P> this group for me<P>
"; ";
} }
SendSQL("SELECT bug_id FROM bugs WHERE (groupset & $bit)"); SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
my $buglist="";
if (MoreSQLData()) { if (MoreSQLData()) {
$cantdelete = 1; $cantdelete = 1;
my $buglist = "0"; my $buglist = "0";
...@@ -440,7 +482,7 @@ You cannot delete this group while it is tied to a product.</B><BR> ...@@ -440,7 +482,7 @@ You cannot delete this group while it is tied to a product.</B><BR>
} }
print "<P><INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n"; print "<P><INPUT TYPE=SUBMIT VALUE=\"Yes, delete\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"delete\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$bit\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"group\" VALUE=\"$gid\">\n";
print "</FORM>"; print "</FORM>";
PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>"); PutTrailer("<a href=editgroups.cgi>No, go back to the group list</a>");
...@@ -453,8 +495,8 @@ You cannot delete this group while it is tied to a product.</B><BR> ...@@ -453,8 +495,8 @@ You cannot delete this group while it is tied to a product.</B><BR>
if ($action eq 'delete') { if ($action eq 'delete') {
PutHeader("Deleting group"); PutHeader("Deleting group");
my $bit = trim($::FORM{group} || ''); my $gid = trim($::FORM{group} || '');
unless ($bit) { unless ($gid) {
ShowError("No group specified.<BR>" . ShowError("No group specified.<BR>" .
"Click the <b>Back</b> button and try again."); "Click the <b>Back</b> button and try again.");
PutFooter(); PutFooter();
...@@ -462,27 +504,19 @@ if ($action eq 'delete') { ...@@ -462,27 +504,19 @@ if ($action eq 'delete') {
} }
SendSQL("SELECT name " . SendSQL("SELECT name " .
"FROM groups " . "FROM groups " .
"WHERE bit = " . SqlQuote($bit)); "WHERE group_id = " . SqlQuote($gid));
my ($name) = FetchSQLData(); my ($name) = FetchSQLData();
my $cantdelete = 0; my $cantdelete = 0;
my $opblessgroupset = '9223372036854775807'; # This is all 64 bits.
SendSQL("SELECT userid FROM profiles " . SendSQL("SELECT user_id FROM user_group_map
"WHERE (groupset & $opblessgroupset)=$opblessgroupset"); WHERE group_id = $gid AND isbless = 0");
my @opusers = ();
while (MoreSQLData()) {
my ($userid) = FetchSQLData();
push @opusers, $userid; # cache a list of the users with admin powers
}
SendSQL("SELECT login_name FROM profiles WHERE " .
"(groupset & $bit)=$bit OR (blessgroupset & $bit)=$bit");
if (FetchOneColumn()) { if (FetchOneColumn()) {
if (!defined $::FORM{'removeusers'}) { if (!defined $::FORM{'removeusers'}) {
$cantdelete = 1; $cantdelete = 1;
} }
} }
SendSQL("SELECT bug_id FROM bugs WHERE (groupset & $bit)=$bit"); SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
if (FetchOneColumn()) { if (FetchOneColumn()) {
if (!defined $::FORM{'removebugs'}) { if (!defined $::FORM{'removebugs'}) {
$cantdelete = 1; $cantdelete = 1;
...@@ -496,141 +530,123 @@ if ($action eq 'delete') { ...@@ -496,141 +530,123 @@ if ($action eq 'delete') {
} }
if ($cantdelete == 1) { if ($cantdelete == 1) {
ShowError("This group cannot be deleted because there are child " . ShowError("This group cannot be deleted because there are " .
"records in the database which refer to it. All child records " . "records in the database which refer to it. All such records " .
"must be removed or altered to remove the reference to this " . "must be removed or altered to remove the reference to this " .
"group before the group can be deleted."); "group before the group can be deleted.");
print "<A HREF=\"editgroups.cgi?action=del&group=$bit\">" . print "<A HREF=\"editgroups.cgi?action=del&group=$gid\">" .
"View the list of which records are affected</A><BR>"; "View the list of which records are affected</A><BR>";
PutTrailer("<a href=editgroups.cgi>Back to group list</a>"); PutTrailer("<a href=editgroups.cgi>Back to group list</a>");
exit; exit;
} }
SendSQL("SELECT login_name,groupset,blessgroupset FROM profiles WHERE " . SendSQL("DELETE FROM user_group_map WHERE group_id = $gid");
"(groupset & $bit) OR (blessgroupset & $bit)"); SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid");
if (FetchOneColumn()) { SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid");
SendSQL("UPDATE profiles SET groupset=(groupset-$bit) " . SendSQL("DELETE FROM groups WHERE id = $gid");
"WHERE (groupset & $bit)"); print "<B>Group $gid has been deleted.</B><BR>";
print "All users have been removed from group $bit.<BR>";
SendSQL("UPDATE profiles SET blessgroupset=(blessgroupset-$bit) " .
"WHERE (blessgroupset & $bit)");
print "All users with authority to add users to group $bit have " .
"had that authority removed.<BR>";
}
SendSQL("SELECT bug_id FROM bugs WHERE (groupset & $bit)");
if (FetchOneColumn()) {
SendSQL("UPDATE bugs SET groupset=(groupset-$bit), delta_ts=delta_ts " .
"WHERE (groupset & $bit)");
print "All bugs have had group bit $bit cleared. Any of these " .
"bugs that were not also in another group are now " .
"publicly visible.<BR>";
}
SendSQL("DELETE FROM groups WHERE bit=$bit");
print "<B>Group $bit has been deleted.</B><BR>";
foreach my $userid (@opusers) {
SendSQL("UPDATE profiles SET groupset=$opblessgroupset " .
"WHERE userid=$userid");
print "Group bits restored for " . DBID_to_name($userid) .
" (maintainer)<BR>\n";
}
PutTrailer("<a href=editgroups.cgi>Back to group list</a>"); PutTrailer("<a href=editgroups.cgi>Back to group list</a>");
exit; exit;
} }
# #
# action='update' -> update the groups # action='postchanges' -> update the groups
# #
if ($action eq 'update') { if ($action eq 'postchanges') {
PutHeader("Updating groups"); PutHeader("Updating group hierarchy");
my $gid = trim($::FORM{group} || '');
unless ($gid) {
ShowError("No group specified.<BR>" .
"Click the <b>Back</b> button and try again.");
PutFooter();
exit;
}
SendSQL("SELECT isbuggroup FROM groups WHERE id = $gid");
my ($isbuggroup) = FetchSQLData();
my $chgs = 0; my $chgs = 0;
if (($isbuggroup == 1) && ($::FORM{"oldname"} ne $::FORM{"name"})) {
foreach my $b (grep(/^name-\d*$/, keys %::FORM)) {
if ($::FORM{$b}) {
my $v = substr($b, 5);
# print "Old: '" . $::FORM{"oldname-$v"} . "', '" . $::FORM{"olddesc-$v"} .
# "', '" . $::FORM{"oldregexp-$v"} . "'<br>";
# print "New: '" . $::FORM{"name-$v"} . "', '" . $::FORM{"desc-$v"} .
# "', '" . $::FORM{"regexp-$v"} . "'<br>";
if ($::FORM{"oldname-$v"} ne $::FORM{"name-$v"}) {
$chgs = 1; $chgs = 1;
SendSQL("SELECT name FROM groups WHERE name=" . SendSQL("UPDATE groups SET name = " .
SqlQuote($::FORM{"name-$v"})); SqlQuote($::FORM{"name"}) . " WHERE id = $gid");
if (!FetchOneColumn()) {
SendSQL("SELECT name FROM groups WHERE name=" .
SqlQuote($::FORM{"oldname-$v"}) .
" && isbuggroup = 0");
if (FetchOneColumn()) {
ShowError("You cannot update the name of a " .
"system group. Skipping $v");
} else {
SendSQL("UPDATE groups SET name=" .
SqlQuote($::FORM{"name-$v"}) .
" WHERE bit=" . SqlQuote($v));
print "Group $v name updated.<br>\n";
}
} else {
ShowError("Duplicate name '" . $::FORM{"name-$v"} .
"' specified for group $v.<BR>" .
"Update of group $v name skipped.");
} }
if (($isbuggroup == 1) && ($::FORM{"olddesc"} ne $::FORM{"desc"})) {
$chgs = 1;
SendSQL("UPDATE groups SET description = " .
SqlQuote($::FORM{"desc"}) . " WHERE id = $gid");
} }
if ($::FORM{"olddesc-$v"} ne $::FORM{"desc-$v"}) { if ($::FORM{"oldrexp"} ne $::FORM{"rexp"}) {
$chgs = 1; $chgs = 1;
SendSQL("SELECT description FROM groups WHERE description=" . if (!eval {qr/$::FORM{"rexp"}/}) {
SqlQuote($::FORM{"desc-$v"})); ShowError("The regular expression you entered is invalid. " .
if (!FetchOneColumn()) { "Please click the <b>Back</b> button and try again.");
SendSQL("UPDATE groups SET description=" . PutFooter();
SqlQuote($::FORM{"desc-$v"}) . exit;
" WHERE bit=" . SqlQuote($v));
print "Group $v description updated.<br>\n";
} else {
ShowError("Duplicate description '" . $::FORM{"desc-$v"} .
"' specified for group $v.<BR>" .
"Update of group $v description skipped.");
} }
SendSQL("UPDATE groups SET userregexp = " .
SqlQuote($::FORM{"rexp"}) . " WHERE id = $gid");
} }
if ($::FORM{"oldregexp-$v"} ne $::FORM{"regexp-$v"}) { if (($isbuggroup == 1) && ($::FORM{"oldisactive"} ne $::FORM{"isactive"})) {
$chgs = 1; $chgs = 1;
SendSQL("UPDATE groups SET userregexp=" . SendSQL("UPDATE groups SET isactive = " .
SqlQuote($::FORM{"regexp-$v"}) . SqlQuote($::FORM{"isactive"}) . " WHERE id = $gid");
" WHERE bit=" . SqlQuote($v));
print "Group $v user regexp updated.<br>\n";
} }
# convert an undefined value in the inactive field to zero
# (this occurs when the inactive checkbox is not checked print "Checking....";
# and the browser does not send the field to the server) foreach my $b (grep(/^oldgrp-\d*$/, keys %::FORM)) {
my $isactive = $::FORM{"isactive-$v"} || 0; if (defined($::FORM{$b})) {
if ($::FORM{"oldisactive-$v"} != $isactive) { my $v = substr($b, 7);
my $grp = $::FORM{"grp-$v"} || 0;
if ($::FORM{"oldgrp-$v"} != $grp) {
$chgs = 1;
print "changed";
if ($grp != 0) {
print " set ";
SendSQL("INSERT INTO group_group_map
(member_id, grantor_id, isbless)
VALUES ($v, $gid, 0)");
} else {
print " cleared ";
SendSQL("DELETE FROM group_group_map
WHERE member_id = $v AND grantor_id = $gid
AND isbless = 0");
}
}
my $bless = $::FORM{"bless-$v"} || 0;
if ($::FORM{"oldbless-$v"} != $bless) {
$chgs = 1; $chgs = 1;
if ($isactive == 0 || $isactive == 1) { print "changed";
SendSQL("UPDATE groups SET isactive=$isactive" . if ($bless != 0) {
" WHERE bit=" . SqlQuote($v)); print " set ";
print "Group $v active flag updated.<br>\n"; SendSQL("INSERT INTO group_group_map
(member_id, grantor_id, isbless)
VALUES ($v, $gid, 1)");
} else { } else {
ShowError("The value '" . $isactive . print " cleared ";
"' is not a valid value for the active flag.<BR>" . SendSQL("DELETE FROM group_group_map
"There may be a problem with Bugzilla or a bug in your browser.<br>" . WHERE member_id = $v AND grantor_id = $gid
"Update of active flag for group $v skipped."); AND isbless = 1");
} }
} }
} }
} }
if (!$chgs) { if (!$chgs) {
print "You didn't change anything!<BR>\n"; print "You didn't change anything!<BR>\n";
print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n"; print "If you really meant it, hit the <B>Back</B> button and try again.<p>\n";
} else { } else {
SendSQL("UPDATE groups SET last_changed = NOW() WHERE id = $gid");
print "Done.<p>\n"; print "Done.<p>\n";
} }
PutTrailer("<a href=editgroups.cgi>Back to the group list</a>"); PutTrailer("<a href=editgroups.cgi>Back to the group list</a>");
exit; exit;
} }
# #
# No valid action found # No valid action found
# #
......
editproducts.cgi
View file @ 65d3dc0e
...@@ -79,9 +79,9 @@ sub CheckProduct ($) ...@@ -79,9 +79,9 @@ sub CheckProduct ($)
# Displays the form to edit a products parameters # Displays the form to edit a products parameters
# #
sub EmitFormElements ($$$$$$$$$) sub EmitFormElements ($$$$$$$$)
{ {
my ($product, $description, $milestoneurl, $userregexp, $disallownew, my ($product, $description, $milestoneurl, $disallownew,
$votesperuser, $maxvotesperbug, $votestoconfirm, $defaultmilestone) $votesperuser, $maxvotesperbug, $votestoconfirm, $defaultmilestone)
= @_; = @_;
...@@ -110,13 +110,6 @@ sub EmitFormElements ($$$$$$$$$) ...@@ -110,13 +110,6 @@ sub EmitFormElements ($$$$$$$$$)
print qq{<INPUT TYPE=HIDDEN NAME="defaultmilestone" VALUE="$defaultmilestone">\n}; print qq{<INPUT TYPE=HIDDEN NAME="defaultmilestone" VALUE="$defaultmilestone">\n};
} }
# Added -JMR, 2/16/00
if (Param("usebuggroups")) {
$userregexp = value_quote($userregexp);
print "</TR><TR>\n";
print " <TH ALIGN=\"right\">User Regexp for Bug Group:</TH>\n";
print " <TD><INPUT TYPE=TEXT SIZE=64 MAXLENGTH=255 NAME=\"userregexp\" VALUE=\"$userregexp\"></TD>\n";
}
print "</TR><TR>\n"; print "</TR><TR>\n";
print " <TH ALIGN=\"right\">Closed for bug entry:</TH>\n"; print " <TH ALIGN=\"right\">Closed for bug entry:</TH>\n";
...@@ -263,7 +256,7 @@ if ($action eq 'add') { ...@@ -263,7 +256,7 @@ if ($action eq 'add') {
print "<FORM METHOD=POST ACTION=editproducts.cgi>\n"; print "<FORM METHOD=POST ACTION=editproducts.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements('', '', '', '', 0, 0, 10000, 0, "---"); EmitFormElements('', '', '', 0, 0, 10000, 0, "---");
print "</TR><TR>\n"; print "</TR><TR>\n";
print " <TH ALIGN=\"right\">Version:</TH>\n"; print " <TH ALIGN=\"right\">Version:</TH>\n";
...@@ -315,7 +308,6 @@ if ($action eq 'new') { ...@@ -315,7 +308,6 @@ if ($action eq 'new') {
my $description = trim($::FORM{description} || ''); my $description = trim($::FORM{description} || '');
my $milestoneurl = trim($::FORM{milestoneurl} || ''); my $milestoneurl = trim($::FORM{milestoneurl} || '');
my $userregexp = trim($::FORM{userregexp} || '');
my $disallownew = 0; my $disallownew = 0;
$disallownew = 1 if $::FORM{disallownew}; $disallownew = 1 if $::FORM{disallownew};
my $votesperuser = $::FORM{votesperuser}; my $votesperuser = $::FORM{votesperuser};
...@@ -351,48 +343,20 @@ if ($action eq 'new') { ...@@ -351,48 +343,20 @@ if ($action eq 'new') {
# If we're using bug groups, then we need to create a group for this # If we're using bug groups, then we need to create a group for this
# product as well. -JMR, 2/16/00 # product as well. -JMR, 2/16/00
if(Param("usebuggroups")) { if(Param("usebuggroups")) {
# First we need to figure out the bit for this group. We'll simply
# use the next highest bit available. We'll use a minimum bit of 256,
# to leave room for a few more Bugzilla operation groups at the bottom.
SendSQL("SELECT MAX(bit) FROM groups");
my $bit = FetchOneColumn();
if($bit < 256) {
$bit = 256;
} else {
$bit = $bit * 2;
}
# Next we insert into the groups table # Next we insert into the groups table
SendSQL("INSERT INTO groups " . SendSQL("INSERT INTO groups " .
