Open
Bug 199516
Opened 21 years ago
Updated 2 years ago
Allow users to specify a component without specifying a product, on request.cgi
Categories
(Bugzilla :: Attachments & Requests, enhancement, P4)
Tracking
()
NEW
People
(Reporter: timeless, Unassigned)
References
()
Details
Attachments
(1 file, 4 obsolete files)
1.78 KB,
patch
|
LpSolit
:
review-
|
Details | Diff | Splinter Review |
problem summary: the component field seems to be ignored unless there's a product field specified. steps to reproduce, load: http://bugzilla.mozilla.org/request.cgi?action=queue&component=Mail+Window+Front+End expected results: http://bugzilla.mozilla.org/request.cgi?action=queue&component=Mail+Window+Front+End&product=MailNews until such a time when some other product gets a component by the same name. actual results: http://bugzilla.mozilla.org/request.cgi
Updated•21 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 2000 → All
Hardware: PC → All
Comment 1•21 years ago
|
||
The code from the CVS tip right now (request.cgi) looks like this: if (product selected) { add restrictions or error if it's not okay. if (component selected) { add restrictions or error if it's not okay. } } So it's normal to expect the behaviour described above. To fix it, we change the last line quoted above into: } elsif (component selected) { # We have a selected component but no product selected if there are 2 components with the same name in different products: error add restrictions or throwCodeError if it's not okay. } The patch has around dozen lines, I tested it and it fixes the problem described. I've also echoed the $query and it looks okay in every case I could think of.
Updated•21 years ago
|
Status: NEW → ASSIGNED
Updated•21 years ago
|
Attachment #127970 -
Flags: review?(kiko)
Comment 3•21 years ago
|
||
Comment on attachment 127970 [details] [diff] [review] Patch for the problem described. Vlad, don't you think that the better solution would be to fix (or provide a fixed alternative) get_component_id() to allow only a component name to be passed in? It would be nice to avoid extra SQL in this code. That way we could avoid the code duplication here (even though it's not too much).
Comment 4•21 years ago
|
||
get_component_id needs to do what it does. This is a special situation, similar to the query page, perhaps a trick similar to what the query page uses would be in order (I think it uses build_subselect())
Updated•21 years ago
|
Attachment #127970 -
Flags: review?(kiko) → review?(myk)
Comment 5•21 years ago
|
||
Comment on attachment 127970 [details] [diff] [review] Patch for the problem described. Works, looks good. r=myk
Attachment #127970 -
Flags: review?(myk) → review+
Comment 6•21 years ago
|
||
Comment on attachment 127970 [details] [diff] [review] Patch for the problem described. Why are we using ThrowCodeError here? ThrowCodeError implies a fatal situation in which we want the user to email the sysadmin to bring it to their attention. This is a situation where the user needs to clarify their text entry, not a situation that needs to be brought to the admin's attention. Please change it to use ThrowUserError. (and that tag will need to be defined in the user-error template).
Attachment #127970 -
Flags: review-
Updated•21 years ago
|
Flags: approval?
Err. there's supposed to be a related bug. why are you requiring me to specify a product? what if i want the queues for bugs from multiple products?
Updated•20 years ago
|
Summary: the component field seems to be ignored unless there's a product field specified → in request.cgi the component field seems to be ignored unless there's a product field specified
Updated•20 years ago
|
Target Milestone: --- → Bugzilla 2.20
Comment 8•20 years ago
|
||
Any action on this?
Comment 9•19 years ago
|
||
This bug has not been touched by its owner in over six months, even though it is targeted to 2.20, for which the freeze is 10 days away. Unsetting the target milestone, on the assumption that nobody is actually working on it or has any plans to soon. If you are the owner, and you plan to work on the bug, please give it a real target milestone. If you are the owner, and you do *not* plan to work on it, please reassign it to nobody@bugzilla.org or a .bugs component owner. If you are *anybody*, and you get this comment, and *you* plan to work on the bug, please reassign it to yourself if you have the ability.
Target Milestone: Bugzilla 2.20 → ---
Updated•19 years ago
|
Assignee: vladd → nobody
Status: ASSIGNED → NEW
Updated•18 years ago
|
QA Contact: mattyt-bugzilla → default-qa
Reporter | ||
Comment 10•16 years ago
|
||
This is more what I had in mind, if it works, can we use it?
