vitalif
/
bugzilla-4intranet
mirror of https://github.com/vitalif/bugzilla-4intranet
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove CGI interfacing from Bugzilla::Search

hinted-selects
Vitaliy Filippov 2014-07-21 16:23:16 +04:00
parent 82b268483c
commit 0319a66bb4
12 changed files with 63 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Bugzilla/CGI.pm
View File

@ -117,7 +117,6 @@ sub parse_params {
sub canonicalise_query { sub canonicalise_query {
my ($self, @exclude) = @_; my ($self, @exclude) = @_;
$self->convert_old_params();
# Reconstruct the URL by concatenating the sorted param=value pairs # Reconstruct the URL by concatenating the sorted param=value pairs
my @parameters; my @parameters;
foreach my $key (sort($self->param())) { foreach my $key (sort($self->param())) {
@ -142,17 +141,6 @@ sub canonicalise_query {
return join("&", @parameters); return join("&", @parameters);
} }
sub convert_old_params {
my $self = shift;
# bugidtype is now bug_id_type.
if ($self->param('bugidtype')) {
my $value = $self->param('bugidtype') eq 'exclude' ? 'nowords' : 'anyexact';
$self->param('bug_id_type', $value);
$self->delete('bugidtype');
}
}
sub clean_search_url { sub clean_search_url {
my $self = shift; my $self = shift;
# Delete any empty URL parameter. # Delete any empty URL parameter.

13
Bugzilla/Search.pm
View File

@ -945,10 +945,7 @@ sub init
my $self = shift; my $self = shift;
my @fields = @{ $self->{fields} || [] }; my @fields = @{ $self->{fields} || [] };
my $params = $self->{params}; my $H = $self->{params};
$params->convert_old_params();
# Copy hash and throw away tied reference returned by CGI::Vars()
my $H = { %{ $params->Vars } };
# $self->{user} = User under which the search will be ran # $self->{user} = User under which the search will be ran
# Bugzilla->user = Just current user # Bugzilla->user = Just current user
@ -1042,6 +1039,11 @@ sub init
delete $legal_fields->{$_} for keys %{TIMETRACKING_FIELDS()}; delete $legal_fields->{$_} for keys %{TIMETRACKING_FIELDS()};
} }
if (exists $H->{bugidtype})
{
$H->{bug_id_type} = delete $H->{bugidtype} eq 'exclude' ? 'nowords' : 'anyexact';
}
# Extract <field> and <field>_type from parameters # Extract <field> and <field>_type from parameters
foreach (keys %$H) foreach (keys %$H)
{ {
@ -2957,9 +2959,8 @@ sub _in_search_results
{ {
my $self = shift; my $self = shift;
my $query = LookupNamedQuery(trim($self->{value})); my $query = LookupNamedQuery(trim($self->{value}));
my $queryparams = new Bugzilla::CGI($query);
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
params => $queryparams, params => http_decode_query($query),
fields => [ "bugs.bug_id" ], fields => [ "bugs.bug_id" ],
user => Bugzilla->user, user => Bugzilla->user,
); );

4
Bugzilla/Util.pm
View File

@ -268,7 +268,7 @@ sub url_quote_noslash
return $toencode; return $toencode;
} }
# http_build_query($hashref) like PHP's one # http_build_query($hashref), like PHP's one
sub http_build_query($) sub http_build_query($)
{ {
my ($query) = @_; my ($query) = @_;
@ -276,7 +276,7 @@ sub http_build_query($)
url_quote($_).'='.(ref $query->{$_} url_quote($_).'='.(ref $query->{$_}
? join('&'.url_quote($_).'=', map { url_quote($_) } @{$query->{$_}}) ? join('&'.url_quote($_).'=', map { url_quote($_) } @{$query->{$_}})
: url_quote($query->{$_})) : url_quote($query->{$_}))
} keys %$query); } sort keys %$query);
} }
# Decode query string to a hashref # Decode query string to a hashref