"(bit, name, description, isbuggroup, userregexp) " . "(name, description, isbuggroup, last_changed) " .
"VALUES (" . "VALUES (" .
$bit . ", " .
SqlQuote($product) . ", " . SqlQuote($product) . ", " .
SqlQuote($product . " Bugs Access") . ", " . SqlQuote("Access to bugs in the $product product") . ", 1, NOW())");
"1, " . SendSQL("SELECT last_insert_id()");
SqlQuote($userregexp) . ")"); my $gid = FetchOneColumn();
my $admin = GroupNameToId('admin');
# And last, we need to add any existing users that match the regexp SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless)
# to the group. VALUES ($admin, $gid, 0)");
# There may be a better way to do this in MySql, but I need to compare SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless)
# the login_names to this regexp, and the only way I can think of to VALUES ($admin, $gid, 1)");
# do that is to get the list of login_names, and then update them
# one by one if they match. Furthermore, I need to do it with two
# separate loops, since opening a new SQL statement to do the update
# seems to clobber the previous one.
# Modified, 7/17/00, Joe Robins
# If the userregexp is left empty, then no users should be added to
# the bug group. As is, it was adding all users, since they all
# matched the empty pattern.
# In addition, I've replaced the rigamarole I was going through to
# find matching users with a much simpler statement that lets the
# mySQL database do the work.
unless($userregexp eq "") {
SendSQL("UPDATE profiles ".
"SET groupset = groupset | " . $bit . " " .
"WHERE LOWER(login_name) REGEXP LOWER(" . SqlQuote($userregexp) . ")");
}
} }
# Make versioncache flush # Make versioncache flush
...@@ -444,22 +408,6 @@ if ($action eq 'del') { ...@@ -444,22 +408,6 @@ if ($action eq 'del') {
print " <TD VALIGN=\"top\">$milestonelink</TD>\n"; print " <TD VALIGN=\"top\">$milestonelink</TD>\n";
} }
# Added -JMR, 2/16/00
if(Param('usebuggroups')) {
# Get the regexp for this product.
SendSQL("SELECT userregexp
FROM groups
WHERE name=" . SqlQuote($product));
my $userregexp = FetchOneColumn();
if(!defined $userregexp) {
$userregexp = "<FONT COLOR=\"red\">undefined</FONT>";
} elsif ($userregexp eq "") {
$userregexp = "<FONT COLOR=\"blue\">blank</FONT>";
}
print "</TR><TR>\n";
print " <TD VALIGN=\"top\">User Regexp for Bug Group:</TD>\n";
print " <TD VALIGN=\"top\">$userregexp</TD>\n";
}
print "</TR><TR>\n"; print "</TR><TR>\n";
print " <TD VALIGN=\"top\">Closed for bugs:</TD>\n"; print " <TD VALIGN=\"top\">Closed for bugs:</TD>\n";
...@@ -637,30 +585,6 @@ if ($action eq 'delete') { ...@@ -637,30 +585,6 @@ if ($action eq 'delete') {
WHERE id=$product_id"); WHERE id=$product_id");
print "Product '$product' deleted.<BR>\n"; print "Product '$product' deleted.<BR>\n";
# Added -JMR, 2/16/00
if (Param("usebuggroups")) {
# We need to get the bit of the group from the table, then update the
# groupsets of members of that group and remove the group.
SendSQL("SELECT bit, description FROM groups " .
"WHERE name = " . SqlQuote($product));
my ($bit, $group_desc) = FetchSQLData();
# Make sure there is a group before we try to do any deleting...
if($bit) {
# I'm kludging a bit so that I don't break superuser access;
# I'm merely checking to make sure that the groupset is not
# the superuser groupset in doing this update...
SendSQL("UPDATE profiles " .
"SET groupset = groupset - $bit " .
"WHERE (groupset & $bit) " .
"AND (groupset != 9223372036854710271)");
print "Users dropped from group '$group_desc'.<BR>\n";
SendSQL("DELETE FROM groups " .
"WHERE bit = $bit");
print "Group '$group_desc' deleted.<BR>\n";
}
}
SendSQL("UNLOCK TABLES"); SendSQL("UNLOCK TABLES");
...@@ -690,18 +614,10 @@ if ($action eq 'edit') { ...@@ -690,18 +614,10 @@ if ($action eq 'edit') {
$votesperuser, $maxvotesperbug, $votestoconfirm, $defaultmilestone) = $votesperuser, $maxvotesperbug, $votestoconfirm, $defaultmilestone) =
FetchSQLData(); FetchSQLData();
my $userregexp = '';
if(Param("usebuggroups")) {
SendSQL("SELECT userregexp
FROM groups
WHERE name=" . SqlQuote($product));
$userregexp = FetchOneColumn() || "";
}
print "<FORM METHOD=POST ACTION=editproducts.cgi>\n"; print "<FORM METHOD=POST ACTION=editproducts.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements($product, $description, $milestoneurl, $userregexp, EmitFormElements($product, $description, $milestoneurl,
$disallownew, $votesperuser, $maxvotesperbug, $disallownew, $votesperuser, $maxvotesperbug,
$votestoconfirm, $defaultmilestone); $votestoconfirm, $defaultmilestone);
...@@ -787,10 +703,6 @@ if ($action eq 'edit') { ...@@ -787,10 +703,6 @@ if ($action eq 'edit') {
value_quote($description) . "\">\n"; value_quote($description) . "\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"milestoneurlold\" VALUE=\"" . print "<INPUT TYPE=HIDDEN NAME=\"milestoneurlold\" VALUE=\"" .
value_quote($milestoneurl) . "\">\n"; value_quote($milestoneurl) . "\">\n";
if(Param("usebuggroups")) {
print "<INPUT TYPE=HIDDEN NAME=\"userregexpold\" VALUE=\"" .
value_quote($userregexp) . "\">\n";
}
print "<INPUT TYPE=HIDDEN NAME=\"disallownewold\" VALUE=\"$disallownew\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"disallownewold\" VALUE=\"$disallownew\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"votesperuserold\" VALUE=\"$votesperuser\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"votesperuserold\" VALUE=\"$votesperuser\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"maxvotesperbugold\" VALUE=\"$maxvotesperbug\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"maxvotesperbugold\" VALUE=\"$maxvotesperbug\">\n";
...@@ -826,8 +738,6 @@ if ($action eq 'update') { ...@@ -826,8 +738,6 @@ if ($action eq 'update') {
my $milestoneurlold = trim($::FORM{milestoneurlold} || ''); my $milestoneurlold = trim($::FORM{milestoneurlold} || '');
my $votesperuser = trim($::FORM{votesperuser} || 0); my $votesperuser = trim($::FORM{votesperuser} || 0);
my $votesperuserold = trim($::FORM{votesperuserold} || 0); my $votesperuserold = trim($::FORM{votesperuserold} || 0);
my $userregexp = trim($::FORM{userregexp} || '');
my $userregexpold = trim($::FORM{userregexpold} || '');
my $maxvotesperbug = trim($::FORM{maxvotesperbug} || 0); my $maxvotesperbug = trim($::FORM{maxvotesperbug} || 0);
my $maxvotesperbugold = trim($::FORM{maxvotesperbugold} || 0); my $maxvotesperbugold = trim($::FORM{maxvotesperbugold} || 0);
my $votestoconfirm = trim($::FORM{votestoconfirm} || 0); my $votestoconfirm = trim($::FORM{votestoconfirm} || 0);
...@@ -883,68 +793,6 @@ if ($action eq 'update') { ...@@ -883,68 +793,6 @@ if ($action eq 'update') {
print "Updated mile stone URL.<BR>\n"; print "Updated mile stone URL.<BR>\n";
} }
# Added -JMR, 2/16/00
if (Param("usebuggroups") && $userregexp ne $userregexpold) {
# This will take a little bit of work here, since there may not be
# an existing bug group for this product, and we will also have to
# update users groupsets.
# First we find out if there's an existing group for this product, and
# get its bit if there is.
SendSQL("SELECT bit " .
"FROM groups " .
"WHERE name = " . SqlQuote($productold));
my $bit = FetchOneColumn();
if($bit) {
# Group exists, so we do an update statement.
SendSQL("UPDATE groups " .
"SET userregexp = " . SqlQuote($userregexp) . " " .
"WHERE name = " . SqlQuote($productold));
print "Updated user regexp for bug group.<BR>\n";
} else {
# Group doesn't exist. Let's make it, the same way as we make a
# group for a new product above.
SendSQL("SELECT MAX(bit) FROM groups");
my $tmp_bit = FetchOneColumn();
if($tmp_bit < 256) {
$bit = 256;
} else {
$bit = $tmp_bit * 2;
}
SendSQL("INSERT INTO groups " .
"(bit, name, description, isbuggroup, userregexp) " .
"values (" . $bit . ", " .
SqlQuote($productold) . ", " .
SqlQuote($productold . " Bugs Access") . ", " .
"1, " .
SqlQuote($userregexp) . ")");
print "Created bug group.<BR>\n";
}
# And now we have to update the profiles again to add any users who
# match the new regexp to the group. I'll do this the same way as
# when I create a new group above. Note that I'm not taking out
# users who matched the old regexp and not the new one; that would
# be insanely messy. Use the group administration page for that
# instead.
SendSQL("SELECT login_name FROM profiles");
my @login_list = ();
my $this_login;
while($this_login = FetchOneColumn()) {
push @login_list, $this_login;
}
my $updated_profiles = 0;
foreach $this_login (@login_list) {
if($this_login =~ /$userregexp/) {
SendSQL("UPDATE profiles " .
"SET groupset = groupset | " . $bit . " " .
"WHERE login_name = " . SqlQuote($this_login));
$updated_profiles = 1;
}
}
if($updated_profiles) {
print "Added users matching regexp to group.<BR>\n";
}
}
if ($votesperuser ne $votesperuserold) { if ($votesperuser ne $votesperuserold) {
SendSQL("UPDATE products SendSQL("UPDATE products
...@@ -1012,9 +860,10 @@ if ($action eq 'update') { ...@@ -1012,9 +860,10 @@ if ($action eq 'update') {
# update it so it will match in the future. If there is no group, this # update it so it will match in the future. If there is no group, this
# update statement will do nothing, so no harm done. -JMR, 3/8/00 # update statement will do nothing, so no harm done. -JMR, 3/8/00
SendSQL("UPDATE groups " . SendSQL("UPDATE groups " .
"SET name=$qp, " . "SET name = $qp, " .
"description=".SqlQuote($product." Bugs Access")." ". "description = " .
"WHERE name=$qpold"); SqlQuote("Access to bugs in the $product product") .
" WHERE name = $qpold");
print "Updated product name.<BR>\n"; print "Updated product name.<BR>\n";
} }
......
editusers.cgi
View file @ 65d3dc0e
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
# Dave Miller <justdave@syndicomm.com> # Dave Miller <justdave@syndicomm.com>
# Joe Robins <jmrobins@tgix.com> # Joe Robins <jmrobins@tgix.com>
# Dan Mosedale <dmose@mozilla.org> # Dan Mosedale <dmose@mozilla.org>
# Joel Peshkin <bugreport@peshkin.net>
# #
# Direct any questions on this source code to # Direct any questions on this source code to
# #
...@@ -39,11 +40,9 @@ require "globals.pl"; ...@@ -39,11 +40,9 @@ require "globals.pl";
sub sillyness { sub sillyness {
my $zz; my $zz;
$zz = $::userid; $zz = $::userid;
$zz = $::superusergroupset;
} }
my $editall; my $editall;
my $opblessgroupset = '9223372036854775807'; # This is all 64 bits.
...@@ -97,9 +96,9 @@ sub EmitElement ($$) ...@@ -97,9 +96,9 @@ sub EmitElement ($$)
# Displays the form to edit a user parameters # Displays the form to edit a user parameters
# #
sub EmitFormElements ($$$$$) sub EmitFormElements ($$$$)
{ {
my ($user, $realname, $groupset, $blessgroupset, $disabledtext) = @_; my ($user_id, $user, $realname, $disabledtext) = @_;
print " <TH ALIGN=\"right\">Login name:</TH>\n"; print " <TH ALIGN=\"right\">Login name:</TH>\n";
EmitElement("user", $user); EmitElement("user", $user);
...@@ -134,11 +133,15 @@ sub EmitFormElements ($$$$$) ...@@ -134,11 +133,15 @@ sub EmitFormElements ($$$$$)
if($user ne "") { if($user ne "") {
print "</TR><TR><TH VALIGN=TOP ALIGN=RIGHT>Group Access:</TH><TD><TABLE><TR>"; print "</TR><TR><TH VALIGN=TOP ALIGN=RIGHT>Group Access:</TH><TD><TABLE><TR>";
SendSQL("SELECT bit,name,description,bit & $groupset != 0, " . SendSQL("SELECT groups.id, groups.name, groups.description, " .