Assignee: nobody → timeless
Attachment #127970 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #308514 -
Flags: review?(justdave)
Comment 11•16 years ago
|
||
Comment on attachment 308514 [details] [diff] [review] what i wanted %::FORM no longer exists since Bugzilla 2.20 or 2.22, same for SqlQuote()!!! Didn't we tell you to test your patches first?
Attachment #308514 -
Flags: review?(justdave) → review-
Updated•16 years ago
|
Severity: normal → enhancement
Reporter | ||
Comment 12•16 years ago
|
||
you had plenty of time to fix my bugs
Attachment #308514 -
Attachment is obsolete: true
Attachment #308518 -
Flags: review?(justdave)
Comment 13•16 years ago
|
||
Comment on attachment 308518 [details] [diff] [review] whatever >+ my $component = $dbh->quote($cgi->param('component')); Don't do that. Use placeholders instead.
Reporter | ||
Comment 14•16 years ago
|
||
Attachment #308518 -
Attachment is obsolete: true
Attachment #308534 -
Flags: review?(justdave)
Attachment #308518 -
Flags: review?(justdave)
Comment 15•16 years ago
|
||
Comment on attachment 308534 [details] [diff] [review] placeholders? >+ my $component_ids = $dbh->selectcol_arrayref('SELECT id FROM components ' . >+ 'WHERE name = ?', $cgi->param('component')); The syntax is incorrect and the component value is still tainted. Look at other SQL queries to see how it works.
Attachment #308534 -
Flags: review?(justdave) → review-
Updated•15 years ago
|
Priority: -- → P4
Summary: in request.cgi the component field seems to be ignored unless there's a product field specified → Allow users to specify a component without specifying a product, on request.cgi
Whiteboard: [needs new patch]
Updated•10 years ago
|
Assignee: timeless → attach-and-request
Updated•10 years ago
|
Status: ASSIGNED → NEW
Comment hidden (spam) |
Comment hidden (spam) |
Comment 18•10 years ago
|
||
Attaching to correct bug :)
Assignee: attach-and-request → dkl
Status: NEW → ASSIGNED
Attachment #8363798 -
Flags: review?(LpSolit)
Updated•10 years ago
|
Attachment #308534 -
Attachment is obsolete: true
Comment 19•10 years ago
|
||
Comment on attachment 8363798 [details] [diff] [review] 199516_1.patch >+ my $product; > if (defined $cgi->param('product') && $cgi->param('product') ne "") { >+ $product = Bugzilla::Product->check(scalar $cgi->param('product')); This code calls $cgi->param('product') 3 times. We waste cycles calling CGI.pm. You should write: my $product = $cgi->param('product') // ''; if ($product ne '') { $product = Bugzilla::Product->check($product); >+ if (defined $cgi->param('component') && $cgi->param('component') ne "") { >+ my $component_name = scalar $cgi->param('component'); Same here, $cgi->param('component') is called 3 times too. Instead: my $component = $cgi->param('component') // ''; if ($component ne '') { >+ my @component_objs; >+ foreach my $product (@{$user->get_selectable_products}) { >+ foreach my $component (@{$product->components}) { First of all, you want $user->get_accessible_products, not $user->get_selectable_products. Then it's a huge perf penalty to call each component of each product. This means several thousands of components on some installations. You should rather do a DB query to get the component IDs matching the component name, then call new_from_list(). As all component objects have a ->product method, it's easy to filter accessible components. If you think this code could be useful elsewhere, you could add a new method into Bugzilla::Component, e.g. get_components_by_name() or something like that. >+ push(@component_objs, $component) if $component->name eq $component_name; >+ } >+ } >+ @component_ids = map { $_->id } @component_objs; Simply merge both into a single: push(@component_ids, $component->id) if $component->name eq $component_name; But this code will probably go away with my proposal above.
Attachment #8363798 -
Flags: review?(LpSolit) → review-
Updated•10 years ago
|
Whiteboard: [needs new patch]
Updated•2 years ago
|
Assignee: dkl → attach-and-request
Status: ASSIGNED → NEW
You need to log in
before you can comment on or make changes to this bug.
Description
•