36
buglist.cgi
View File

@ -223,12 +223,12 @@ if (defined $cgi->param('regetlastlist'))
my $bug_id = $cgi->cookie('BUGLIST'); my $bug_id = $cgi->cookie('BUGLIST');
$bug_id =~ s/:/,/g; $bug_id =~ s/:/,/g;
# set up the params for this new query # set up the params for this new query
$params = new Bugzilla::CGI({ $params = {
bug_id => $bug_id, bug_id => $bug_id,
bug_id_type => 'anyexact', bug_id_type => 'anyexact',
order => $order, order => $order,
columnlist => scalar($cgi->param('columnlist')), columnlist => scalar($cgi->param('columnlist')),
}); };
} }
# Figure out whether or not the user is doing a fulltext search. If not, # Figure out whether or not the user is doing a fulltext search. If not,
@ -421,7 +421,7 @@ if ($cmdtype eq "runnamed")
# earlier, for example by setting up a named query search. # earlier, for example by setting up a named query search.
# This will be modified, so make a copy. # This will be modified, so make a copy.
$params ||= new Bugzilla::CGI($cgi); $params ||= { %{ $cgi->Vars } };
# Generate a reasonable filename for the user agent to suggest to the user # Generate a reasonable filename for the user agent to suggest to the user
# when the user saves the bug list. Uses the name of the remembered query # when the user saves the bug list. Uses the name of the remembered query
@ -465,17 +465,16 @@ if ($cmdtype eq "dorem")
print $cgi->redirect(-location => $buffer); print $cgi->redirect(-location => $buffer);
exit; exit;
} }
$params = new Bugzilla::CGI($buffer); $params = http_decode_query($buffer);
$order = $params->param('order') || $order; $order = $params->{order} || $order;
} }
elsif ($remaction eq "runseries") elsif ($remaction eq "runseries")
{ {
$buffer = LookupSeries(scalar $cgi->param("series_id")); $buffer = LookupSeries(scalar $cgi->param("series_id"));
$vars->{searchname} = $cgi->param('namedcmd'); $vars->{searchname} = $cgi->param('namedcmd');
$vars->{searchtype} = "series"; $vars->{searchtype} = "series";
$params = new Bugzilla::CGI($buffer); $params = http_decode_query($buffer);
$order = $params->param('order') || $order; $order = $params->{order} || $order;
} }
elsif ($remaction eq "forget") elsif ($remaction eq "forget")
{ {
@ -582,9 +581,9 @@ my $columns = Bugzilla::Search::COLUMNS;
# Determine the columns that will be displayed in the bug list via the # Determine the columns that will be displayed in the bug list via the
# columnlist CGI parameter, the user's preferences, or the default. # columnlist CGI parameter, the user's preferences, or the default.
my @displaycolumns = (); my @displaycolumns = ();
if (defined $params->param('columnlist')) if (defined $params->{columnlist})
{ {
if ($params->param('columnlist') eq "all") if ($params->{columnlist} eq 'all')
{ {
# If the value of the CGI parameter is "all", display all columns, # If the value of the CGI parameter is "all", display all columns,
# but remove the redundant "short_desc" column. # but remove the redundant "short_desc" column.
@ -592,7 +591,7 @@ if (defined $params->param('columnlist'))
} }
else else
{ {
@displaycolumns = split(/[ ,]+/, $params->param('columnlist')); @displaycolumns = split(/[ ,]+/, $params->{columnlist});
} }
} }
elsif (defined $cgi->cookie('COLUMNLIST')) elsif (defined $cgi->cookie('COLUMNLIST'))
@ -633,7 +632,7 @@ $_ = Bugzilla::Search->COLUMN_ALIASES->{$_} || $_ for @displaycolumns;
# Some versions of perl will taint 'votes' if this is done as a single # Some versions of perl will taint 'votes' if this is done as a single
# statement, because the votes param is tainted at this point # statement, because the votes param is tainted at this point
my $votes = $params->param('votes'); my $votes = $params->{votes};