" bit & $blessgroupset " . "COUNT(user_id), " .
"MAX(isderived) " .
"FROM groups " . "FROM groups " .
"WHERE bit & $opblessgroupset != 0 AND isbuggroup " . "LEFT JOIN user_group_map " .
"ORDER BY name"); "ON user_group_map.group_id = groups.id " .
"AND isbless = 0 " .
"AND user_id = $user_id " .
"GROUP BY groups.name ");
if (MoreSQLData()) { if (MoreSQLData()) {
if ($editall) { if ($editall) {
print "<TD COLSPAN=3 ALIGN=LEFT><B>Can turn this bit on for other users</B></TD>\n"; print "<TD COLSPAN=3 ALIGN=LEFT><B>Can turn this bit on for other users</B></TD>\n";
...@@ -146,51 +149,51 @@ sub EmitFormElements ($$$$$) ...@@ -146,51 +149,51 @@ sub EmitFormElements ($$$$$)
} }
print "<TD COLSPAN=2 ALIGN=LEFT><B>User is a member of these groups</B></TD>\n"; print "<TD COLSPAN=2 ALIGN=LEFT><B>User is a member of these groups</B></TD>\n";
while (MoreSQLData()) { while (MoreSQLData()) {
my ($bit,$name,$description,$checked,$blchecked) = FetchSQLData(); my ($groupid, $name, $description, $member, $isderived) = FetchSQLData();
print "</TR><TR>\n"; next if (!$editall && !UserCanBlessGroup($name));
$isderived = $isderived || 0;
my $checked = $member - $isderived;
PushGlobalSQLState();
SendSQL("SELECT user_id " .
"FROM user_group_map " .
"WHERE isbless = 1 " .
"AND user_id = $user_id " .
"AND group_id = $groupid");
my ($blchecked) = FetchSQLData() ? 1 : 0;
SendSQL("SELECT grantor_id FROM user_group_map,
group_group_map
WHERE $groupid = grantor_id
AND user_group_map.user_id = $user_id
AND user_group_map.isbless = 0
AND group_group_map.isbless = 1
AND user_group_map.group_id = member_id");
my $derivedbless = FetchOneColumn();
PopGlobalSQLState();
print "</TR><TR";
print ' bgcolor=#cccccc' if ($isderived);
print ">\n";
print "<INPUT TYPE=HIDDEN NAME=\"oldgroup_$groupid\" VALUE=\"$checked\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"oldbless_$groupid\" VALUE=\"$blchecked\">\n";
if ($editall) { if ($editall) {
$blchecked = ($blchecked) ? "CHECKED" : ""; $blchecked = ($blchecked) ? "CHECKED" : "";
print "<TD ALIGN=CENTER><INPUT TYPE=CHECKBOX NAME=\"blbit_$name\" $blchecked VALUE=\"$bit\"></TD>"; print "<TD ALIGN=CENTER>";
print "[" if $derivedbless;
print "<INPUT TYPE=CHECKBOX NAME=\"bless_$groupid\" $blchecked VALUE=\"$groupid\">";
print "]" if $derivedbless;
print "</TD>\n";
} }
$checked = ($checked) ? "CHECKED" : ""; $checked = ($checked) ? "CHECKED" : "";
print "<TD ALIGN=CENTER><INPUT TYPE=CHECKBOX NAME=\"bit_$name\" $checked VALUE=\"$bit\"></TD>"; print "<TD ALIGN=CENTER>";
print "<TD><B>" . ucfirst($name) . "</B>: $description</TD>\n"; print '[' if ($isderived);
print "<INPUT TYPE=CHECKBOX NAME=\"group_$groupid\" $checked VALUE=\"$groupid\">";
print ']' if ($isderived);
print "</TD><TD><B>";
print ucfirst($name) . "</B>: $description</TD>\n";
} }
} }
print "</TR></TABLE></TD>\n";
print "</TR><TR><TH VALIGN=TOP ALIGN=RIGHT>Privileges:</TH><TD><TABLE><TR>";
SendSQL("SELECT bit,name,description,bit & $groupset != 0, " .
" bit & $blessgroupset " .
"FROM groups " .
"WHERE bit & $opblessgroupset != 0 AND !isbuggroup " .
"ORDER BY name");
if (MoreSQLData()) {
if ($editall) {
print "<TD COLSPAN=3 ALIGN=LEFT><B>Can turn this bit on for other users</B></TD>\n";
print "</TR><TR>\n<TD ALIGN=CENTER><B>|</B></TD>\n";
}
print "<TD COLSPAN=2 ALIGN=LEFT><B>User has these privileges</B></TD>\n";
while (MoreSQLData()) {
my ($bit,$name,$description,$checked,$blchecked) = FetchSQLData();
print "</TR><TR>\n";
if ($editall) {
$blchecked = ($blchecked) ? "CHECKED" : "";
print "<TD ALIGN=CENTER><INPUT TYPE=CHECKBOX NAME=\"blbit_$name\" $blchecked VALUE=\"$bit\"></TD>";
}
$checked = ($checked) ? "CHECKED" : "";
print "<TD ALIGN=CENTER><INPUT TYPE=CHECKBOX NAME=\"bit_$name\" $checked VALUE=\"$bit\"></TD>";
print "<TD><B>" . ucfirst($name) . "</B>: $description</TD>\n";
}
}
} else {
print "</TR><TR><TH ALIGN=RIGHT>Groups and<br>Privileges:</TH><TD><TABLE><TR>";
print "<TD COLSPAN=3>The new user will be inserted into groups " .
"based on their userregexps.<BR>To change the group " .
"permissions for this user, you must edit the account after ".
"creating it.</TD>\n";
} }
print "</TR></TABLE></TD>\n"; print "</TR></TABLE></TD>\n";
print "</TR></TABLE></TD>\n";
} }
...@@ -238,9 +241,7 @@ print "Content-type: text/html\n\n"; ...@@ -238,9 +241,7 @@ print "Content-type: text/html\n\n";
$editall = UserInGroup("editusers"); $editall = UserInGroup("editusers");
if (!$editall) { if (!$editall) {
SendSQL("SELECT blessgroupset FROM profiles WHERE userid = $::userid"); if (!UserCanBlessAnything()) {
$opblessgroupset = FetchOneColumn();
if (!$opblessgroupset) {
PutHeader("Not allowed"); PutHeader("Not allowed");
print "Sorry, you aren't a member of the 'editusers' group, and you\n"; print "Sorry, you aren't a member of the 'editusers' group, and you\n";
print "don't have permissions to put people in or out of any group.\n"; print "don't have permissions to put people in or out of any group.\n";
...@@ -316,6 +317,10 @@ if ($action eq 'list') { ...@@ -316,6 +317,10 @@ if ($action eq 'list') {
} elsif (exists $::FORM{'query'}) { } elsif (exists $::FORM{'query'}) {
$query = "SELECT login_name,realname,disabledtext " . $query = "SELECT login_name,realname,disabledtext " .
"FROM profiles WHERE " . $::FORM{'query'} . " ORDER BY login_name"; "FROM profiles WHERE " . $::FORM{'query'} . " ORDER BY login_name";
} elsif (exists $::FORM{'group'}) {
$query = "SELECT DISTINCT login_name,realname,disabledtext " .
"FROM profiles, user_group_map WHERE profiles.userid = user_group_map.user_id
AND group_id=" . $::FORM{'group'} . " ORDER BY login_name";
} else { } else {
die "Missing parameters"; die "Missing parameters";
} }
...@@ -396,7 +401,7 @@ if ($action eq 'add') { ...@@ -396,7 +401,7 @@ if ($action eq 'add') {
print "<FORM METHOD=POST ACTION=editusers.cgi>\n"; print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements('', '', 0, 0, ''); EmitFormElements(0, '', '', '');
print "</TR></TABLE>\n<HR>\n"; print "</TR></TABLE>\n<HR>\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n"; print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
...@@ -465,48 +470,22 @@ if ($action eq 'new') { ...@@ -465,48 +470,22 @@ if ($action eq 'new') {
exit; exit;
} }
# For new users, we use the regexps from the groups table to determine
# their initial group membership.
# We also keep a list of groups the user was added to for display on the
# confirmation page.
my $bits = "0";
my @grouplist = ();
SendSQL("select bit, name, userregexp from groups where userregexp != ''");
while (MoreSQLData()) {
my @row = FetchSQLData();
if ($user =~ m/$row[2]/i) {
$bits .= "+ $row[0]"; # Silly hack to let MySQL do the math,
# not Perl, since we're dealing with 64
# bit ints here, and I don't *think* Perl
# does that.
push(@grouplist, $row[1]);
}
}
# Add the new user # Add the new user
SendSQL("INSERT INTO profiles ( " . SendSQL("INSERT INTO profiles ( " .
"login_name, cryptpassword, realname, groupset, " . "login_name, cryptpassword, realname, " .
"disabledtext" . "disabledtext" .
" ) VALUES ( " . " ) VALUES ( " .
SqlQuote($user) . "," . SqlQuote($user) . "," .
SqlQuote(Crypt($password)) . "," . SqlQuote(Crypt($password)) . "," .
SqlQuote($realname) . "," . SqlQuote($realname) . "," .
$bits . "," .
SqlQuote($disabledtext) . ")" ); SqlQuote($disabledtext) . ")" );
#+++ send e-mail away #+++ send e-mail away
print "OK, done.<br>\n"; print "OK, done.<br>\n";
if($#grouplist > -1) { SendSQL("SELECT last_insert_id()");
print "New user added to these groups based on group regexps:\n"; my ($newuserid) = FetchSQLData();
print "<ul>\n"; DeriveGroup($newuserid);
foreach (@grouplist) {
print "<li>$_</li>\n";
}
print "</ul>\n";
} else {
print "New user not added to any groups.<br><br>\n";
}
print "To change ${user}'s permissions, go back and <a href=\"editusers.cgi?action=edit&user=" . url_quote($user)."\">edit this user</A>"; print "To change ${user}'s permissions, go back and <a href=\"editusers.cgi?action=edit&user=" . url_quote($user)."\">edit this user</A>";
print "<p>\n"; print "<p>\n";
PutTrailer($localtrailer, PutTrailer($localtrailer,
...@@ -538,9 +517,9 @@ if ($action eq 'del') { ...@@ -538,9 +517,9 @@ if ($action eq 'del') {
CheckUser($user); CheckUser($user);
# display some data about the user # display some data about the user
SendSQL("SELECT realname, groupset FROM profiles SendSQL("SELECT userid, realname FROM profiles
WHERE login_name=" . SqlQuote($user)); WHERE login_name=" . SqlQuote($user));
my ($realname, $groupset) = my ($thisuserid, $realname) =
FetchSQLData(); FetchSQLData();
$realname = ($realname ? html_quote($realname) : "<FONT COLOR=\"red\">missing</FONT>"); $realname = ($realname ? html_quote($realname) : "<FONT COLOR=\"red\">missing</FONT>");
...@@ -561,9 +540,11 @@ if ($action eq 'del') { ...@@ -561,9 +540,11 @@ if ($action eq 'del') {
print " <TD VALIGN=\"top\">Group set:</TD>\n"; print " <TD VALIGN=\"top\">Group set:</TD>\n";
print " <TD VALIGN=\"top\">"; print " <TD VALIGN=\"top\">";
SendSQL("SELECT name SendSQL("SELECT name
FROM groups FROM groups, user_group_map
WHERE bit & $groupset = bit WHERE groups.id = user_group_map.group_id
ORDER BY isbuggroup, name"); AND user_group_map.user_id = $thisuserid
AND isbless = 0
ORDER BY name");
my $found = 0; my $found = 0;
while ( MoreSQLData() ) { while ( MoreSQLData() ) {
my ($name) = FetchSQLData(); my ($name) = FetchSQLData();
...@@ -697,27 +678,34 @@ if ($action eq 'edit') { ...@@ -697,27 +678,34 @@ if ($action eq 'edit') {
CheckUser($user); CheckUser($user);
# get data of user # get data of user
SendSQL("SELECT realname, groupset, blessgroupset, disabledtext SendSQL("SELECT userid, realname, disabledtext
FROM profiles FROM profiles
WHERE login_name=" . SqlQuote($user)); WHERE login_name=" . SqlQuote($user));
my ($realname, $groupset, $blessgroupset, my ($thisuserid, $realname, $disabledtext) = FetchSQLData();
$disabledtext) = FetchSQLData();
if ($thisuserid > 0) {
DeriveGroup($thisuserid);
}
print "<FORM METHOD=POST ACTION=editusers.cgi>\n"; print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements($user, $realname, $groupset, $blessgroupset, $disabledtext); EmitFormElements($thisuserid, $user, $realname, $disabledtext);
print "</TR></TABLE>\n"; print "</TR></TABLE>\n";
print "<INPUT TYPE=HIDDEN NAME=\"userold\" VALUE=\"$user\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"userold\" VALUE=\"$user\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"groupsetold\" VALUE=\"$groupset\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"blessgroupsetold\" VALUE=\"$blessgroupset\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"disabledtextold\" VALUE=\"" . print "<INPUT TYPE=HIDDEN NAME=\"disabledtextold\" VALUE=\"" .
value_quote($disabledtext) . "\">\n"; value_quote($disabledtext) . "\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"update\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"update\">\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Update\">\n"; print "<INPUT TYPE=SUBMIT VALUE=\"Update\">\n";
print "<BR>User is a member of any groups shown with grey bars and
marked with brackets surrounding the membership checkbox as a
result of a regular expression match
or membership in another group.
User can bless any group
marked with brackets surrounding the bless checkbox as a
result of membership in another group.
<BR>";
print "</FORM>"; print "</FORM>";
...@@ -740,69 +728,67 @@ if ($action eq 'update') { ...@@ -740,69 +728,67 @@ if ($action eq 'update') {
my $password = $::FORM{password} || ''; my $password = $::FORM{password} || '';
my $disabledtext = trim($::FORM{disabledtext} || ''); my $disabledtext = trim($::FORM{disabledtext} || '');
my $disabledtextold = trim($::FORM{disabledtextold} || ''); my $disabledtextold = trim($::FORM{disabledtextold} || '');
my $groupsetold = trim($::FORM{groupsetold} || '0');
my $blessgroupsetold = trim($::FORM{blessgroupsetold} || '0');
my $groupset = "0";
foreach (keys %::FORM) {
next unless /^bit_/;
#print "$_=$::FORM{$_}<br>\n";
detaint_natural($::FORM{$_}) || die "Groupset field tampered with";
$groupset .= " + $::FORM{$_}";
}
my $blessgroupset = "0";
foreach (keys %::FORM) {
next unless /^blbit_/;
#print "$_=$::FORM{$_}<br>\n";
detaint_natural($::FORM{$_}) || die "Blessgroupset field tampered with";
$blessgroupset .= " + $::FORM{$_}";
}
CheckUser($userold); CheckUser($userold);
SendSQL("SELECT userid FROM profiles
# Note that the order of this tests is important. If you change
# them, be sure to test for WHERE='$product' or WHERE='$productold'
if ($groupset ne $groupsetold) {
SendSQL("SELECT groupset FROM profiles WHERE login_name=" .
