Closed Bug 180460 Opened 18 years ago Closed 18 years ago

request.cgi doesn't filter list of products/components

Categories

(Bugzilla :: Attachments & Requests, defect, P2)

2.17.1
x86
Linux
defect

Tracking

()

RESOLVED FIXED
Bugzilla 2.18

People

(Reporter: bbaetz, Assigned: bugreport)

References

Details

(Whiteboard: [fixed in 2.17.3])

Attachments

(1 file, 3 obsolete files)

The product list (and the subsequent components) aren't being filtered based on
buggroups.

We probably want a GetEnterableProducts thing which ignores the versioncache and
does a single db query instead - it'd be faster than iterating though the
versioncache list + a db query for each.

request.cgi has the extra 

It may be easier to wait for joel's group stuff to land for this, though, or
create the sub as part of that, and then fix requests.cgi here, or something
along those lines.
OK, fair enough.

I'll include the GetEnterableProducts() in bug 147275 and we'll get this resolved.
Depends on: 147275
Priority: -- → P2
Target Milestone: --- → Bugzilla 2.18
hmm. The (truncated) third paragraph was meant to talk about the extra
components fun; we may want to the grab code from query.cgi, or just do:

SELECT DISTINCT name FROM components WHERE product_id IN (whatever)

(possibly with ORDER BY) which may be more efficient anyway
Blocks: rt-clean-up
Attached patch patch (obsolete) — Splinter Review
This actually rolls most of what normally would have come from versioncache
into a new query in globals.pl

In the future, this query could be extended to replace versioncache altogether.
Attachment #107300 - Flags: review?(bbaetz)
Comment on attachment 107300 [details] [diff] [review]
patch

>Index: globals.pl


>+sub GetEnterableProductHash {
>+    my $query = "SELECT products.name, components.name, versions.value " .
>+                "FROM products " .
>+                "LEFT JOIN components " .
>+                "ON components.product_id = products.id " .
>+                "LEFT JOIN versions " .
>+                "ON versions.product_id = products.id " .
>+                "LEFT JOIN group_control_map " .
>+                "ON group_control_map.product_id = products.id " .
>+                "AND group_control_map.entry != 0 ";
>+    if ((defined @{$::vars->{user}{groupids}}) 
>+        && (@{$::vars->{user}{groupids}} > 0)) {
>+        $query .= "AND group_id NOT IN(" . 
>+                   join(',',@{$::vars->{user}{groupids}}) . ") ";
>+    }
>+    $query .= "WHERE group_id IS NULL " .
>+              "ORDER BY products.name, components.name, versions.value";

Can't you GROUP BY products.name, components.name, versions.value, and that way
avoid the grep below (which you need in case the product has multiple entry
groups)
Attached patch patch v2 (obsolete) — Splinter Review
Removed versions table info since User.pm and Bug.pm will use a better approach
to making versiontable go away.
Attachment #107300 - Attachment is obsolete: true
Attachment #107300 - Flags: review?(bbaetz)
Comment on attachment 107328 [details] [diff] [review]
patch v2

Nedd \Q \E arroudn the grep regexps.

Just use |$_ eq $whatever| = its simpler/easier/etc
Attachment #107328 - Flags: review-
Attached patch patch v3 (obsolete) — Splinter Review
OK....	good point. This is much simpler now.
Attachment #107328 - Attachment is obsolete: true
Attached patch patch v4Splinter Review
I doubt it will get smaller than this.
Attachment #107329 - Attachment is obsolete: true
Comment on attachment 107331 [details] [diff] [review]
patch v4

r=bbaetz
Attachment #107331 - Flags: review+
taking assignment and requesting a=
Assignee: myk → bugreport
Flags: approval?
Flags: approval? → approval+
checked in
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Whiteboard: [fixed in 2.17.3]
Removing security flag...  this was fixed in 2.17.3, which was out a long time ago.
Group: webtools-security
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.