blob: 4fdd948ea352b884ee35cd6c04097581b76dd2ab [file] [log] [blame]
#!/usr/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil; cperl-indent-level: 4 -*-
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Bugzilla Bug Tracking System.
#
# The Initial Developer of the Original Code is Albert Ting
#
# Contributor(s): Albert Ting <alt@sonic.net>
# Max Kanat-Alexander <mkanat@bugzilla.org>
#
# Direct any questions on this source code to mozilla.org
use strict;
use lib ".";
use Bugzilla;
use Bugzilla::Constants;
use Bugzilla::Util;
use Bugzilla::Error;
use Bugzilla::Config qw($datadir);
require "CGI.pl";
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
my $template = Bugzilla->template;
my $vars = {};
# TestClassification: just returns if the specified classification does exist
# CheckClassification: same check, optionally emit an error text
sub TestClassification ($) {
my $cl = shift;
my $dbh = Bugzilla->dbh;
trick_taint($cl);
# does the classification exist?
my $sth = $dbh->prepare("SELECT name
FROM classifications
WHERE name=?");
$sth->execute($cl);
my @row = $sth->fetchrow_array();
return $row[0];
}
sub CheckClassification ($) {
my $cl = shift;
unless ($cl) {
ThrowUserError("classification_not_specified");
}
if (! TestClassification($cl)) {
ThrowUserError("classification_doesnt_exist", { name => $cl });
}
}
sub LoadTemplate ($) {
my $action = shift;
$action =~ /(\w+)/;
$action = $1;
print $cgi->header();
$template->process("admin/classifications/$action.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
}
#
# Preliminary checks:
#
Bugzilla->login(LOGIN_REQUIRED);
print $cgi->header();
exists Bugzilla->user->groups->{'editclassifications'}
|| ThrowUserError("auth_failure", {group => "editclassifications",
action => "edit",
object => "classifications"});
ThrowUserError("auth_classification_not_enabled") unless Param("useclassification");
#
# often used variables
#
my $action = trim($cgi->param('action') || '');
my $classification = trim($cgi->param('classification') || '');
trick_taint($classification);
$vars->{'classification'} = $classification;
#
# action='' -> Show nice list of classifications
#
unless ($action) {
my @classifications;
# left join is tricky
# - must select "classifications" fields if you want a REAL value
# - must use "count(products.classification_id)" if you want a true
# count. If you use count(classifications.id), it will return 1 for NULL
# - must use "group by classifications.id" instead of
# products.classification_id. Otherwise it won't look for all
# classification ids, just the ones used by the products.
my $sth = $dbh->prepare("SELECT classifications.id, classifications.name,
classifications.description,
COUNT(classification_id) AS total
FROM classifications
LEFT JOIN products
ON classifications.id = products.classification_id
" . $dbh->sql_group_by('classifications.id',
'classifications.name,
classifications.description') . "
ORDER BY name");
$sth->execute();
while (my ($id,$classification,$description,$total) = $sth->fetchrow_array()) {
my $cl = {};
$cl->{'id'} = $id;
$cl->{'classification'} = $classification;
$cl->{'description'} = $description if (defined $description);
$cl->{'total'} = $total;
push(@classifications, $cl);
}
$vars->{'classifications'} = \@classifications;
LoadTemplate("select");
}
#
# action='add' -> present form for parameters for new classification
#
# (next action will be 'new')
#
if ($action eq 'add') {
LoadTemplate($action);
}
#
# action='new' -> add classification entered in the 'action=add' screen
#
if ($action eq 'new') {
unless ($classification) {
ThrowUserError("classification_not_specified");
}
if (TestClassification($classification)) {
ThrowUserError("classification_already_exists", { name => $classification });
}
my $description = trim($cgi->param('description') || '');
trick_taint($description);
# Add the new classification.
my $sth = $dbh->prepare("INSERT INTO classifications (name,description)
VALUES (?,?)");
$sth->execute($classification,$description);
# Make versioncache flush
unlink "$datadir/versioncache";
LoadTemplate($action);
}
#
# action='del' -> ask if user really wants to delete
#
# (next action would be 'delete')
#
if ($action eq 'del') {
CheckClassification($classification);
my $sth;
# display some data about the classification
$sth = $dbh->prepare("SELECT id, description
FROM classifications
WHERE name=?");
$sth->execute($classification);
my ($classification_id, $description) = $sth->fetchrow_array();
ThrowUserError("classification_not_deletable") if ($classification_id eq "1");
$sth = $dbh->prepare("SELECT name
FROM products
WHERE classification_id=$classification_id");
$sth->execute();
ThrowUserError("classification_has_products") if ($sth->fetchrow_array());
$vars->{'description'} = $description if (defined $description);
LoadTemplate($action);
}
#
# action='delete' -> really delete the classification
#
if ($action eq 'delete') {
CheckClassification($classification);
my $sth;
my $classification_id = get_classification_id($classification);
if ($classification_id == 1) {
ThrowUserError("cant_delete_default_classification", { name => $classification });
}
# lock the tables before we start to change everything:
$dbh->bz_lock_tables('classifications WRITE', 'products WRITE');
# delete
$sth = $dbh->prepare("DELETE FROM classifications WHERE id=?");
$sth->execute($classification_id);
# update products just in case
$sth = $dbh->prepare("UPDATE products
SET classification_id=1
WHERE classification_id=?");
$sth->execute($classification_id);
$dbh->bz_unlock_tables();
unlink "$datadir/versioncache";
LoadTemplate($action);
}
#
# action='edit' -> present the edit classifications from
#
# (next action would be 'update')
#
if ($action eq 'edit') {
CheckClassification($classification);
my @products = ();
my $has_products = 0;
my $sth;
# get data of classification
$sth = $dbh->prepare("SELECT id,description
FROM classifications
WHERE name=?");
$sth->execute($classification);
my ($classification_id,$description) = $sth->fetchrow_array();
$vars->{'description'} = $description if (defined $description);
$sth = $dbh->prepare("SELECT name,description
FROM products
WHERE classification_id=?