SqlQuote($userold));
$groupsetold = FetchOneColumn();
# Updated, 5/7/00, Joe Robins
# We don't want to change the groupset of a superuser.
if($groupsetold eq $::superusergroupset) {
print "Cannot change permissions of superuser.\n";
} else {
SendSQL("UPDATE profiles
SET groupset =
groupset - (groupset & $opblessgroupset) +
(($groupset) & $opblessgroupset)
WHERE login_name=" . SqlQuote($userold)); WHERE login_name=" . SqlQuote($userold));
my ($thisuserid) = FetchSQLData();
my @grpadd = ();
my @grpdel = ();
my $chggrp = 0;
SendSQL("SELECT id, name FROM groups");
while (my ($groupid, $name) = FetchSQLData()) {
if ($::FORM{"oldgroup_$groupid"} != ($::FORM{"group_$groupid"} ? 1 : 0)) {
# group membership changed
PushGlobalSQLState();
$chggrp = 1;
SendSQL("DELETE FROM user_group_map
WHERE user_id = $thisuserid
AND group_id = $groupid
AND isbless = 0
AND isderived = 0");
if ($::FORM{"group_$groupid"}) {
SendSQL("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($thisuserid, $groupid, 0, 0)");
print "Added user to group $name<BR>\n";
push(@grpadd, $name);
} else {
print "Dropped user from group $name<BR>\n";
push(@grpdel, $name);
}
PopGlobalSQLState();
}
if ($editall && ($::FORM{"oldbless_$groupid"} != ($::FORM{"bless_$groupid"} ? 1 : 0))) {
# group membership changed
PushGlobalSQLState();
SendSQL("DELETE FROM user_group_map
WHERE user_id = $thisuserid
AND group_id = $groupid
AND isbless = 1
AND isderived = 0");
if ($::FORM{"bless_$groupid"}) {
SendSQL("INSERT INTO user_group_map
(user_id, group_id, isbless, isderived)
VALUES ($thisuserid, $groupid, 1, 0)");
print "Granted user permission to bless group $name<BR>\n";
} else {
print "Revoked user's permission to bless group $name<BR>\n";
}
PopGlobalSQLState();
# I'm paranoid that someone who I give the ability to bless people
# will start misusing it. Let's log who blesses who (even though
# nothing actually uses this log right now).
my $fieldid = GetFieldID("groupset");
SendSQL("SELECT userid, groupset FROM profiles WHERE login_name=" .
SqlQuote($userold));
my $u;
($u, $groupset) = (FetchSQLData());
if ($groupset ne $groupsetold) {
SendSQL("INSERT INTO profiles_activity " .
"(userid,who,profiles_when,fieldid,oldvalue,newvalue) " .
"VALUES " .
"($u, $::userid, now(), $fieldid, " .
" $groupsetold, $groupset)");
} }
print "Updated permissions.\n";
} }
my $fieldid = GetFieldID("bug_group");
if ($chggrp) {
SendSQL("INSERT INTO profiles_activity " .
"(userid, who, profiles_when, fieldid, oldvalue, newvalue) " .
"VALUES " . "($thisuserid, $::userid, now(), $fieldid, " .
SqlQuote(join(", ",@grpdel)) . ", " .
SqlQuote(join(", ",@grpadd)) . ")");
} }
if ($editall && $blessgroupset ne $blessgroupsetold) {
SendSQL("UPDATE profiles
SET blessgroupset=" . $blessgroupset . "
WHERE login_name=" . SqlQuote($userold));
print "Updated ability to tweak permissions of other users.\n";
}
# Update the database with the user's new password if they changed it. # Update the database with the user's new password if they changed it.
if ( !Param('useLDAP') && $editall && $password ) { if ( !Param('useLDAP') && $editall && $password ) {
......
enter_bug.cgi
View file @ 65d3dc0e
...@@ -48,6 +48,7 @@ use vars qw( ...@@ -48,6 +48,7 @@ use vars qw(
@legal_platform @legal_platform
@legal_priority @legal_priority
@legal_severity @legal_severity
$userid
%MFORM %MFORM
%versions %versions
); );
...@@ -326,27 +327,26 @@ $default{'bug_status'} = $status[0]; ...@@ -326,27 +327,26 @@ $default{'bug_status'} = $status[0];
# Select whether to restrict this bug to the product's bug group or not, # Select whether to restrict this bug to the product's bug group or not,
# if the usebuggroups parameter is set, and if this product has a bug group. # if the usebuggroups parameter is set, and if this product has a bug group.
if ($::usergroupset ne '0') { # First we get the bit and description for the group.
# First we get the bit and description for the group. my $group_id = '0';
my $group_bit = '0';
if(Param("usebuggroups")) {
if(Param("usebuggroups") && GroupExists($product)) { ($group_id) = GroupExists($product);
SendSQL("SELECT bit FROM groups ". }
"WHERE name = " . SqlQuote($product) . " " .
"AND isbuggroup != 0");
($group_bit) = FetchSQLData();
}
SendSQL("SELECT bit, name, description FROM groups " . SendSQL("SELECT DISTINCT groups.id, groups.name, groups.description " .
"WHERE bit & $::usergroupset != 0 " . "FROM groups, user_group_map " .
"AND isbuggroup != 0 AND isactive = 1 ORDER BY description"); "WHERE user_group_map.group_id = groups.id " .
"AND user_group_map.user_id = $::userid " .
"AND isbless = 0 " .
"AND isbuggroup = 1 AND isactive = 1 ORDER BY description");
my @groups; my @groups;
while (MoreSQLData()) { while (MoreSQLData()) {
my ($bit, $prodname, $description) = FetchSQLData(); my ($id, $prodname, $description) = FetchSQLData();
# Don't want to include product groups other than this product. # Don't want to include product groups other than this product.
next unless($prodname eq $product || next unless(!Param("usebuggroups") || $prodname eq $product ||
!defined($::proddesc{$prodname})); !defined($::proddesc{$prodname}));
my $check; my $check;
...@@ -357,29 +357,28 @@ if ($::usergroupset ne '0') { ...@@ -357,29 +357,28 @@ if ($::usergroupset ne '0') {
{ {
# If this is a bookmarked template, then we only want to set the # If this is a bookmarked template, then we only want to set the
# bit for those bits set in the template. # bit for those bits set in the template.
$check = formvalue("bit-$bit", 0); $check = formvalue("bit-$id", 0);
} }
else { else {
# $group_bit will only have a non-zero value if we're using # $group_bit will only have a non-zero value if we're using
# bug groups and have one for this product. # bug groups and have one for this product.
# If $group_bit is 0, it won't match the current group, so compare # If $group_bit is 0, it won't match the current group, so compare
# it to the current bit instead of checking for non-zero. # it to the current bit instead of checking for non-zero.
$check = ($group_bit == $bit); $check = ($group_id == $id);
} }
my $group = my $group =
{ {
'bit' => $bit , 'bit' => $id ,
'checked' => $check , 'checked' => $check ,
'description' => $description 'description' => $description
}; };
push @groups, $group; push @groups, $group;
}
$vars->{'group'} = \@groups;
} }
$vars->{'group'} = \@groups;
$vars->{'default'} = \%default; $vars->{'default'} = \%default;
my $format = my $format =
...@@ -388,3 +387,4 @@ my $format = ...@@ -388,3 +387,4 @@ my $format =
print "Content-type: $format->{'ctype'}\n\n"; print "Content-type: $format->{'ctype'}\n\n";
$template->process($format->{'template'}, $vars) $template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
globals.pl
View file @ 65d3dc0e
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
# Jacob Steenhagen <jake@bugzilla.org> # Jacob Steenhagen <jake@bugzilla.org>
# Bradley Baetz <bbaetz@cs.mcgill.ca> # Bradley Baetz <bbaetz@cs.mcgill.ca>
# Christopher Aillon <christopher@aillon.com> # Christopher Aillon <christopher@aillon.com>
# Joel Peshkin <bugreport@peshkin.net>
# Contains some global variables and routines used throughout bugzilla. # Contains some global variables and routines used throughout bugzilla.
...@@ -57,7 +58,6 @@ sub globals_pl_sillyness { ...@@ -57,7 +58,6 @@ sub globals_pl_sillyness {
$zz = @main::milestoneurl; $zz = @main::milestoneurl;
$zz = %main::proddesc; $zz = %main::proddesc;
$zz = @main::prodmaxvotes; $zz = @main::prodmaxvotes;
$zz = $main::superusergroupset;
$zz = $main::template; $zz = $main::template;
$zz = $main::userid; $zz = $main::userid;
$zz = $main::vars; $zz = $main::vars;
...@@ -102,10 +102,6 @@ $::defaultqueryname = "(Default query)"; ...@@ -102,10 +102,6 @@ $::defaultqueryname = "(Default query)";
$::unconfirmedstate = "UNCONFIRMED"; $::unconfirmedstate = "UNCONFIRMED";
$::dbwritesallowed = 1; $::dbwritesallowed = 1;
# Adding a global variable for the value of the superuser groupset.
# Joe Robins, 7/5/00
$::superusergroupset = "9223372036854775807";
#sub die_with_dignity { #sub die_with_dignity {
# my ($err_msg) = @_; # my ($err_msg) = @_;
# print $err_msg; # print $err_msg;
...@@ -583,30 +579,14 @@ sub InsertNewUser { ...@@ -583,30 +579,14 @@ sub InsertNewUser {
my $password = GenerateRandomPassword(); my $password = GenerateRandomPassword();
my $cryptpassword = Crypt($password); my $cryptpassword = Crypt($password);
# Determine what groups the user should be in by default
# and add them to those groups.
PushGlobalSQLState();
SendSQL("select bit, userregexp from groups where userregexp != ''");
my $groupset = "0";
while (MoreSQLData()) {
my @row = FetchSQLData();
# Modified -Joe Robins, 2/17/00
# Making this case insensitive, since usernames are email addresses,
# and could be any case.
if ($username =~ m/$row[1]/i) {
$groupset .= "+ $row[0]"; # Silly hack to let MySQL do the math,
# not Perl, since we're dealing with 64
# bit ints here, and I don't *think* Perl
# does that.
}
}
# Insert the new user record into the database. # Insert the new user record into the database.
$username = SqlQuote($username); $username = SqlQuote($username);
$realname = SqlQuote($realname); $realname = SqlQuote($realname);
$cryptpassword = SqlQuote($cryptpassword); $cryptpassword = SqlQuote($cryptpassword);
SendSQL("INSERT INTO profiles (login_name, realname, cryptpassword, groupset) PushGlobalSQLState();
VALUES ($username, $realname, $cryptpassword, $groupset)"); SendSQL("INSERT INTO profiles (login_name, realname, cryptpassword)
VALUES ($username, $realname, $cryptpassword)");
PopGlobalSQLState(); PopGlobalSQLState();
# Return the password to the calling code so it can be included # Return the password to the calling code so it can be included
...@@ -650,98 +630,47 @@ sub GenerateRandomPassword { ...@@ -650,98 +630,47 @@ sub GenerateRandomPassword {
return $password; return $password;
} }
sub SelectVisible {
my ($query, $userid, $usergroupset) = @_;
# Run the SQL $query with the additional restriction that
# the bugs can be seen by $userid. $usergroupset is provided
# as an optimisation when this is already known, eg from CGI.pl
# If not present, it will be obtained from the db.
# Assumes that 'bugs' is mentioned as a table name. You should
# also make sure that bug_id is qualified bugs.bug_id!
# Your query must have a WHERE clause. This is unlikely to be a problem.
# Also, note that mySQL requires aliases for tables to be locked, as well
# This means that if you change the name from selectVisible_cc (or add
# additional tables), you will need to update anywhere which does a
# LOCK TABLE, and then calls routines which call this
$usergroupset = 0 unless $userid;
unless (defined($usergroupset)) {
PushGlobalSQLState();
SendSQL("SELECT groupset FROM profiles WHERE userid = $userid");
$usergroupset = FetchOneColumn();
PopGlobalSQLState();
}
# Users are authorized to access bugs if they are a member of all
# groups to which the bug is restricted. User group membership and
# bug restrictions are stored as bits within bitsets, so authorization
# can be determined by comparing the intersection of the user's
# bitset with the bug's bitset. If the result matches the bug's bitset
# the user is a member of all groups to which the bug is restricted
# and is authorized to access the bug.
# A user is also authorized to access a bug if she is the reporter,
# or member of the cc: list of the bug and the bug allows users in those
# roles to see the bug. The boolean fields reporter_accessible and
# cclist_accessible identify whether or not those roles can see the bug.
# Bit arithmetic is performed by MySQL instead of Perl because bitset
# fields in the database are 64 bits wide (BIGINT), and Perl installations
# may or may not support integers larger than 32 bits. Using bitsets
# and doing bitset arithmetic is probably not cross-database compatible,
# however, so these mechanisms are likely to change in the future.
my $replace = " ";
if ($userid) {
$replace .= "LEFT JOIN cc selectVisible_cc ON
bugs.bug_id = selectVisible_cc.bug_id AND
selectVisible_cc.who = $userid "
}
$replace .= "WHERE ((bugs.groupset & $usergroupset) = bugs.groupset ";
if ($userid) {
# There is a mysql bug affecting v3.22 and 3.23 (at least), where this will
# cause all rows to be returned! We work arround this by adding an not isnull
# test to the JOINed cc table. See http://lists.mysql.com/cgi-ez/ezmlm-cgi?9:mss:11417
# Its needed, even though it shouldn't be
$replace .= "OR (bugs.reporter_accessible = 1 AND bugs.reporter = $userid)" .
" OR (bugs.cclist_accessible = 1 AND selectVisible_cc.who = $userid AND not isnull(selectVisible_cc.who))" .