$votes ||= ""; $votes ||= "";
if (trim($votes) && !grep($_ eq 'votes', @displaycolumns)) if (trim($votes) && !grep($_ eq 'votes', @displaycolumns))
{ {
@ -838,7 +837,7 @@ my @orderstrings = split(/,\s*/, $order);
my $input_bug_status; my $input_bug_status;
if ($query_format eq 'specific') if ($query_format eq 'specific')
{ {
$input_bug_status = $params->param('bug_status'); $input_bug_status = $params->{bug_status};
} }
# Generate the basic SQL query that will be used to generate the bug list. # Generate the basic SQL query that will be used to generate the bug list.
@ -849,8 +848,7 @@ my $search = new Bugzilla::Search(
); );
my $query = $search->getSQL(); my $query = $search->getSQL();
$vars->{search_description} = $search->search_description_html; $vars->{search_description} = $search->search_description_html;
my $H = { %{ $params->Vars } }; $vars->{list_params} = $params;
$vars->{list_params} = $H;
# Generate equality operators for the "Create bug from querystring" link # Generate equality operators for the "Create bug from querystring" link
# FIXME: check if there are some differently named fields # FIXME: check if there are some differently named fields
@ -1121,14 +1119,16 @@ if ($format->{extension} eq 'ics')
} }
# Restore the bug status used by the specific search. # Restore the bug status used by the specific search.
$params->param('bug_status', $input_bug_status) if $input_bug_status; $params->{bug_status} = $input_bug_status if $input_bug_status;
# The list of query fields in URL query string format, used when creating # The list of query fields in URL query string format, used when creating
# URLs to the same query results page with different parameters (such as # URLs to the same query results page with different parameters (such as
# a different sort order or when taking some action on the set of query # a different sort order or when taking some action on the set of query
# results). To get this string, we call the Bugzilla::CGI::canoncalise_query # results). To get this string, we call the Bugzilla::CGI::canoncalise_query
# function with a list of elements to be removed from the URL. # function with a list of elements to be removed from the URL.
$vars->{urlquerypart} = $params->canonicalise_query('order', 'cmdtype', 'query_based_on'); $vars->{urlquerypart} = { %$params };
delete $vars->{urlquerypart}->{$_} for ('order', 'cmdtype', 'query_based_on');
$vars->{urlquerypart} = http_build_query($vars->{urlquerypart});
$vars->{order} = $order; $vars->{order} = $order;
$vars->{order_columns} = [ @orderstrings ]; $vars->{order_columns} = [ @orderstrings ];
$vars->{order_dir} = [ map { s/ DESC$// ? 1 : 0 } @{$vars->{order_columns}} ]; $vars->{order_dir} = [ map { s/ DESC$// ? 1 : 0 } @{$vars->{order_columns}} ];
@ -1136,7 +1136,7 @@ $vars->{order_dir} = [ map { s/ DESC$// ? 1 : 0 } @{$vars->{order_columns}} ];
$vars->{caneditbugs} = 1; $vars->{caneditbugs} = 1;
$vars->{time_info} = $time_info; $vars->{time_info} = $time_info;
$vars->{query_params} = { %{ $params->Vars } }; # now used only in superworktime $vars->{query_params} = { %$params }; # now used only in superworktime
$vars->{query_params}->{chfieldfrom} = $Bugzilla::Search::interval_from; $vars->{query_params}->{chfieldfrom} = $Bugzilla::Search::interval_from;
$vars->{query_params}->{chfieldto} = $Bugzilla::Search::interval_to; $vars->{query_params}->{chfieldto} = $Bugzilla::Search::interval_to;

