diff options
Diffstat (limited to 'describecomponents.cgi')
-rwxr-xr-x | describecomponents.cgi | 67 |
1 files changed, 22 insertions, 45 deletions
diff --git a/describecomponents.cgi b/describecomponents.cgi index c00f39bed..87a1eed32 100755 --- a/describecomponents.cgi +++ b/describecomponents.cgi @@ -20,6 +20,7 @@ # # Contributor(s): Terry Weissman <terry@mozilla.org> # Bradley Baetz <bbaetz@student.usyd.edu.au> +# Frédéric Buclin <LpSolit@gmail.com> use strict; use lib qw(.); @@ -27,83 +28,59 @@ use lib qw(.); use Bugzilla; use Bugzilla::Constants; require "globals.pl"; - -use vars qw(@legal_product); +use Bugzilla::Product; my $user = Bugzilla->login(); -GetVersionTable(); - my $cgi = Bugzilla->cgi; my $dbh = Bugzilla->dbh; my $template = Bugzilla->template; my $vars = {}; -my $product = trim($cgi->param('product') || ''); -my $product_id = get_product_id($product); -if (!$product_id || !$user->can_enter_product($product)) { +print $cgi->header(); + +my $product_name = trim($cgi->param('product') || ''); +my $product = new Bugzilla::Product({'name' => $product_name}); + +unless ($product && $user->can_enter_product($product->name)) { # Products which the user is allowed to see. - my @products = @{$user->get_enterable_products()}; + my @products = @{$user->get_enterable_products}; if (scalar(@products) == 0) { ThrowUserError("no_products"); } - elsif (scalar(@products) > 1) { - # XXX - For backwards-compatibility with old template - # interfaces, we now create a proddesc hash. This can go away - # once we update the templates. - my %product_desc; - foreach my $product (@products) { - $product_desc{$product->name} = $product->description; - } - $vars->{'proddesc'} = \%product_desc; + # If there is only one product available but the user entered + # another product name, we display a list with this single + # product only, to not confuse the user with components of a + # product he didn't request. + elsif (scalar(@products) > 1 || $product_name) { + $vars->{'products'} = \@products; $vars->{'target'} = "describecomponents.cgi"; # If an invalid product name is given, or the user is not # allowed to access that product, a message is displayed # with a list of the products the user can choose from. - if ($product) { + if ($product_name) { $vars->{'message'} = "product_invalid"; - $vars->{'product'} = $product; + # Do not use $product->name here, else you could use + # this way to determine whether the product exists or not. + $vars->{'product'} = $product_name; } - print $cgi->header(); $template->process("global/choose-product.html.tmpl", $vars) || ThrowTemplateError($template->error()); exit; } - # Else, if there is only one product: - $product = $products[0]->name; - $product_id = $products[0]->id; + # If there is only one product available and the user didn't specify + # any product name, we show this product. + $product = $products[0]; } ###################################################################### # End Data/Security Validation ###################################################################### -my @components; -my $comps = $dbh->selectall_arrayref( - q{SELECT name, initialowner, initialqacontact, description - FROM components - WHERE product_id = ? - ORDER BY name}, undef, $product_id); -foreach my $comp (@$comps) { - my ($name, $initialowner, $initialqacontact, $description) = @$comp; - my %component; - - $component{'name'} = $name; - $component{'initialowner'} = $initialowner ? - DBID_to_name($initialowner) : ''; - $component{'initialqacontact'} = $initialqacontact ? - DBID_to_name($initialqacontact) : ''; - $component{'description'} = $description; - - push @components, \%component; -} - $vars->{'product'} = $product; -$vars->{'components'} = \@components; -print $cgi->header(); $template->process("reports/components.html.tmpl", $vars) || ThrowTemplateError($template->error()); |