" OR (bugs.assigned_to = $userid)";
if (Param("useqacontact")) {
$replace .= " OR (bugs.qa_contact = $userid)";
}
}
$replace .= ") AND ";
$query =~ s/\sWHERE\s/$replace/i;
return $query;
}
sub CanSeeBug { sub CanSeeBug {
# Note that we pass in the usergroupset, since this is known
# in most cases (ie viewing bugs). Maybe make this an optional
# parameter?
my ($id, $userid, $usergroupset) = @_; my ($id, $userid) = @_;
# Query the database for the bug, retrieving a boolean value that # Query the database for the bug, retrieving a boolean value that
# represents whether or not the user is authorized to access the bug. # represents whether or not the user is authorized to access the bug.
# if no groups are found --> user is permitted to access
# if no user is found for any group --> user is not permitted to access
my $query = "SELECT bugs.bug_id, reporter, assigned_to, qa_contact," .
" reporter_accessible, cclist_accessible," .
" cc.who IS NOT NULL," .
" COUNT(bug_group_map.group_id) as cntbugingroups," .
" COUNT(DISTINCT(user_group_map.group_id)) as cntuseringroups" .
" FROM bugs" .
" LEFT JOIN cc ON bugs.bug_id = cc.bug_id" .
" AND cc.who = $userid" .
" LEFT JOIN bug_group_map ON bugs.bug_id = bug_group_map.bug_id" .
" LEFT JOIN user_group_map ON" .
" user_group_map.group_id = bug_group_map.group_id" .
" AND user_group_map.isbless = 0" .
" AND user_group_map.user_id = $userid" .
" WHERE bugs.bug_id = $id GROUP BY bugs.bug_id";
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL(SelectVisible("SELECT bugs.bug_id FROM bugs WHERE bugs.bug_id = $id", SendSQL($query);
$userid, $usergroupset)); my ($found_id, $reporter, $assigned_to, $qa_contact,
$rep_access, $cc_access,
my $ret = defined(FetchSQLData()); $found_cc, $found_groups, $found_members)
= FetchSQLData();
PopGlobalSQLState(); PopGlobalSQLState();
return (
return $ret; ($found_groups == 0)
|| (($userid > 0) &&
(
($assigned_to == $userid)
|| ($qa_contact == $userid)
|| (($reporter == $userid) && $rep_access)
|| ($found_cc && $cc_access)
|| ($found_groups == $found_members)
))
);
} }
sub ValidatePassword { sub ValidatePassword {
...@@ -799,6 +728,94 @@ sub Crypt { ...@@ -799,6 +728,94 @@ sub Crypt {
return $cryptedpassword; return $cryptedpassword;
} }
# ConfirmGroup(userid) is called prior to any activity that relies
# on user_group_map to ensure that derived group permissions are up-to-date.
# Permissions must be rederived if ANY groups have a last_changed newer
# than the profiles.refreshed_when value.
sub ConfirmGroup {
my ($user) = (@_);
PushGlobalSQLState();
SendSQL("SELECT userid FROM profiles, groups WHERE userid = $user " .
"AND profiles.refreshed_when <= groups.last_changed ");
my $ret = FetchSQLData();
PopGlobalSQLState();
if ($ret) {
DeriveGroup($user);
}
}
# DeriveGroup removes and rederives all derived group permissions for
# the specified user.
sub DeriveGroup {
my ($user) = (@_);
PushGlobalSQLState();
SendSQL("LOCK TABLES profiles WRITE, user_group_map WRITE, group_group_map READ, groups READ");
# avoid races, we are only as up to date as the BEGINNING of this process
SendSQL("SELECT login_name, NOW() FROM profiles WHERE userid = $user");
my ($login, $starttime) = FetchSQLData();
# first remove any old derived stuff for this user
SendSQL("DELETE FROM user_group_map WHERE user_id = $user " .
"AND isderived = 1");
my %groupidsadded = ();
# add derived records for any matching regexps
SendSQL("SELECT id, userregexp FROM groups WHERE userregexp != ''");
while (MoreSQLData()) {
my ($groupid, $rexp) = FetchSQLData();
if ($login =~ m/$rexp/i) {
PushGlobalSQLState();
$groupidsadded{$groupid} = 1;
SendSQL("INSERT INTO user_group_map " .
"(user_id, group_id, isbless, isderived) " .
"VALUES ($user, $groupid, 0, 1)");
PopGlobalSQLState();
}
}
# Get a list of the groups of which the user is a member.
my %groupidschecked = ();
my @groupidstocheck = ();
SendSQL("SELECT group_id FROM user_group_map WHERE user_id = $user
AND NOT isbless");
while (MoreSQLData()) {
my ($groupid) = FetchSQLData();
push(@groupidstocheck,$groupid);
}
# Each group needs to be checked for inherited memberships once.
while (@groupidstocheck) {
my $group = shift @groupidstocheck;
if (!defined($groupidschecked{"$group"})) {
$groupidschecked{"$group"} = 1;
SendSQL("SELECT grantor_id FROM group_group_map WHERE"
. " member_id = $group AND NOT isbless");
while (MoreSQLData()) {
my ($groupid) = FetchSQLData();
if (!defined($groupidschecked{"$groupid"})) {
push(@groupidstocheck,$groupid);
}
if (!$groupidsadded{$groupid}) {
$groupidsadded{$groupid} = 1;
PushGlobalSQLState();
SendSQL("INSERT INTO user_group_map"
. " (user_id, group_id, isbless, isderived)"
. " VALUES ($user, $groupid, 0, 1)");
PopGlobalSQLState();
}
}
}
}
SendSQL("UPDATE profiles SET refreshed_when = " .
SqlQuote($starttime) . "WHERE userid = $user");
SendSQL("UNLOCK TABLES");
PopGlobalSQLState();
};
sub DBID_to_real_or_loginname { sub DBID_to_real_or_loginname {
my ($id) = (@_); my ($id) = (@_);
...@@ -860,6 +877,9 @@ sub DBNameToIdAndCheck { ...@@ -860,6 +877,9 @@ sub DBNameToIdAndCheck {
ThrowUserError("invalid_username"); ThrowUserError("invalid_username");
} }
sub get_product_id { sub get_product_id {
my ($prod) = @_; my ($prod) = @_;
PushGlobalSQLState(); PushGlobalSQLState();
...@@ -1015,12 +1035,12 @@ sub GetBugLink { ...@@ -1015,12 +1035,12 @@ sub GetBugLink {
# is saved off rather than overwritten # is saved off rather than overwritten
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL("SELECT bugs.bug_status, resolution, short_desc, groupset " . SendSQL("SELECT bugs.bug_status, resolution, short_desc " .
"FROM bugs WHERE bugs.bug_id = $bug_num"); "FROM bugs WHERE bugs.bug_id = $bug_num");
# If the bug exists, save its data off for use later in the sub # If the bug exists, save its data off for use later in the sub
if (MoreSQLData()) { if (MoreSQLData()) {
my ($bug_state, $bug_res, $bug_desc, $bug_grp) = FetchSQLData(); my ($bug_state, $bug_res, $bug_desc) = FetchSQLData();
# Initialize these variables to be "" so that we don't get warnings # Initialize these variables to be "" so that we don't get warnings
# if we don't change them below (which is highly likely). # if we don't change them below (which is highly likely).
my ($pre, $title, $post) = ("", "", ""); my ($pre, $title, $post) = ("", "", "");
...@@ -1035,7 +1055,7 @@ sub GetBugLink { ...@@ -1035,7 +1055,7 @@ sub GetBugLink {
$title .= " $bug_res"; $title .= " $bug_res";
$post = "</strike>"; $post = "</strike>";
} }
if ($bug_grp == 0 || CanSeeBug($bug_num, $::userid, $::usergroupset)) { if (CanSeeBug($bug_num, $::userid)) {
$title .= " - $bug_desc"; $title .= " - $bug_desc";
} }
$::buglink{$bug_num} = [$pre, value_quote($title), $post]; $::buglink{$bug_num} = [$pre, value_quote($title), $post];
...@@ -1186,15 +1206,100 @@ sub SqlQuote { ...@@ -1186,15 +1206,100 @@ sub SqlQuote {
return "'$str'"; return "'$str'";
} }
# UserInGroup returns information aboout the current user if no second
# parameter is specified
sub UserInGroup { sub UserInGroup {
my ($groupname, $userid) = (@_);
if (!$userid) {
return $::vars->{'user'}{'groups'}{$_[0]}; return $::vars->{'user'}{'groups'}{$_[0]};
}
PushGlobalSQLState();
$userid ||= $::userid;
SendSQL("SELECT groups.id FROM groups, user_group_map
WHERE groups.id = user_group_map.group_id
AND user_group_map.user_id = $userid
AND isbless = 0
AND groups.name = " . SqlQuote($groupname));
my $result = FetchOneColumn();
PopGlobalSQLState();
return defined($result);
}
sub UserCanBlessGroup {
my ($groupname) = (@_);
PushGlobalSQLState();
# check if user explicitly can bless group
SendSQL("SELECT groups.id FROM groups, user_group_map
WHERE groups.id = user_group_map.group_id
AND user_group_map.user_id = $::userid
AND isbless = 1
AND groups.name = " . SqlQuote($groupname));
my $result = FetchOneColumn();
PopGlobalSQLState();
if ($result) {
return 1;
}
PushGlobalSQLState();
# check if user is a member of a group that can bless this group
# this group does not count
SendSQL("SELECT groups.id FROM groups, user_group_map,
group_group_map
WHERE groups.id = grantor_id
AND user_group_map.user_id = $::userid
AND user_group_map.isbless = 0
AND group_group_map.isbless = 1
AND user_group_map.group_id = member_id
AND groups.name = " . SqlQuote($groupname));
$result = FetchOneColumn();
PopGlobalSQLState();
return $result;
}
sub UserCanBlessAnything {
PushGlobalSQLState();
# check if user explicitly can bless a group
SendSQL("SELECT group_id FROM user_group_map
WHERE user_id = $::userid AND isbless = 1");
my $result = FetchOneColumn();
PopGlobalSQLState();
if ($result) {
return 1;
}
PushGlobalSQLState();
# check if user is a member of a group that can bless this group
SendSQL("SELECT groups.id FROM groups, user_group_map,
group_group_map
WHERE groups.id = grantor_id
AND user_group_map.user_id = $::userid
AND group_group_map.isbless = 1
AND user_group_map.group_id = member_id");
$result = FetchOneColumn();
PopGlobalSQLState();
if ($result) {
return 1;
}
return 0;
} }
sub BugInGroup { sub BugInGroup {
my ($bugid, $groupname) = (@_); my ($bugid, $groupname) = (@_);
my $groupbit = GroupNameToBit($groupname);
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL("SELECT (bugs.groupset & $groupbit) != 0 FROM bugs WHERE bugs.bug_id = $bugid"); SendSQL("SELECT bug_group_map.bug_id != 0 FROM bug_group_map, groups
WHERE bug_group_map.bug_id = $bugid
AND bug_group_map.group_id = groups.id
AND groups.name = " . SqlQuote($groupname));
my $bugingroup = FetchOneColumn();
PopGlobalSQLState();
return $bugingroup;
}
sub BugInGroupId {
my ($bugid, $groupid) = (@_);
PushGlobalSQLState();
SendSQL("SELECT bug_id != 0 FROM bug_group_map
WHERE bug_id = $bugid
AND group_id = $groupid");
my $bugingroup = FetchOneColumn(); my $bugingroup = FetchOneColumn();
PopGlobalSQLState(); PopGlobalSQLState();
return $bugingroup; return $bugingroup;
...@@ -1203,32 +1308,39 @@ sub BugInGroup { ...@@ -1203,32 +1308,39 @@ sub BugInGroup {
sub GroupExists { sub GroupExists {
my ($groupname) = (@_); my ($groupname) = (@_);
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL("select count(*) from groups where name=" . SqlQuote($groupname)); SendSQL("SELECT id FROM groups WHERE name=" . SqlQuote($groupname));
my $count = FetchOneColumn(); my $id = FetchOneColumn();
PopGlobalSQLState(); PopGlobalSQLState();
return $count; return $id;
} }
# Given the name of an existing group, returns the bit associated with it. sub GroupNameToId {
# If the group does not exist, returns 0.
# !!! Remove this function when the new group system is implemented!
sub GroupNameToBit {
my ($groupname) = (@_); my ($groupname) = (@_);
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL("SELECT bit FROM groups WHERE name = " . SqlQuote($groupname)); SendSQL("SELECT id FROM groups WHERE name=" . SqlQuote($groupname));
my $bit = FetchOneColumn() || 0; my $id = FetchOneColumn();
PopGlobalSQLState(); PopGlobalSQLState();
return $bit; return $id;
} }
sub GroupIdToName {
my ($groupid) = (@_);
PushGlobalSQLState();
SendSQL("SELECT name FROM groups WHERE id = $groupid");
my $name = FetchOneColumn();
PopGlobalSQLState();
return $name;
}
# Determines whether or not a group is active by checking # Determines whether or not a group is active by checking
# the "isactive" column for the group in the "groups" table. # the "isactive" column for the group in the "groups" table.
# Note: This function selects groups by bit rather than by name. # Note: This function selects groups by id rather than by name.
sub GroupIsActive { sub GroupIsActive {
my ($groupbit) = (@_); my ($groupid) = (@_);
$groupbit ||= 0; $groupid ||= 0;
PushGlobalSQLState(); PushGlobalSQLState();
SendSQL("select isactive from groups where bit=$groupbit"); SendSQL("SELECT isactive FROM groups WHERE id=$groupid");
my $isactive = FetchOneColumn(); my $isactive = FetchOneColumn();
PopGlobalSQLState(); PopGlobalSQLState();
return $isactive; return $isactive;
...@@ -1561,4 +1673,5 @@ $::vars = ...@@ -1561,4 +1673,5 @@ $::vars =
'VERSION' => $Bugzilla::Config::VERSION, 'VERSION' => $Bugzilla::Config::VERSION,
}; };
1; 1;
index.cgi
View file @ 65d3dc0e
...@@ -45,7 +45,6 @@ use vars qw( ...@@ -45,7 +45,6 @@ use vars qw(
ConnectToDatabase(); ConnectToDatabase();
# Check whether or not the user is logged in and, if so, set the $::userid # Check whether or not the user is logged in and, if so, set the $::userid
# and $::usergroupset variables.
quietly_check_login(); quietly_check_login();
############################################################################### ###############################################################################
......
long_list.cgi
View file @ 65d3dc0e
...@@ -26,7 +26,7 @@ use lib qw(.); ...@@ -26,7 +26,7 @@ use lib qw(.);
require "CGI.pl"; require "CGI.pl";
use vars qw($userid $usergroupset @legal_keywords %FORM); use vars qw($userid @legal_keywords %FORM);
# Use global template variables. # Use global template variables.
use vars qw($template $vars); use vars qw($template $vars);
...@@ -69,8 +69,8 @@ my @bugs; ...@@ -69,8 +69,8 @@ my @bugs;
foreach my $bug_id (split(/[:,]/, $buglist)) { foreach my $bug_id (split(/[:,]/, $buglist)) {
detaint_natural($bug_id) || next; detaint_natural($bug_id) || next;
SendSQL(SelectVisible("$generic_query AND bugs.bug_id = $bug_id", CanSeeBug($bug_id, $::userid) || next;
$::userid, $::usergroupset)); SendSQL("$generic_query AND bugs.bug_id = $bug_id");
my %bug; my %bug;
my @row = FetchSQLData(); my @row = FetchSQLData();
......
post_bug.cgi
View file @ 65d3dc0e
...@@ -34,7 +34,6 @@ require "bug_form.pl"; ...@@ -34,7 +34,6 @@ require "bug_form.pl";
sub sillyness { sub sillyness {
my $zz; my $zz;
$zz = $::buffer; $zz = $::buffer;
$zz = $::usergroupset;
$zz = %::COOKIE; $zz = %::COOKIE;
$zz = %::components; $zz = %::components;
$zz = %::versions; $zz = %::versions;
...@@ -242,7 +241,7 @@ if ($::FORM{'keywords'} && UserInGroup("editbugs")) { ...@@ -242,7 +241,7 @@ if ($::FORM{'keywords'} && UserInGroup("editbugs")) {
# Build up SQL string to add bug. # Build up SQL string to add bug.
my $sql = "INSERT INTO bugs " . my $sql = "INSERT INTO bugs " .
