Attachment 317227 Details for Bug 427914 – Patch to add bugzilla.addAttachment functionality to bz 3.2 (v1)

[patch] Patch to add bugzilla.addAttachment functionality to bz 3.2 (v1)

addAttachment.patch (text/plain), 10.90 KB, created by David Lawrence on 2008-09-19 19:13:30 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: David Lawrence

Created: 2008-09-19 19:13:30 UTC

Size: 10.90 KB

patch

obsolete

>Index: extensions/compat_xmlrpc/code/webservice.pl
>===================================================================
>RCS file: /cvs/qa/rh_bugzilla_3/extensions/compat_xmlrpc/code/webservice.pl,v
>retrieving revision 1.55
>diff -u -r1.55 webservice.pl
>--- extensions/compat_xmlrpc/code/webservice.pl	11 Sep 2008 19:58:30 -0000	1.55
>+++ extensions/compat_xmlrpc/code/webservice.pl	19 Sep 2008 19:11:14 -0000
>@@ -110,9 +110,28 @@
> use Bugzilla::Search;
> use Bugzilla::Search::Quicksearch;
> 
>+# HACK: Login with $username and $password
>+sub xmlrpc_client_login {
>+    my ( $username, $password, $type ) = @_;
>+    my $cgi = Bugzilla->cgi;
>+
>+    # Already logged in?
>+    return 1 if Bugzilla->user->id;
>+
>+    # HACK: We need to do this otherwise CGI always treats as POST
>+    delete $ENV{CONTENT_TYPE};
>+
>+    if ( $username and $password ) {
>+        $cgi->param('Bugzilla_login', $username);
>+        $cgi->param('Bugzilla_password', $password);
>+    }
>+
>+    Bugzilla->login($type);        
>+}
>+
> =head1 NAME
> 
>-Bugzilla::RPC::Bug - XMLRPC Methods for obtaining and setting Bugzilla report attributes. 
>+extensions::compat_xmlrpc::code::webservice.pl - XMLRPC Methods for obtaining and setting Bugzilla report attributes. 
> 
> =head1 SYNOPSIS
> 
>@@ -166,25 +185,6 @@
> 
> =cut
> 
>-# HACK: Login with $username and $password
>-sub xmlrpc_client_login {
>-    my ( $username, $password, $type ) = @_;
>-    my $cgi = Bugzilla->cgi;
>-
>-    # Already logged in?
>-    return 1 if Bugzilla->user->id;
>-
>-    # HACK: We need to do this otherwise CGI always treats as POST
>-    delete $ENV{CONTENT_TYPE};
>-
>-    if ( $username and $password ) {
>-        $cgi->param('Bugzilla_login', $username);
>-        $cgi->param('Bugzilla_password', $password);
>-    }
>-
>-    Bugzilla->login($type);        
>-}
>-
> # Return simple meta information about a bug report
> sub getBugSimple {
>     my ( $self, $id, $username, $password ) = @_;
>@@ -3291,6 +3291,236 @@
>     return Bugzilla::ReleaseComponents::get( { release => $flag } );
> }
> 
>+=item C<addAttachment($bugid, $data, $username, $password)>
>+ 
>+Add an attachment to the requested bug report using the bug id that was passed in 
>+to the function as the first parameter and the attachment details passed in a data hash
>+as the second parameter. Below is a list of the most common keys that can be used for the
>+second hash parameter.
>+
>+Example:
>+    
>+    $data = {
>+        comment => "<Attachment Comment>",
>+            # OPTIONAL Text string containing comment to add.
>+        description => "<Attachment Description>",
>+            # REQUIRED Text Description of the attachment.
>+        isprivate => <Private Attachment ON/OFF 1/0>,  
>+            # OPTIONAL Whether the Attachment will be private
>+            # Default: false
>+        filename => "<Attachment Filename>",
>+            # REQUIRED The name of the file to attach to 
>+            # the bug report.
>+        obsoletes => [List of attach_id's to obsolete],
>+            # OPTIONAL List if attachment ids that are obsoleted by this new attachment.
>+        ispatch => <Patch Attachment True/False 1/0>,    
>+            # OPTIONAL Whether the attachment is a Patch
>+            # or not, if not provided the it will be 
>+            # considered NON Patch attachment.
>+        contenttype => "<Attachment Content Type>",
>+            # OPTIONAL If the attachment is patch 
>+            # REQUIRED If the attachment is not a patch
>+            # If the attachment is patch then contenttype 