4
collectstats.pl
View File

@ -506,13 +506,13 @@ sub CollectSeriesData {
# We set up the user for Search.pm's permission checking - each series # We set up the user for Search.pm's permission checking - each series
# runs with the permissions of its creator. # runs with the permissions of its creator.
my $user = new Bugzilla::User($serieses->{$series_id}->{'creator'}); my $user = new Bugzilla::User($serieses->{$series_id}->{'creator'});
my $cgi = new Bugzilla::CGI($serieses->{$series_id}->{'query'}); my $query = http_decode_query($serieses->{$series_id}->{'query'});
my $data; my $data;
# Do not die if Search->new() detects invalid data, such as an obsolete # Do not die if Search->new() detects invalid data, such as an obsolete
# login name or a renamed product or component, etc. # login name or a renamed product or component, etc.
eval { eval {
my $search = new Bugzilla::Search('params' => $cgi, my $search = new Bugzilla::Search('params' => $query,
'fields' => ["bug_id"], 'fields' => ["bug_id"],
'user' => $user); 'user' => $user);
my $sql = $search->getSQL(); my $sql = $search->getSQL();

3
extensions/custis/lib/Bugzilla/Checker.pm
View File

@ -82,9 +82,8 @@ sub refresh_sql
{ {
$query = $self->query; $query = $self->query;
} }
my $params = new Bugzilla::CGI($query->url);
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
params => $params, params => http_decode_query($query->url),
fields => [ 'bug_id' ], fields => [ 'bug_id' ],
user => $query->user, user => $query->user,
); );

7
extensions/custis/lib/FlushViews.pm
View File

@ -4,7 +4,6 @@
package FlushViews; package FlushViews;
use strict; use strict;
use Bugzilla::CGI;
use Bugzilla::User; use Bugzilla::User;
use Bugzilla::Search; use Bugzilla::Search;
@ -81,11 +80,11 @@ sub refresh_some_views
($q) = $dbh->selectrow_array('SELECT name FROM namedqueries WHERE userid=? AND name LIKE ? LIMIT 1', undef, $userid, $q); ($q) = $dbh->selectrow_array('SELECT name FROM namedqueries WHERE userid=? AND name LIKE ? LIMIT 1', undef, $userid, $q);
$q or next; $q or next;
my $storedquery = Bugzilla::Search::LookupNamedQuery($q, $userid, 0) or next; my $storedquery = Bugzilla::Search::LookupNamedQuery($q, $userid, 0) or next;
my $cgi = new Bugzilla::CGI($storedquery); $storedquery = http_decode_query($storedquery);
# get SQL code # get SQL code
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
params => $cgi, params => $storedquery,
fields => [ 'bug_id', grep { $_ ne 'bug_id' } split(/[ ,]+/, $cgi->param('columnlist')||'') ], fields => [ 'bug_id', grep { $_ ne 'bug_id' } split(/[ ,]+/, $storedquery->{columnlist} || '') ],
user => $userobj, user => $userobj,
) or next; ) or next;
# Re-create views # Re-create views