"(" . join(",", @used_fields) . ", reporter, creation_ts, groupset) " . "(" . join(",", @used_fields) . ", reporter, creation_ts) " .
"VALUES ("; "VALUES (";
foreach my $field (@used_fields) { foreach my $field (@used_fields) {
...@@ -255,14 +254,15 @@ $comment = trim($comment); ...@@ -255,14 +254,15 @@ $comment = trim($comment);
# OK except for the fact that it causes e-mail to be suppressed. # OK except for the fact that it causes e-mail to be suppressed.
$comment = $comment ? $comment : " "; $comment = $comment ? $comment : " ";
$sql .= "$::userid, now(), (0"; $sql .= "$::userid, now() )";
# Groups # Groups
my @groupstoadd = ();
foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) { foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) {
if ($::FORM{$b}) { if ($::FORM{$b}) {
my $v = substr($b, 4); my $v = substr($b, 4);
$v =~ /^(\d+)$/ $v =~ /^(\d+)$/
|| ThrowCodeError("group_bit_invalid", "abort"); || ThrowCodeError("group_id_invalid", "abort");
if (!GroupIsActive($v)) { if (!GroupIsActive($v)) {
# Prevent the user from adding the bug to an inactive group. # Prevent the user from adding the bug to an inactive group.
# Should only happen if there is a bug in Bugzilla or the user # Should only happen if there is a bug in Bugzilla or the user
...@@ -271,18 +271,22 @@ foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) { ...@@ -271,18 +271,22 @@ foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) {
$vars->{'bit'} = $v; $vars->{'bit'} = $v;
ThrowCodeError("inactive_group", "abort"); ThrowCodeError("inactive_group", "abort");
} }
$sql .= " + $v"; # Carefully written so that the math is SendSQL("SELECT user_id FROM user_group_map
# done by MySQL, which can handle 64-bit math, WHERE user_id = $::userid
# and not by Perl, which I *think* can not. AND group_id = $v
AND isbless = 0");
my ($member) = FetchSQLData();
if ($member) {
push(@groupstoadd, $v)
}
} }
} }
$sql .= ") & $::usergroupset)\n";
# Lock tables before inserting records for the new bug into the database # Lock tables before inserting records for the new bug into the database
# if we are using a shadow database to prevent shadow database corruption # if we are using a shadow database to prevent shadow database corruption
# when two bugs get created at the same time. # when two bugs get created at the same time.
SendSQL("LOCK TABLES bugs WRITE, longdescs WRITE, cc WRITE, profiles READ") if Param("shadowdb"); SendSQL("LOCK TABLES bugs WRITE, bug_group_map WRITE, longdescs WRITE, cc WRITE, profiles READ") if Param("shadowdb");
# Add the bug report to the DB. # Add the bug report to the DB.
SendSQL($sql); SendSQL($sql);
...@@ -291,6 +295,12 @@ SendSQL($sql); ...@@ -291,6 +295,12 @@ SendSQL($sql);
SendSQL("select LAST_INSERT_ID()"); SendSQL("select LAST_INSERT_ID()");
my $id = FetchOneColumn(); my $id = FetchOneColumn();
# Add the group restrictions
foreach my $grouptoadd (@groupstoadd) {
SendSQL("INSERT INTO bug_group_map (bug_id, group_id)
VALUES ($id, $grouptoadd)");
}
# Add the comment # Add the comment
SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext) SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext)
VALUES ($id, $::userid, now(), " . SqlQuote($comment) . ")"); VALUES ($id, $::userid, now(), " . SqlQuote($comment) . ")");
......
process_bug.cgi
View file @ 65d3dc0e
...@@ -47,7 +47,6 @@ use vars qw(%versions ...@@ -47,7 +47,6 @@ use vars qw(%versions
%settable_resolution %settable_resolution
%target_milestone %target_milestone
%legal_severity %legal_severity
%superusergroupset
$next_bug); $next_bug);
ConnectToDatabase(); ConnectToDatabase();
...@@ -410,10 +409,8 @@ sub DuplicateUserConfirm { ...@@ -410,10 +409,8 @@ sub DuplicateUserConfirm {
SendSQL("SELECT reporter FROM bugs WHERE bug_id = " . SqlQuote($dupe)); SendSQL("SELECT reporter FROM bugs WHERE bug_id = " . SqlQuote($dupe));
my $reporter = FetchOneColumn(); my $reporter = FetchOneColumn();
SendSQL("SELECT profiles.groupset FROM profiles WHERE profiles.userid =".SqlQuote($reporter));
my $reportergroupset = FetchOneColumn();
if (CanSeeBug($original, $reporter, $reportergroupset)) { if (CanSeeBug($original, $reporter)) {
$::FORM{'confirm_add_duplicate'} = "1"; $::FORM{'confirm_add_duplicate'} = "1";
return; return;
} }
...@@ -564,13 +561,14 @@ sub ChangeResolution { ...@@ -564,13 +561,14 @@ sub ChangeResolution {
# operations # operations
# If the form element isn't present, or the user isn't in the group, leave # If the form element isn't present, or the user isn't in the group, leave
# it as-is # it as-is
if($::usergroupset ne '0') { my @groupAdd = ();
my $groupAdd = "0"; my @groupDel = ();
my $groupDel = "0";
SendSQL("SELECT groups.id, isactive FROM groups, user_group_map WHERE " .
SendSQL("SELECT bit, isactive FROM groups WHERE " . "groups.id = user_group_map.group_id AND " .
"isbuggroup != 0 AND bit & $::usergroupset != 0 ORDER BY bit"); "user_group_map.user_id = $::userid AND " .
while (my ($b, $isactive) = FetchSQLData()) { "isbless = 0 AND isbuggroup = 1");
while (my ($b, $isactive) = FetchSQLData()) {
# The multiple change page may not show all groups a bug is in # The multiple change page may not show all groups a bug is in
# (eg product groups when listing more than one product) # (eg product groups when listing more than one product)
# Only consider groups which were present on the form. We can't do this # Only consider groups which were present on the form. We can't do this
...@@ -579,18 +577,11 @@ if($::usergroupset ne '0') { ...@@ -579,18 +577,11 @@ if($::usergroupset ne '0') {
# an issue there # an issue there
if ($::FORM{'id'} || exists $::FORM{"bit-$b"}) { if ($::FORM{'id'} || exists $::FORM{"bit-$b"}) {
if (!$::FORM{"bit-$b"}) { if (!$::FORM{"bit-$b"}) {
$groupDel .= "+$b"; push(@groupDel, $b);
} elsif ($::FORM{"bit-$b"} == 1 && $isactive) { } elsif ($::FORM{"bit-$b"} == 1 && $isactive) {
$groupAdd .= "+$b"; push(@groupAdd, $b);
}
} }
} }
if ($groupAdd ne "0" || $groupDel ne "0") {
DoComma();
# mysql < 3.23.5 doesn't support the ~ operator, even though
# the docs say that it does
$::query .= "groupset = ((groupset & ($::superusergroupset - ($groupDel))) | ($groupAdd))";
}
} }
foreach my $field ("rep_platform", "priority", "bug_severity", foreach my $field ("rep_platform", "priority", "bug_severity",
...@@ -708,9 +699,9 @@ if (defined $::FORM{'qa_contact'}) { ...@@ -708,9 +699,9 @@ if (defined $::FORM{'qa_contact'}) {
# and cc list can see the bug even if they are not members of all groups # and cc list can see the bug even if they are not members of all groups
# to which the bug is restricted. # to which the bug is restricted.
if ( $::FORM{'id'} ) { if ( $::FORM{'id'} ) {
SendSQL("SELECT groupset FROM bugs WHERE bug_id = $::FORM{'id'}"); SendSQL("SELECT group_id FROM bug_group_map WHERE bug_id = $::FORM{'id'}");
my ($groupset) = FetchSQLData(); my ($havegroup) = FetchSQLData();
if ( $groupset ) { if ( $havegroup ) {
DoComma(); DoComma();
$::FORM{'reporter_accessible'} = $::FORM{'reporter_accessible'} ? '1' : '0'; $::FORM{'reporter_accessible'} = $::FORM{'reporter_accessible'} ? '1' : '0';
$::query .= "reporter_accessible = $::FORM{'reporter_accessible'}"; $::query .= "reporter_accessible = $::FORM{'reporter_accessible'}";
...@@ -1047,6 +1038,8 @@ foreach my $id (@idlist) { ...@@ -1047,6 +1038,8 @@ foreach my $id (@idlist) {
"profiles $write, dependencies $write, votes $write, " . "profiles $write, dependencies $write, votes $write, " .
"products READ, components READ, " . "products READ, components READ, " .
"keywords $write, longdescs $write, fielddefs $write, " . "keywords $write, longdescs $write, fielddefs $write, " .
"bug_group_map $write, " .
"user_group_map READ, " .
"keyworddefs READ, groups READ, attachments READ"); "keyworddefs READ, groups READ, attachments READ");
my @oldvalues = SnapShotBug($id); my @oldvalues = SnapShotBug($id);
my %oldhash; my %oldhash;
...@@ -1206,9 +1199,29 @@ foreach my $id (@idlist) { ...@@ -1206,9 +1199,29 @@ foreach my $id (@idlist) {
if ($::comma ne "") { if ($::comma ne "") {
SendSQL($query); SendSQL($query);
} }
my @groupAddNames = ();
foreach my $grouptoadd (@groupAdd) {
if (!BugInGroupId($id, $grouptoadd)) {
push(@groupAddNames, GroupIdToName($grouptoadd));
SendSQL("INSERT INTO bug_group_map (bug_id, group_id)
VALUES ($id, $grouptoadd)");
}
}
my @groupDelNames = ();
foreach my $grouptodel (@groupDel) {
if (BugInGroupId($id, $grouptodel)) {
push(@groupDelNames, GroupIdToName($grouptodel));
}
SendSQL("DELETE FROM bug_group_map
WHERE bug_id = $id AND group_id = $grouptodel");
}
SendSQL("select now()"); SendSQL("select now()");
$timestamp = FetchOneColumn(); $timestamp = FetchOneColumn();
my $groupDelNames = join(',', @groupDelNames);
my $groupAddNames = join(',', @groupAddNames);
LogActivityEntry($id, "bug_group", $groupDelNames, $groupAddNames);
if (defined $::FORM{'comment'}) { if (defined $::FORM{'comment'}) {
AppendComment($id, $::COOKIE{'Bugzilla_login'}, $::FORM{'comment'}, AppendComment($id, $::COOKIE{'Bugzilla_login'}, $::FORM{'comment'},
$::FORM{'commentprivacy'}); $::FORM{'commentprivacy'});
...@@ -1322,7 +1335,7 @@ foreach my $id (@idlist) { ...@@ -1322,7 +1335,7 @@ foreach my $id (@idlist) {
# the user wants to add the bug to the new product's group; # the user wants to add the bug to the new product's group;
($::FORM{'addtonewgroup'} eq 'yes' ($::FORM{'addtonewgroup'} eq 'yes'
|| ($::FORM{'addtonewgroup'} eq 'yesifinold' || ($::FORM{'addtonewgroup'} eq 'yesifinold'
&& GroupNameToBit($oldhash{'product'}) & $oldhash{'groupset'})) && BugInGroup($id, $oldhash{'product'})))
# the new product is associated with a group; # the new product is associated with a group;
&& GroupExists($::FORM{'product'}) && GroupExists($::FORM{'product'})
...@@ -1344,11 +1357,13 @@ foreach my $id (@idlist) { ...@@ -1344,11 +1357,13 @@ foreach my $id (@idlist) {
&& (UserInGroup($::FORM{'product'}) || !Param('usebuggroupsentry')) && (UserInGroup($::FORM{'product'}) || !Param('usebuggroupsentry'))
# the associated group is active, indicating it can accept new bugs; # the associated group is active, indicating it can accept new bugs;
&& GroupIsActive(GroupNameToBit($::FORM{'product'})) && GroupIsActive(GroupNameToId($::FORM{'product'}))
) { ) {
# Add the bug to the group associated with its new product. # Add the bug to the group associated with its new product.
my $groupbit = GroupNameToBit($::FORM{'product'}); my $groupid = GroupNameToId($::FORM{'product'});
SendSQL("UPDATE bugs SET groupset = groupset + $groupbit WHERE bug_id = $id"); if (!BugInGroupId($id, $groupid)) {
SendSQL("INSERT INTO bug_group_map (bug_id, group_id) VALUES ($id, $groupid)");
}
} }
if ( if (
...@@ -1359,8 +1374,8 @@ foreach my $id (@idlist) { ...@@ -1359,8 +1374,8 @@ foreach my $id (@idlist) {
&& BugInGroup($id, $oldhash{'product'}) && BugInGroup($id, $oldhash{'product'})
) { ) {
# Remove the bug from the group associated with its old product. # Remove the bug from the group associated with its old product.
my $groupbit = GroupNameToBit($oldhash{'product'}); my $groupid = GroupNameToId($oldhash{'product'});
SendSQL("UPDATE bugs SET groupset = groupset - $groupbit WHERE bug_id = $id"); SendSQL("DELETE FROM bug_group_map WHERE bug_id = $id AND group_id = $groupid");
} }
} }
...@@ -1523,7 +1538,7 @@ if ($::COOKIE{"BUGLIST"} && $::FORM{'id'}) { ...@@ -1523,7 +1538,7 @@ if ($::COOKIE{"BUGLIST"} && $::FORM{'id'}) {
my $cur = lsearch(\@bugs, $::FORM{"id"}); my $cur = lsearch(\@bugs, $::FORM{"id"});
if ($cur >= 0 && $cur < $#bugs) { if ($cur >= 0 && $cur < $#bugs) {
my $next_bug = $bugs[$cur + 1]; my $next_bug = $bugs[$cur + 1];
if (detaint_natural($next_bug) && CanSeeBug($next_bug)) { if (detaint_natural($next_bug) && CanSeeBug($next_bug, $::userid)) {
$::FORM{'id'} = $next_bug; $::FORM{'id'} = $next_bug;
$vars->{'next_id'} = $next_bug; $vars->{'next_id'} = $next_bug;
......
processmail
View file @ 65d3dc0e
...@@ -632,14 +632,17 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) { ...@@ -632,14 +632,17 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) {
} }
SendSQL("SELECT userid, groupset " . SendSQL("SELECT userid, (refreshed_when > " . SqlQuote($::last_changed) . ") " .