>+            # will always be text/plain 
>+        data => "<Encoded String of the Attachment Data>",
>+            # REQUIRED It is a base64 encoded string of the actual attachment data.
>+        nomail => 0,
>+            # OPTIONAL Flag that is either 1 or 0 if you want email to be send ot not for this change
>+
>+    };
>+
>+
>+Returns an array containing the id of the newly generated attachment and a list
>+of login names that has been sent a notification email about the new attachment.
>+    
>+=cut
>+
>+# Add attachment to existing bug report
>+sub addAttachment {
>+    my ($self, $bug_id, $data, $username, $password) = @_;
>+    my $dbh  = Bugzilla->dbh;
>+    my $user = Bugzilla->user;
>+
>+    # Try to login if $username and $password provided.
>+    xmlrpc_client_login($username, $password, LOGIN_REQUIRED);
>+    
>+    $bug_id || ThrowCodeError('param_required', { param => 'bug_id' });
>+
>+    $logger->debug("Starting: $bug_id, $username");
>+
>+    $dbh->bz_start_transaction;
>+
>+    ValidateBugID($bug_id);
>+    my $bug = Bugzilla::Bug->new($bug_id);
>+    ThrowCodeError("bug_error", { bug => $bug }) if $bug->error;
>+
>+    my ($timestamp) = Bugzilla->dbh->selectrow_array("SELECT NOW()");
>+
>+    # Validate if can change bug
>+    my ($productid) = $dbh->selectrow_array(
>+        "SELECT product_id
>+         FROM bugs 
>+         WHERE bug_id = ?", undef, $bug_id);
>+    $user->can_edit_product($productid)
>+        || ThrowUserError("illegal_attachment_edit_bug",
>+                          { bug_id => $bug_id });
>+
>+    # Set the ispatch flag to zero if it is undefined
>+    my $ispatch = $data->{'ispatch'} ? 1 : 0;
>+    
>+    # validates the description passed in
>+    $data->{'description'} || ThrowUserError("missing_attachment_description");
>+    my $description = $data->{'description'};
>+
>+    $data->{'filename'} || ThrowUserError("file_not_specified");
>+    my $filename = $data->{'filename'};
>+
>+    # Remove path info (if any) from the file name.
>+    $filename =~ s/^.*[\/\\]//;
>+
>+    # Truncate the filename to 100 characters, counting from the end of the
>+    # string to make sure we keep the filename extension.
>+    $filename = substr($filename, -100, 100);
>+
>+    # Set the content type to text/plain if the attachment is a patch.
>+    my $contenttype = $ispatch ? "text/plain" : $data->{'contenttype'};
>+    $contenttype || ThrowUserError("missing_content_type");
>+
>+    # Validate the data itself
>+    use MIME::Base64;
>+    my $thedata = decode_base64($data->{'data'});
>+    
>+    my $maxsize 
>+        = $data->{'ispatch'} ? Bugzilla->params->{'maxpatchsize'} : Bugzilla->params->{'maxattachmentsize'};
>+    $maxsize *= 1024; # Convert from K
>+    
>+    if (!$thedata) {
>+        ThrowUserError("zero_length_file");
>+    }
>+    
>+    # Make sure the attachment does not exceed the maximum permitted size
>+    my $len = length($thedata);
>+    
>+    if ($maxsize && $len > $maxsize) {
>+        my $vars = { filesize => sprintf("%.0f", $len/1024) };
>+        if ($ispatch) {
>+            ThrowUserError("patch_too_large", $vars);
>+        } 
>+        else {
>+            ThrowUserError("file_too_large", $vars);
>+        }
>+    }
>+
>+    # These are inserted using placeholders so no need to panic
>+    trick_taint($filename);
>+    trick_taint($contenttype);
>+    trick_taint($description);
>+
>+    # Check attachments the user tries to mark as obsolete.
>+    my @obsolete_attachments;
>+    if ($data->{'obsoletes'} && ref($data->{'obsoletes'}) =~ /ARRAY/) {
>+        foreach my $attachid (@{$data->{'obsoletes'}}) {
>+            my $vars = {};
>+            $vars->{'attach_id'} = $attachid;
>+    
>+            detaint_natural($attachid)
>+                || ThrowCodeError('invalid_attach_id_to_obsolete', $vars);
>+    
>+            my $attachment = Bugzilla::Attachment->get($attachid);
>+    
>+            # Make sure the attachment exists in the database.