28
fill-day-worktime.cgi
View File

@ -1,7 +1,7 @@
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil -*- # "Old" version of "Today Worktime" page for mass-filling worktime information (CustIS Bug 12253)
# ------------------------------------------------------------------------ # Author(s): Stas Fomin, Vitaliy Filippov
# For Bug 12253 # License: Dual-license GPL 3.0+ or MPL 1.1+
use strict; use strict;
use lib qw(. lib); use lib qw(. lib);
@ -20,12 +20,12 @@ use BugWorkTime; # extensions/custis/lib/
my $user = Bugzilla->login(LOGIN_REQUIRED); my $user = Bugzilla->login(LOGIN_REQUIRED);
my $userid = $user->id; my $userid = $user->id;
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template; my $template = Bugzilla->template;
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
my $vars = {}; my $vars = {};
my $ARGS = { %{ Bugzilla->cgi->Vars } };
my ($lastdays) = $cgi->param('lastdays') =~ /^(\d+)$/; my ($lastdays) = $ARGS->{lastdays} =~ /^(\d+)$/;
$vars->{lastdays} = $lastdays ||= '1'; $vars->{lastdays} = $lastdays ||= '1';
sub add_wt sub add_wt
@ -41,24 +41,23 @@ sub add_wt
# Read buglist from query params # Read buglist from query params
my @idlist; my @idlist;
my $args = { %{ $cgi->Vars } }; foreach (keys %$ARGS)
foreach (keys %$args)
{ {
if (/^wtime_(\d+)/) if (/^wtime_(\d+)/)
{ {
my $id = $1; my $id = $1;
push @idlist, $id if $args->{$_} || $args->{"comm_$id"} || push @idlist, $id if $ARGS->{$_} || $ARGS->{"comm_$id"} ||
$args->{"oldrtime_$id"} ne $args->{"newrtime_$id"}; $ARGS->{"oldrtime_$id"} ne $ARGS->{"newrtime_$id"};
} }
} }
my @lines = split("\n", $cgi->param("worktime")); my @lines = split("\n", $ARGS->{worktime});
if (@idlist || @lines) if (@idlist || @lines)
{ {
my $wtime = { IDS => [] }; my $wtime = { IDS => [] };
foreach my $id (@idlist) foreach my $id (@idlist)
{ {
add_wt($wtime, $id, scalar $cgi->param("wtime_$id"), scalar $cgi->param("comm_$id")); add_wt($wtime, $id, $ARGS->{"wtime_$id"}, $ARGS->{"comm_$id"});
} }
foreach my $line (@lines) foreach my $line (@lines)
{ {
@ -111,7 +110,7 @@ if (@idlist || @lines)
Bugzilla->dbh->bz_commit_transaction(); Bugzilla->dbh->bz_commit_transaction();
} }
Checkers::show_checker_errors(); Checkers::show_checker_errors();
print $cgi->redirect(-location => "fill-day-worktime.cgi?lastdays=" . $lastdays); print Bugzilla->cgi->redirect(-location => "fill-day-worktime.cgi?lastdays=" . $lastdays);
exit; exit;
} }
@ -120,9 +119,8 @@ my ($query, $query_id) = Bugzilla::Search::LookupNamedQuery('MyWorktimeBugs', un
my $sqlquery = ""; my $sqlquery = "";
if ($query_id) if ($query_id)
{ {
my $queryparams = new Bugzilla::CGI($query); my $search = new Bugzilla::Search(
my $search = new Bugzilla::Search( params => http_decode_query($query),
params => $queryparams,
fields => [ "bugs.bug_id" ], fields => [ "bugs.bug_id" ],
); );
$sqlquery = $search->bugid_query; $sqlquery = $search->bugid_query;

3
report.cgi
View File

@ -185,10 +185,9 @@ my @axis_fields = @group_by;
push @axis_fields, $measures->{$measure} unless $a{$measures->{$measure}}; push @axis_fields, $measures->{$measure} unless $a{$measures->{$measure}};
# Clone the params, so that Bugzilla::Search can modify them # Clone the params, so that Bugzilla::Search can modify them
my $params = new Bugzilla::CGI($cgi);
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
'fields' => \@axis_fields, 'fields' => \@axis_fields,
'params' => $params, 'params' => { %{ $cgi->Vars } },
); );
my $query = $search->getSQL(); my $query = $search->getSQL();
$query = $query =