"FROM profiles WHERE login_name = " . SqlQuote($person)); "FROM profiles WHERE login_name = " . SqlQuote($person));
my ($userid, $groupset) = (FetchSQLData()); my ($userid, $current) = (FetchSQLData());
$seen{$person} = 1; $seen{$person} = 1;
detaint_natural($userid); detaint_natural($userid);
detaint_natural($groupset);
if (!$current) {
DeriveGroup($userid);
}
# if this person doesn't have permission to see info on this bug, # if this person doesn't have permission to see info on this bug,
# return. # return.
...@@ -649,19 +652,13 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) { ...@@ -649,19 +652,13 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) {
# see the action of restricting the bug itself; the bug will just # see the action of restricting the bug itself; the bug will just
# quietly disappear from their radar. # quietly disappear from their radar.
# #
return unless CanSeeBug($id, $userid, $groupset); return unless CanSeeBug($id, $userid);
# Drop any non-insiders if the comment is private # Drop any non-insiders if the comment is private
if (Param("insidergroup") && ($anyprivate != 0)) { return if (Param("insidergroup") &&
ConnectToDatabase(); ($anyprivate != 0) &&
PushGlobalSQLState(); (!UserInGroup(Param("insidergroup"), $userid)));
SendSQL("select (bit & $groupset ) != 0 from groups where name = " . SqlQuote(Param("insidergroup")));
my $bit = FetchOneColumn();
PopGlobalSQLState();
if (!$bit) {
return;
}
}
# We shouldn't send changedmail if this is a dependency mail, and any of # We shouldn't send changedmail if this is a dependency mail, and any of
# the depending bugs is not visible to the user. # the depending bugs is not visible to the user.
...@@ -669,7 +666,7 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) { ...@@ -669,7 +666,7 @@ sub NewProcessOnePerson ($$$$$$$$$$$$$) {
my $save_id = $dep_id; my $save_id = $dep_id;
detaint_natural($dep_id) || warn("Unexpected Error: \@depbugs contains a non-numeric value: '$save_id'") detaint_natural($dep_id) || warn("Unexpected Error: \@depbugs contains a non-numeric value: '$save_id'")
&& return; && return;
return unless CanSeeBug($dep_id, $userid, $groupset); return unless CanSeeBug($dep_id, $userid);
} }
my %mailhead = %defmailhead; my %mailhead = %defmailhead;
...@@ -781,6 +778,14 @@ if (open(FID, "<data/nomail")) { ...@@ -781,6 +778,14 @@ if (open(FID, "<data/nomail")) {
close FID; close FID;
} }
# Since any email recipients must be rederived if the user has not
# been rederived since the most recent group change, figure out when that
# is once and determine the need to rederive users using the same DB access
# that gets the user's email address each time a person is processed.
#
SendSQL("SELECT MAX(last_changed) FROM groups");
($::last_changed) = FetchSQLData();
if ($#ARGV >= 0 && $ARGV[0] eq "regenerate") { if ($#ARGV >= 0 && $ARGV[0] eq "regenerate") {
print "Regenerating is no longer required or supported\n"; print "Regenerating is no longer required or supported\n";
exit; exit;
......
query.cgi
View file @ 65d3dc0e
...@@ -50,19 +50,19 @@ use vars qw( ...@@ -50,19 +50,19 @@ use vars qw(
); );
ConnectToDatabase(); ConnectToDatabase();
my $userid = 0;
if (defined $::FORM{"GoAheadAndLogIn"}) { if (defined $::FORM{"GoAheadAndLogIn"}) {
# We got here from a login page, probably from relogin.cgi. We better # We got here from a login page, probably from relogin.cgi. We better
# make sure the password is legit. # make sure the password is legit.
confirm_login(); $userid = confirm_login();
} else { } else {
quietly_check_login(); $userid = quietly_check_login();
} }
# Backwards compatibility hack -- if there are any of the old QUERY_* # Backwards compatibility hack -- if there are any of the old QUERY_*
# cookies around, and we are logged in, then move them into the database # cookies around, and we are logged in, then move them into the database
# and nuke the cookie. This is required for Bugzilla 2.8 and earlier. # and nuke the cookie. This is required for Bugzilla 2.8 and earlier.
if ($::userid) { if ($userid) {
my @oldquerycookies; my @oldquerycookies;
foreach my $i (keys %::COOKIE) { foreach my $i (keys %::COOKIE) {
if ($i =~ /^QUERY_(.*)$/) { if ($i =~ /^QUERY_(.*)$/) {
...@@ -79,12 +79,12 @@ if ($::userid) { ...@@ -79,12 +79,12 @@ if ($::userid) {
if ($value) { if ($value) {
my $qname = SqlQuote($name); my $qname = SqlQuote($name);
SendSQL("SELECT query FROM namedqueries " . SendSQL("SELECT query FROM namedqueries " .
"WHERE userid = $::userid AND name = $qname"); "WHERE userid = $userid AND name = $qname");
my $query = FetchOneColumn(); my $query = FetchOneColumn();
if (!$query) { if (!$query) {
SendSQL("REPLACE INTO namedqueries " . SendSQL("REPLACE INTO namedqueries " .
"(userid, name, query) VALUES " . "(userid, name, query) VALUES " .
"($::userid, $qname, " . SqlQuote($value) . ")"); "($userid, $qname, " . SqlQuote($value) . ")");
} }
} }
print "Set-Cookie: $cookiename= ; path=" . Param("cookiepath") . print "Set-Cookie: $cookiename= ; path=" . Param("cookiepath") .
...@@ -94,17 +94,17 @@ if ($::userid) { ...@@ -94,17 +94,17 @@ if ($::userid) {
} }
if ($::FORM{'nukedefaultquery'}) { if ($::FORM{'nukedefaultquery'}) {
if ($::userid) { if ($userid) {
SendSQL("DELETE FROM namedqueries " . SendSQL("DELETE FROM namedqueries " .
"WHERE userid = $::userid AND name = '$::defaultqueryname'"); "WHERE userid = $userid AND name = '$::defaultqueryname'");
} }
$::buffer = ""; $::buffer = "";
} }
my $userdefaultquery; my $userdefaultquery;
if ($::userid) { if ($userid) {
SendSQL("SELECT query FROM namedqueries " . SendSQL("SELECT query FROM namedqueries " .
"WHERE userid = $::userid AND name = '$::defaultqueryname'"); "WHERE userid = $userid AND name = '$::defaultqueryname'");
$userdefaultquery = FetchOneColumn(); $userdefaultquery = FetchOneColumn();
} }
...@@ -285,7 +285,7 @@ $vars->{'rep_platform'} = \@::legal_platform; ...@@ -285,7 +285,7 @@ $vars->{'rep_platform'} = \@::legal_platform;
$vars->{'op_sys'} = \@::legal_opsys; $vars->{'op_sys'} = \@::legal_opsys;
$vars->{'priority'} = \@::legal_priority; $vars->{'priority'} = \@::legal_priority;
$vars->{'bug_severity'} = \@::legal_severity; $vars->{'bug_severity'} = \@::legal_severity;
$vars->{'userid'} = $::userid; $vars->{'userid'} = $userid;
# Boolean charts # Boolean charts
my @fields; my @fields;
...@@ -332,10 +332,10 @@ for (my $chart = 0; $::FORM{"field$chart-0-0"}; $chart++) { ...@@ -332,10 +332,10 @@ for (my $chart = 0; $::FORM{"field$chart-0-0"}; $chart++) {
$default{'charts'} = \@charts; $default{'charts'} = \@charts;
# Named queries # Named queries
if ($::userid) { if ($userid) {
my @namedqueries; my @namedqueries;
SendSQL("SELECT name FROM namedqueries " . SendSQL("SELECT name FROM namedqueries " .
"WHERE userid = $::userid AND name != '$::defaultqueryname' " . "WHERE userid = $userid AND name != '$::defaultqueryname' " .
"ORDER BY name"); "ORDER BY name");
while (MoreSQLData()) { while (MoreSQLData()) {
push(@namedqueries, FetchOneColumn()); push(@namedqueries, FetchOneColumn());
......
sanitycheck.cgi
View file @ 65d3dc0e
...@@ -109,6 +109,17 @@ sub CrossCheck { ...@@ -109,6 +109,17 @@ sub CrossCheck {
} }
} }
sub DateCheck {
my $table = shift @_;
my $field = shift @_;
Status("Checking dates in $table.$field");
SendSQL("SELECT COUNT( $field ) FROM $table WHERE $field > NOW()");
my $c = FetchOneColumn();
if ($c) {
Alert("Found $c dates in future");
}
}
my @badbugs; my @badbugs;
...@@ -139,6 +150,57 @@ if (exists $::FORM{'rebuildvotecache'}) { ...@@ -139,6 +150,57 @@ if (exists $::FORM{'rebuildvotecache'}) {
Status("Vote cache has been rebuilt."); Status("Vote cache has been rebuilt.");
} }
if (exists $::FORM{'rederivegroups'}) {
Status("OK, All users' inherited permissions will be rechecked when " .
"they next access Bugzilla.");
SendSQL("UPDATE groups SET last_changed = NOW() LIMIT 1");
}
# rederivegroupsnow is REALLY only for testing.
if (exists $::FORM{'rederivegroupsnow'}) {
Status("OK, now rederiving groups.");
SendSQL("SELECT userid FROM profiles");
while ((my $id) = FetchSQLData()) {
DeriveGroup($id);
Status("Group $id");
}
}
if (exists $::FORM{'cleangroupsnow'}) {
Status("OK, now cleaning stale groups.");
# Only users that were out of date already long ago should be cleaned
# and the cleaning is done with tables locked. This is require in order
# to keep another session from proceeding with permission checks
# after the groups have been cleaned unless it first had an opportunity
# to get the groups up to date.
# If any page starts taking longer than one hour to load, this interval
# should be revised.
SendSQL("SELECT MAX(last_changed) FROM groups WHERE last_changed < NOW() - INTERVAL 1 HOUR");
(my $cutoff) = FetchSQLData();
Status("Cutoff is $cutoff");
SendSQL("SELECT COUNT(*) FROM user_group_map");
(my $before) = FetchSQLData();
SendSQL("LOCK TABLES user_group_map WRITE, profiles WRITE");
SendSQL("SELECT userid FROM profiles " .
"WHERE refreshed_when > 0 " .
"AND refreshed_when < " . SqlQuote($cutoff) .
" LIMIT 1000");
my $count = 0;
while ((my $id) = FetchSQLData()) {
$count++;
PushGlobalSQLState();
SendSQL("DELETE FROM user_group_map WHERE " .
"user_id = $id AND isderived = 1 AND isbless = 0");
SendSQL("UPDATE profiles SET refreshed_when = 0 WHERE userid = $id");
PopGlobalSQLState();
}
SendSQL("UNLOCK TABLES");
SendSQL("SELECT COUNT(*) FROM user_group_map");
(my $after) = FetchSQLData();
Status("Cleaned table for $count users " .
"- reduced from $before records to $after records");
}
print "OK, now running sanity checks.<p>\n"; print "OK, now running sanity checks.<p>\n";
# This one goes first, because if this is wrong, then the below tests # This one goes first, because if this is wrong, then the below tests
...@@ -178,6 +240,7 @@ CrossCheck("attachstatusdefs", "id", ...@@ -178,6 +240,7 @@ CrossCheck("attachstatusdefs", "id",
CrossCheck("bugs", "bug_id", CrossCheck("bugs", "bug_id",
["bugs_activity", "bug_id"], ["bugs_activity", "bug_id"],
["bug_group_map", "bug_id"],
["attachments", "bug_id"], ["attachments", "bug_id"],
["cc", "bug_id"], ["cc", "bug_id"],
["longdescs", "bug_id"], ["longdescs", "bug_id"],
...@@ -188,6 +251,12 @@ CrossCheck("bugs", "bug_id", ...@@ -188,6 +251,12 @@ CrossCheck("bugs", "bug_id",
["duplicates", "dupe_of", "dupe"], ["duplicates", "dupe_of", "dupe"],
["duplicates", "dupe", "dupe_of"]); ["duplicates", "dupe", "dupe_of"]);
CrossCheck("groups", "id",
["bug_group_map", "group_id"],
["group_group_map", "grantor_id"],
["group_group_map", "member_id"],
["user_group_map", "group_id"]);
CrossCheck("profiles", "userid", CrossCheck("profiles", "userid",
["bugs", "reporter", "bug_id"], ["bugs", "reporter", "bug_id"],
["bugs", "assigned_to", "bug_id"], ["bugs", "assigned_to", "bug_id"],
...@@ -203,6 +272,7 @@ CrossCheck("profiles", "userid", ...@@ -203,6 +272,7 @@ CrossCheck("profiles", "userid",
["watch", "watched"], ["watch", "watched"],
["tokens", "userid"], ["tokens", "userid"],
["components", "initialowner", "name"], ["components", "initialowner", "name"],
["user_group_map", "user_id"],
["components", "initialqacontact", "name", ["0"]]); ["components", "initialqacontact", "name", ["0"]]);
CrossCheck("products", "id", CrossCheck("products", "id",
...@@ -212,25 +282,9 @@ CrossCheck("products", "id", ...@@ -212,25 +282,9 @@ CrossCheck("products", "id",
["versions", "product_id", "value"], ["versions", "product_id", "value"],
["attachstatusdefs", "product_id", "name"]); ["attachstatusdefs", "product_id", "name"]);
########################################################################### DateCheck("groups", "last_changed");
# Perform group checks DateCheck("profiles", "refreshed_when");
###########################################################################
Status("Checking groups");
SendSQL("select bit from groups where bit != pow(2, round(log(bit) / log(2)))");
while (my $bit = FetchOneColumn()) {
Alert("Illegal bit number found in group table: $bit");
}
SendSQL("select sum(bit) from groups where isbuggroup != 0");
my $buggroupset = FetchOneColumn();
if (!defined $buggroupset || $buggroupset eq "") {
$buggroupset = 0;
}
SendSQL("select bug_id, groupset from bugs where groupset & $buggroupset != groupset");
while (@row = FetchSQLData()) {
Alert("Bad groupset $row[1] found in bug " . BugLink($row[0]));
}
########################################################################### ###########################################################################
# Perform product specific field checks # Perform product specific field checks
......
show_activity.cgi
View file @ 65d3dc0e
...@@ -35,10 +35,7 @@ ConnectToDatabase(); ...@@ -35,10 +35,7 @@ ConnectToDatabase();
# Begin Data/Security Validation # Begin Data/Security Validation
############################################################################### ###############################################################################
# Check whether or not the user is currently logged in. This function # Check whether or not the user is currently logged in.