>+            ThrowUserError('invalid_attach_id', $vars) unless $attachment;
>+        
>+            # Check that the user can view and edit this attachment.
>+            $attachment->validate_can_edit($bug->product_id);
>+        
>+            $vars->{'description'} = $attachment->description;
>+        
>+            if ($attachment->bug_id != $bug->bug_id) {
>+                $vars->{'my_bug_id'} = $bug->bug_id;
>+                $vars->{'attach_bug_id'} = $attachment->bug_id;
>+                ThrowCodeError('mismatched_bug_ids_on_obsolete', $vars);
>+            }
>+
>+            if ($attachment->isobsolete) {
>+                ThrowCodeError('attachment_already_obsolete', $vars);
>+            }
>+
>+            push(@obsolete_attachments, $attachment);
>+        }
>+    }
>+
>+    my $isprivate = $data->{'isprivate'} ? 1 : 0;
>+
>+    # Insert the attachment into the database.
>+    my $sth = $dbh->do(
>+        "INSERT INTO attachments
>+            (bug_id, creation_ts, modification_time, filename, description,
>+             mimetype, ispatch, isurl, isprivate, submitter_id)
>+         VALUES (?,?,?,?,?,?,?,?,?,?)", undef, ($bug->bug_id, $timestamp, $timestamp,
>+              $filename, $description, $contenttype, $ispatch,
>+              0, $isprivate, $user->id));
>+    # Retrieve the ID of the newly created attachment record.
>+    my $attachid = $dbh->bz_last_key('attachments', 'attach_id');
>+
>+    # We only use $data here in this INSERT with a placeholder,
>+    # so it's safe.
>+    $sth = $dbh->prepare("INSERT INTO attach_data
>+                         (id, thedata) VALUES ($attachid, ?)");
>+    trick_taint($thedata);
>+    $sth->bind_param(1, $thedata, $dbh->BLOB_TYPE);
>+    $sth->execute();
>+
>+    # Make existing attachments obsolete.
>+    my $fieldid = get_field_id('attachments.isobsolete');
>+
>+    foreach my $obsolete_attachment (@obsolete_attachments) {
>+        # If the obsolete attachment has request flags, cancel them.
>+        # This call must be done before updating the 'attachments' table.
>+        Bugzilla::Flag->CancelRequests($bug, $obsolete_attachment, $timestamp);
>+
>+        $dbh->do('UPDATE attachments SET isobsolete = 1, modification_time = ?
>+                  WHERE attach_id = ?',
>+                  undef, ($timestamp, $obsolete_attachment->id));
>+        
>+        $dbh->do('INSERT INTO bugs_activity (bug_id, attach_id, who, bug_when,
>+                                             fieldid, removed, added)
>+                       VALUES (?,?,?,?,?,?,?)',
>+                  undef, ($bug->bug_id, $obsolete_attachment->id, $user->id,
>+                          $timestamp, $fieldid, 0, 1));
>+    }
>+
>+    # Insert a comment about the new attachment into the database.
>+    my $comment = "Created an attachment (id=" . $attachid . ")\n" .
>+                  $description . "\n";
>+    $comment .= "\n" . $data->{'comment'} if defined $data->{'comment'};
>+    
>+    $bug->add_comment($comment, { isprivate => $isprivate });
>+   
>+    # Save any changed to the bug
>+    $bug->update($timestamp);
>+
>+    $dbh->bz_commit_transaction;
>+
>+    # send mail about changes
>+    my $recipients = { cc       => $bug->cc,
>+                       owner    => $bug->assigned_to->login,
>+                       reporter => $bug->reporter->login,
>+                       changer  => Bugzilla->user->login };
>+
>+    $recipients->{'qacontact'} = $bug->qa_contact->login
>+        if $bug->qa_contact;
>+
>+    $data->{'nomail'} ||= 0;
>+
>+    my $mailresults = {};
>+    if (!$data->{'nomail'}) {
>+        $mailresults = Bugzilla::BugMail::Send($bug->bug_id, $recipients);
>+    }
>+
>+    return [$attachid, $mailresults];
>+}
>+
> # helper sub to turn a product name into an id, checking that it exists
> # and is accessible to the current user.
> #sub _product_to_id {

Flags:

nelhawar: review+

Actions: View | Diff

Attachments on bug 427914: 317227