ORDER BY name");
$sth->execute($classification_id);
while ( my ($product, $prod_description) = $sth->fetchrow_array()) {
my $prod = {};
$has_products = 1;
$prod->{'name'} = $product;
$prod->{'description'} = $prod_description if (defined $prod_description);
push(@products, $prod);
}
$vars->{'products'} = \@products if ($has_products);
LoadTemplate($action);
}
#
# action='update' -> update the classification
#
if ($action eq 'update') {
my $classificationold = trim($cgi->param('classificationold') || '');
my $description = trim($cgi->param('description') || '');
my $descriptionold = trim($cgi->param('descriptionold') || '');
my $checkvotes = 0;
my $sth;
CheckClassification($classificationold);
my $classification_id = get_classification_id($classificationold);
trick_taint($description);
# Note that we got the $classification_id using $classificationold
# above so it will remain static even after we rename the
# classification in the database.
$dbh->bz_lock_tables('classifications WRITE');
if ($classification ne $classificationold) {
unless ($classification) {
ThrowUserError("classification_not_specified");
}
if (TestClassification($classification)) {
ThrowUserError("classification_already_exists", { name => $classification });
}
$sth = $dbh->prepare("UPDATE classifications
SET name=? WHERE id=?");
$sth->execute($classification,$classification_id);
$vars->{'updated_classification'} = 1;
}
if ($description ne $descriptionold) {
$sth = $dbh->prepare("UPDATE classifications
SET description=?
WHERE id=?");
$sth->execute($description,$classification_id);
$vars->{'updated_description'} = 1;
}
$dbh->bz_unlock_tables();
unlink "$datadir/versioncache";
LoadTemplate($action);
}
#
# action='reclassify' -> reclassify products for the classification
#
if ($action eq 'reclassify') {
CheckClassification($classification);
my $sth;
# display some data about the classification
$sth = $dbh->prepare("SELECT id, description
FROM classifications
WHERE name=?");
$sth->execute($classification);
my ($classification_id, $description) = $sth->fetchrow_array();
$vars->{'description'} = $description if (defined $description);
$sth = $dbh->prepare("UPDATE products
SET classification_id=?
WHERE name=?");
if (defined $cgi->param('add_products')) {
if (defined $cgi->param('prodlist')) {
foreach my $prod ($cgi->param("prodlist")) {
trick_taint($prod);
$sth->execute($classification_id,$prod);
}
}
} elsif (defined $cgi->param('remove_products')) {
if (defined $cgi->param('myprodlist')) {
foreach my $prod ($cgi->param("myprodlist")) {
trick_taint($prod);
$sth->execute(1,$prod);
}
}
} elsif (defined $cgi->param('migrate_products')) {
if (defined $cgi->param('clprodlist')) {
foreach my $prod ($cgi->param("clprodlist")) {
trick_taint($prod);
$sth->execute($classification_id,$prod);
}
}
}
my @selected_products = ();
my @class_products = ();
$sth = $dbh->prepare("SELECT classifications.id,
products.name,
classifications.name,
classifications.id > 1 as unknown
FROM products
INNER JOIN classifications
ON classifications.id = products.classification_id
ORDER BY unknown, products.name,
classifications.name");
$sth->execute();
while ( my ($clid, $name, $clname) = $sth->fetchrow_array() ) {
if ($clid == $classification_id) {
push(@selected_products,$name);
} else {
my $cl = {};
if ($clid == 1) {
$cl->{'name'} = "[$clname] $name";
} else {
$cl->{'name'} = "$name [$clname]";
}
$cl->{'value'} = $name;
push(@class_products,$cl);
}
}
$vars->{'selected_products'} = \@selected_products;
$vars->{'class_products'} = \@class_products;
LoadTemplate($action);
}
#
# No valid action found
#
ThrowCodeError("action_unrecognized", $vars);