25
rss-comments.cgi
View File

@ -1,5 +1,5 @@
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# RSS feed bug comments and activity (CustIS Bug 16210) # RSS feed for bug comments and activity (CustIS Bug 16210)
# License: Dual-license GPL 3.0+ or MPL 1.1+ # License: Dual-license GPL 3.0+ or MPL 1.1+
# Author: Vitaliy Filippov <vitalif@mail.ru> # Author: Vitaliy Filippov <vitalif@mail.ru>
@ -20,42 +20,41 @@ use POSIX;
my $user = Bugzilla->login(LOGIN_REQUIRED); my $user = Bugzilla->login(LOGIN_REQUIRED);
my $vars = {}; my $vars = {};
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template; my $template = Bugzilla->template;
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
my $ARGS = { %{ Bugzilla->cgi->Vars } };
$vars->{selfurl} = $cgi->canonicalise_query(); $vars->{buginfo} = $ARGS->{buginfo};
$vars->{buginfo} = $cgi->param('buginfo');
# See http://lib.custis.ru/ShowTeamWork for &ctype=showteamwork # See http://lib.custis.ru/ShowTeamWork for &ctype=showteamwork
our %FORMATS = map { $_ => 1 } qw(rss showteamwork); our %FORMATS = map { $_ => 1 } qw(rss showteamwork);
my $who = $cgi->param('who'); my $who = $ARGS->{who};
my $limit; my $limit;
my $format = $cgi->param('ctype'); my $format = $ARGS->{ctype};
trick_taint($format); trick_taint($format);
$FORMATS{$format} or $format = 'rss'; $FORMATS{$format} or $format = 'rss';
# Determine activity limit (100 by default) # Determine activity limit (100 by default)
$limit = int($cgi->param('limit')) if $format eq 'showteamwork'; $limit = int($ARGS->{limit}) if $format eq 'showteamwork';
$limit = 100 if !$limit || $limit < 1; $limit = 100 if !$limit || $limit < 1;
my $title = $cgi->param('namedcmd'); my $title = $ARGS->{namedcmd};
if ($title) if ($title)
{ {
my $storedquery = Bugzilla::Search::LookupNamedQuery($title, $user->id); my $storedquery = Bugzilla::Search::LookupNamedQuery($title, $user->id);
$cgi = new Bugzilla::CGI($storedquery); $ARGS = http_decode_query($storedquery);
} }
$title ||= $cgi->param('query_based_on') || "Bugs"; $title ||= $ARGS->{query_based_on} || 'Bugs';
my $queryparams = new Bugzilla::CGI($cgi); delete $ARGS->{$_} for ('order', 'cmdtype', 'query_based_on');
$vars->{urlquerypart} = $queryparams->canonicalise_query('order', 'cmdtype', 'query_based_on'); $vars->{urlquerypart} = http_build_query($ARGS);
# Create Bugzilla::Search # Create Bugzilla::Search
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
params => $queryparams, params => $ARGS,
fields => [ "bug_id" ], fields => [ "bug_id" ],
); );

2
template/en/default/list/comments.rss.tmpl
View File

@ -6,7 +6,7 @@
<channel> <channel>
<title>[% title FILTER xml %]</title> <title>[% title FILTER xml %]</title>
<link>[% Param('urlbase') %]buglist.cgi?[%- urlquerypart.replace('ctype=rss[&]?','') FILTER xml %]</link> <link>[% Param('urlbase') %]buglist.cgi?[%- urlquerypart.replace('ctype=rss[&]?','') FILTER xml %]</link>
<atom:link href="[% Param('urlbase') %]rss-comments.cgi?[% selfurl FILTER xml %]" rel="self" type="application/rss+xml" /> <atom:link href="[% Param('urlbase') %]rss-comments.cgi?[% urlquerypart FILTER xml %]" rel="self" type="application/rss+xml" />
<description>[% "$terms.Bugzilla:" FILTER xml %][% title FILTER xml %]</description> <description>[% "$terms.Bugzilla:" FILTER xml %][% title FILTER xml %]</description>
<language>en</language> <language>en</language>
<lastBuildDate>[% builddate %]</lastBuildDate> <lastBuildDate>[% builddate %]</lastBuildDate>

10
whine.pl
View File

@ -441,14 +441,10 @@ sub run_queries {
resolution resolution
short_desc short_desc
); );
# A new Bugzilla::CGI object needs to be created to allow
# Bugzilla::Search to execute a saved query. It's exceedingly weird,
# but that's how it works.
my $searchparams = new Bugzilla::CGI($savedquery);
my $search = new Bugzilla::Search( my $search = new Bugzilla::Search(
'fields' => \@searchfields, fields => \@searchfields,
'params' => $searchparams, params => http_decode_query($savedquery),
'user' => $args->{'recipient'}, # the search runs as the recipient user => $args->{recipient}, # the search runs as the recipient
); );
my $sqlquery = $search->getSQL(); my $sqlquery = $search->getSQL();
$sth = $dbh->prepare($sqlquery); $sth = $dbh->prepare($sqlquery);