# sets the value of $::usergroupset, the binary number that records
# the set of groups to which the user belongs and which we can use
# to determine whether or not the user is authorized to access this bug.
quietly_check_login(); quietly_check_login();
# Make sure the bug ID is a positive integer representing an existing # Make sure the bug ID is a positive integer representing an existing
......
showdependencygraph.cgi
View file @ 65d3dc0e
...@@ -31,7 +31,7 @@ ConnectToDatabase(); ...@@ -31,7 +31,7 @@ ConnectToDatabase();
quietly_check_login(); quietly_check_login();
use vars qw($template $vars $userid $usergroupset); use vars qw($template $vars $userid);
my %seen; my %seen;
my %edgesdone; my %edgesdone;
...@@ -128,13 +128,13 @@ foreach my $k (keys(%seen)) { ...@@ -128,13 +128,13 @@ foreach my $k (keys(%seen)) {
my $summary = ""; my $summary = "";
my $stat; my $stat;
if ($::FORM{'showsummary'}) { if ($::FORM{'showsummary'}) {
SendSQL(SelectVisible("SELECT bug_status, short_desc FROM bugs " . if (CanSeeBug($k, $::userid)) {
"WHERE bugs.bug_id = $k", SendSQL("SELECT bug_status, short_desc FROM bugs " .
$::userid, "WHERE bugs.bug_id = $k");
$::usergroupset));
($stat, $summary) = FetchSQLData(); ($stat, $summary) = FetchSQLData();
$stat = "NEW" if !defined $stat; $stat = "NEW" if !defined $stat;
$summary = "" if !defined $summary; $summary = "" if !defined $summary;
}
} else { } else {
SendSQL("SELECT bug_status FROM bugs WHERE bug_id = $k"); SendSQL("SELECT bug_status FROM bugs WHERE bug_id = $k");
$stat = FetchOneColumn(); $stat = FetchOneColumn();
......
showdependencytree.cgi
View file @ 65d3dc0e
...@@ -39,7 +39,6 @@ quietly_check_login(); ...@@ -39,7 +39,6 @@ quietly_check_login();
# More warning suppression silliness. # More warning suppression silliness.
$::userid = $::userid; $::userid = $::userid;
$::usergroupset = $::usergroupset;
################################################################################ ################################################################################
# Data/Security Validation # # Data/Security Validation #
...@@ -144,7 +143,9 @@ sub GetBug { ...@@ -144,7 +143,9 @@ sub GetBug {
# and returns it to the calling code. # and returns it to the calling code.
my ($id) = @_; my ($id) = @_;
SendSQL(SelectVisible("SELECT 1, my $bug = {};
if (CanSeeBug($id, $::userid)) {
SendSQL("SELECT 1,
bug_status, bug_status,
short_desc, short_desc,
$milestone_column, $milestone_column,
...@@ -152,11 +153,8 @@ sub GetBug { ...@@ -152,11 +153,8 @@ sub GetBug {
assignee.login_name assignee.login_name
FROM bugs, profiles AS assignee FROM bugs, profiles AS assignee
WHERE bugs.bug_id = $id WHERE bugs.bug_id = $id
AND bugs.assigned_to = assignee.userid", AND bugs.assigned_to = assignee.userid");
$::userid,
$::usergroupset));
my $bug = {};
($bug->{'exists'}, ($bug->{'exists'},
$bug->{'status'}, $bug->{'status'},
...@@ -164,6 +162,7 @@ sub GetBug { ...@@ -164,6 +162,7 @@ sub GetBug {
$bug->{'milestone'}, $bug->{'milestone'},
$bug->{'assignee_id'}, $bug->{'assignee_id'},
$bug->{'assignee_email'}) = FetchSQLData(); $bug->{'assignee_email'}) = FetchSQLData();
}
$bug->{'open'} = IsOpenedState($bug->{'status'}); $bug->{'open'} = IsOpenedState($bug->{'status'});
$bug->{'dependencies'} = []; $bug->{'dependencies'} = [];
......
sidebar.cgi
View file @ 65d3dc0e
...@@ -36,11 +36,11 @@ quietly_check_login(); ...@@ -36,11 +36,11 @@ quietly_check_login();
$vars->{'username'} = $::COOKIE{'Bugzilla_login'} || ''; $vars->{'username'} = $::COOKIE{'Bugzilla_login'} || '';
if (defined $::COOKIE{'Bugzilla_login'}) { if (defined $::COOKIE{'Bugzilla_login'}) {
SendSQL("SELECT mybugslink, userid, blessgroupset FROM profiles " . SendSQL("SELECT mybugslink, userid FROM profiles " .
"WHERE login_name = " . SqlQuote($::COOKIE{'Bugzilla_login'})); "WHERE login_name = " . SqlQuote($::COOKIE{'Bugzilla_login'}));
my ($mybugslink, $userid, $blessgroupset) = (FetchSQLData()); my ($mybugslink, $userid) = (FetchSQLData());
$vars->{'userid'} = $userid; $vars->{'userid'} = $userid;
$vars->{'blessgroupset'} = $blessgroupset; $vars->{'canblessanything'} = UserCanBlessAnything();
if ($mybugslink) { if ($mybugslink) {
my $mybugstemplate = Param("mybugstemplate"); my $mybugstemplate = Param("mybugstemplate");
my %substs = ( 'userid' => url_quote($::COOKIE{'Bugzilla_login'}) ); my %substs = ( 'userid' => url_quote($::COOKIE{'Bugzilla_login'}) );
......
template/en/default/account/prefs/permissions.html.tmpl
View file @ 65d3dc0e
...@@ -20,36 +20,48 @@ ...@@ -20,36 +20,48 @@
#%] #%]
[%# INTERFACE: [%# INTERFACE:
# has_bits: array of strings. May be empty. # has_bits: array of hashes. May be empty.
# Descriptions of the permission bits the user has. # name => Names of the permissions the user has.
# set_bits: array of strings. May be empty. # desc => Descriptions of the permissions the user has.
# Descriptions of the permission bits the user can set for # set_bits: array of hashes. May be empty.
# name => Names of the permissions the user can set for
# other people.
# desc => Descriptions of the permissions the user can set for
# other people. # other people.
#%] #%]
<table> <table align="center">
<tr> <tr>
<td> <td>
[% IF has_bits.size %] [% IF has_bits.size %]
You have the following permission bits set on your account: You have the following permission bits set on your account:
<ul> <p>
<br>
<table align="center">
[% FOREACH bit_description = has_bits %] [% FOREACH bit_description = has_bits %]
<li>[% bit_description %]</li> <tr>
<td>[% bit_description.name %]</td>
<td>[% bit_description.desc %]</td>
</tr>
[% END %] [% END %]
</ul> </table>
[% ELSE %] [% ELSE %]
There are no permission bits set on your account. There are no permission bits set on your account.
[% END %] [% END %]
[% IF set_bits.size %] [% IF set_bits.size %]
<br>
And you can turn on or off the following bits for And you can turn on or off the following bits for
<a href="editusers.cgi">other users</a>: <a href="editusers.cgi">other users</a>:
<p> <p>
<ul> <table align="center">
[% FOREACH bit_description = set_bits %] [% FOREACH bit_description = set_bits %]
<li>[% bit_description %]</li> <tr>
<td>[% bit_description.name %]</td>
<td>[% bit_description.desc %]</td>
</tr>
[% END %] [% END %]
</ul> </table>
</p> </p>
[% END %] [% END %]
</td> </td>
......
template/en/default/global/useful-links.html.tmpl
View file @ 65d3dc0e
...@@ -65,7 +65,7 @@ ...@@ -65,7 +65,7 @@
[% ', <a href="editparams.cgi">parameters</a>' [% ', <a href="editparams.cgi">parameters</a>'
IF user.groups.tweakparams %] IF user.groups.tweakparams %]
[% ', <a href="editusers.cgi">users</a>' IF user.groups.editusers [% ', <a href="editusers.cgi">users</a>' IF user.groups.editusers
|| (user.blessgroupset > 0) %] || user.canblessany %]
[% ', <a href="editproducts.cgi">products</a>' [% ', <a href="editproducts.cgi">products</a>'
IF user.groups.editcomponents %] IF user.groups.editcomponents %]
[% ', <a href="editattachstatuses.cgi"> attachment&nbsp;statuses</a>' [% ', <a href="editattachstatuses.cgi"> attachment&nbsp;statuses</a>'
......
template/en/default/sidebar.xul.tmpl
View file @ 65d3dc0e
...@@ -73,7 +73,7 @@ function normal_keypress_handler( aEvent ) { ...@@ -73,7 +73,7 @@ function normal_keypress_handler( aEvent ) {
[%- IF UserInGroup('tweakparams') %] [%- IF UserInGroup('tweakparams') %]
<text class="text-link" onclick="load_relative_url('editparams.cgi')" value="edit params"/> <text class="text-link" onclick="load_relative_url('editparams.cgi')" value="edit params"/>
[%- END %] [%- END %]
[%- IF UserInGroup('editusers') || blessgroupset %] [%- IF UserInGroup('editusers') || canblessany %]
<text class="text-link" onclick="load_relative_url('editusers.cgi')" value="edit users"/> <text class="text-link" onclick="load_relative_url('editusers.cgi')" value="edit users"/>
[%- END %] [%- END %]
[%- IF UserInGroup('editcomponents') %] [%- IF UserInGroup('editcomponents') %]
......
token.cgi
View file @ 65d3dc0e
...@@ -265,6 +265,7 @@ sub changeEmail { ...@@ -265,6 +265,7 @@ sub changeEmail {
SendSQL("DELETE FROM tokens WHERE userid = $userid SendSQL("DELETE FROM tokens WHERE userid = $userid
AND tokentype = 'emailnew'"); AND tokentype = 'emailnew'");
SendSQL("UNLOCK TABLES"); SendSQL("UNLOCK TABLES");
DeriveGroup($userid);
# Return HTTP response headers. # Return HTTP response headers.
print "Content-Type: text/html\n\n"; print "Content-Type: text/html\n\n";
...@@ -300,6 +301,7 @@ sub cancelChangeEmail { ...@@ -300,6 +301,7 @@ sub cancelChangeEmail {
SET login_name = $quotedoldemail SET login_name = $quotedoldemail
WHERE userid = $userid"); WHERE userid = $userid");
SendSQL("UNLOCK TABLES"); SendSQL("UNLOCK TABLES");
DeriveGroup($userid);
$vars->{'message'} .= $vars->{'message'} .=
" Your old account settings have been reinstated."; " Your old account settings have been reinstated.";
} }
......
userprefs.cgi
View file @ 65d3dc0e
...@@ -33,7 +33,6 @@ use RelationSet; ...@@ -33,7 +33,6 @@ use RelationSet;
sub sillyness { sub sillyness {
my $zz; my $zz;
$zz = $::defaultqueryname; $zz = $::defaultqueryname;
$zz = $::usergroupset;
} }
# Use global template variables. # Use global template variables.
...@@ -331,21 +330,22 @@ sub SaveFooter { ...@@ -331,21 +330,22 @@ sub SaveFooter {
sub DoPermissions { sub DoPermissions {
my (@has_bits, @set_bits); my (@has_bits, @set_bits);
SendSQL("SELECT description FROM groups " . SendSQL("SELECT DISTINCT name, description FROM groups, user_group_map " .
"WHERE bit & $::usergroupset != 0 " . "WHERE user_group_map.group_id = groups.id " .
"ORDER BY bit"); "AND user_id = $::userid " .
"AND isbless = 0 " .
"ORDER BY name");
while (MoreSQLData()) { while (MoreSQLData()) {
push(@has_bits, FetchSQLData()); my ($nam, $desc) = FetchSQLData();
push(@has_bits, {"desc" => $desc, "name" => $nam});
} }
my @set_ids = ();
SendSQL("SELECT blessgroupset FROM profiles WHERE userid = $userid"); SendSQL("SELECT DISTINCT name, description FROM groups " .
my $blessgroupset = FetchOneColumn(); "ORDER BY name");
if ($blessgroupset) {
SendSQL("SELECT description FROM groups " .
"WHERE bit & $blessgroupset != 0 " .
"ORDER BY bit");
while (MoreSQLData()) { while (MoreSQLData()) {
push(@set_bits, FetchSQLData()); my ($nam, $desc) = FetchSQLData();
if (UserCanBlessGroup($nam)) {
push(@set_bits, {"desc" => $desc, "name" => $nam});
} }
} }
......
votes.cgi
View file @ 65d3dc0e
...@@ -28,7 +28,6 @@ use lib "."; ...@@ -28,7 +28,6 @@ use lib ".";
require "CGI.pl"; require "CGI.pl";
use vars qw($usergroupset);
# Use global template variables # Use global template variables
use vars qw($template $vars); use vars qw($template $vars);
...@@ -188,7 +187,7 @@ sub show_user { ...@@ -188,7 +187,7 @@ sub show_user {
# and they can see there are votes 'missing', but not on what bug # and they can see there are votes 'missing', but not on what bug
# they are. This seems a reasonable compromise; the alternative is # they are. This seems a reasonable compromise; the alternative is
# to lie in the totals. # to lie in the totals.
next if !CanSeeBug($id, $who, $usergroupset); next if !CanSeeBug($id, $who);
push (@bugs, { id => $id, push (@bugs, { id => $id,
summary => $summary, summary => $summary,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment