2008-12-15 15:53:33 +03:00
|
|
|
#!/usr/bin/perl -wT
|
|
|
|
# The contents of this file are subject to the Mozilla Public
|
|
|
|
# License Version 1.1 (the "License"); you may not use this file
|
|
|
|
# except in compliance with the License. You may obtain a copy of
|
|
|
|
# the License at http://www.mozilla.org/MPL/
|
|
|
|
#
|
|
|
|
# Software distributed under the License is distributed on an "AS
|
|
|
|
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
|
|
# implied. See the License for the specific language governing
|
|
|
|
# rights and limitations under the License.
|
|
|
|
#
|
|
|
|
# The Original Code is the Bugzilla Bug Tracking System.
|
|
|
|
#
|
|
|
|
# Contributor(s): Terry Weissman <terry@mozilla.org>
|
|
|
|
# Dan Mosedale <dmose@mozilla.org>
|
|
|
|
# Alan Raetz <al_raetz@yahoo.com>
|
|
|
|
# David Miller <justdave@syndicomm.com>
|
|
|
|
# Christopher Aillon <christopher@aillon.com>
|
|
|
|
# Gervase Markham <gerv@gerv.net>
|
|
|
|
# Vlad Dascalu <jocuri@softhome.net>
|
|
|
|
# Shane H. W. Travis <travis@sedsystems.ca>
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
|
|
|
use lib qw(. lib);
|
2009-10-21 21:43:01 +04:00
|
|
|
use URI;
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
use Bugzilla;
|
|
|
|
use Bugzilla::Constants;
|
|
|
|
use Bugzilla::Search;
|
|
|
|
use Bugzilla::Util;
|
|
|
|
use Bugzilla::Error;
|
|
|
|
use Bugzilla::User;
|
|
|
|
use Bugzilla::Token;
|
|
|
|
|
|
|
|
my $template = Bugzilla->template;
|
|
|
|
local our $vars = {};
|
|
|
|
|
|
|
|
###############################################################################
|
2014-10-09 19:34:53 +04:00
|
|
|
# Each panel has two functions - panel Foo has a DoFoo, to get the data
|
|
|
|
# necessary for displaying the panel, and a SaveFoo, to save the panel's
|
|
|
|
# contents from the form data (if appropriate).
|
|
|
|
# SaveFoo may be called before DoFoo.
|
2008-12-15 15:53:33 +03:00
|
|
|
###############################################################################
|
2014-10-09 19:34:53 +04:00
|
|
|
sub DoAccount
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
($vars->{realname}) = $dbh->selectrow_array(
|
|
|
|
"SELECT realname FROM profiles WHERE userid = ?", undef, $user->id
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if (Bugzilla->params->{allowemailchange} &&
|
|
|
|
Bugzilla->user->authorizer->can_change_email)
|
|
|
|
{
|
|
|
|
# First delete old tokens.
|
|
|
|
Bugzilla::Token::CleanTokenTable();
|
2008-12-15 15:53:33 +03:00
|
|
|
my @token = $dbh->selectrow_array(
|
2014-10-09 19:34:53 +04:00
|
|
|
"SELECT tokentype, issuedate + " . $dbh->sql_interval(MAX_TOKEN_AGE, 'DAY') . ", eventdata".
|
|
|
|
" FROM tokens WHERE userid = ? AND tokentype LIKE 'email%'".
|
|
|
|
" ORDER BY tokentype ASC " . $dbh->sql_limit(1), undef, $user->id
|
|
|
|
);
|
|
|
|
if (@token)
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my ($tokentype, $change_date, $eventdata) = @token;
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{login_change_date} = $change_date;
|
|
|
|
if ($tokentype eq 'emailnew')
|
|
|
|
{
|
|
|
|
my ($oldemail,$newemail) = split /:/, $eventdata;
|
|
|
|
$vars->{new_login_name} = $newemail;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
sub SaveAccount
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
my $oldpassword = $ARGS->{old_password};
|
|
|
|
my $pwd1 = $ARGS->{new_password1};
|
|
|
|
my $pwd2 = $ARGS->{new_password2};
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2012-01-13 16:07:50 +04:00
|
|
|
my $old_login_name = $user->login;
|
2014-10-09 19:38:53 +04:00
|
|
|
my $new_login_name = trim($ARGS->{new_login_name});
|
2010-05-15 00:02:34 +04:00
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($user->authorizer->can_change_password && ($oldpassword ne "" || $pwd1 ne "" || $pwd2 ne ""))
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
2010-05-15 00:02:34 +04:00
|
|
|
my $oldcryptedpwd = $user->cryptpassword;
|
2008-12-15 15:53:33 +03:00
|
|
|
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if (bz_crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd)
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
ThrowUserError("old_password_incorrect");
|
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($pwd1 ne "" || $pwd2 ne "")
|
|
|
|
{
|
2010-05-15 00:02:34 +04:00
|
|
|
$pwd1 || ThrowUserError("new_password_missing");
|
2008-12-15 15:53:33 +03:00
|
|
|
validate_password($pwd1, $pwd2);
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($oldpassword ne $pwd1)
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my $cryptedpassword = bz_crypt($pwd1);
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do(
|
|
|
|
"UPDATE profiles SET cryptpassword = ? WHERE userid = ?",
|
|
|
|
undef, $cryptedpassword, $user->id
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
# Invalidate all logins except for the current one
|
|
|
|
Bugzilla->logout(LOGOUT_KEEP_CURRENT);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($user->authorizer->can_change_email && Bugzilla->params->{allowemailchange} && $new_login_name)
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($old_login_name ne $new_login_name)
|
|
|
|
{
|
2010-05-15 00:02:34 +04:00
|
|
|
$oldpassword || ThrowUserError("old_password_required");
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
# Block multiple email changes for the same user.
|
2014-10-09 19:34:53 +04:00
|
|
|
if (Bugzilla::Token::HasEmailChangeToken($user->id))
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
ThrowUserError("email_change_in_progress");
|
|
|
|
}
|
|
|
|
|
|
|
|
# Before changing an email address, confirm one does not exist.
|
|
|
|
validate_email_syntax($new_login_name)
|
2014-10-09 19:34:53 +04:00
|
|
|
|| ThrowUserError('illegal_email_address', { addr => $new_login_name });
|
2008-12-15 15:53:33 +03:00
|
|
|
is_available_username($new_login_name)
|
2014-10-09 19:34:53 +04:00
|
|
|
|| ThrowUserError("account_exists", { email => $new_login_name });
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
Bugzilla::Token::IssueEmailChangeToken($user, $old_login_name, $new_login_name);
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{email_changes_saved} = 1;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
my $realname = trim($ARGS->{realname});
|
2008-12-15 15:53:33 +03:00
|
|
|
trick_taint($realname); # Only used in a placeholder
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do("UPDATE profiles SET realname = ? WHERE userid = ?", undef, $realname, $user->id);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
sub DoSettings
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
|
|
|
my $settings = $user->settings;
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{settings} = $settings;
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2013-12-24 17:25:12 +04:00
|
|
|
my $descs = Bugzilla->messages->{setting_descs};
|
|
|
|
my @setting_list = sort { lc $descs->{$a} cmp lc $descs->{$b} } keys %$settings;
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{setting_names} = \@setting_list;
|
|
|
|
$vars->{has_settings_enabled} = 0;
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
# Is there at least one user setting enabled?
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $setting_name (@setting_list)
|
|
|
|
{
|
|
|
|
if ($settings->{"$setting_name"}->{is_enabled})
|
|
|
|
{
|
|
|
|
$vars->{has_settings_enabled} = 1;
|
2008-12-15 15:53:33 +03:00
|
|
|
last;
|
|
|
|
}
|
|
|
|
}
|
2014-10-09 19:34:53 +04:00
|
|
|
|
|
|
|
$vars->{dont_show_button} = !$vars->{has_settings_enabled};
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
sub SaveSettings
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
|
|
|
my $settings = $user->settings;
|
|
|
|
my @setting_list = keys %$settings;
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $name (@setting_list)
|
|
|
|
{
|
|
|
|
next if !$settings->{$name}->{is_enabled};
|
2014-10-09 19:38:53 +04:00
|
|
|
my $value = $ARGS->{$name};
|
2009-07-29 15:21:49 +04:00
|
|
|
next unless defined $value;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $setting = new Bugzilla::User::Setting($name);
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($value eq "${name}-isdefault")
|
|
|
|
{
|
|
|
|
if (!$settings->{$name}->{is_default})
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
$settings->{$name}->reset_to_default;
|
|
|
|
}
|
|
|
|
}
|
2014-10-09 19:34:53 +04:00
|
|
|
else
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
$setting->validate_value($value);
|
|
|
|
$settings->{$name}->set($value);
|
|
|
|
}
|
|
|
|
}
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{settings} = $user->settings(1);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2009-01-12 17:32:15 +03:00
|
|
|
sub DoEmail
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
|
|
|
my $user = Bugzilla->user;
|
2010-11-17 16:41:00 +03:00
|
|
|
|
2008-12-15 15:53:33 +03:00
|
|
|
###########################################################################
|
|
|
|
# User watching
|
|
|
|
###########################################################################
|
2009-07-29 15:21:49 +04:00
|
|
|
my $userid = $user->id;
|
|
|
|
# WatcheD and WatcherR ID's together
|
|
|
|
my $wdwr_ids = $dbh->selectall_arrayref(
|
|
|
|
"SELECT watched, watcher FROM watch WHERE watcher=? OR watched=?",
|
|
|
|
undef, $userid, $userid
|
|
|
|
) || [];
|
|
|
|
$vars->{watchedusers} = [];
|
|
|
|
$vars->{watchers} = [];
|
|
|
|
foreach (@$wdwr_ids)
|
2009-01-12 17:32:15 +03:00
|
|
|
{
|
2009-07-29 15:21:49 +04:00
|
|
|
if ($_->[1] eq $userid)
|
2009-01-12 17:32:15 +03:00
|
|
|
{
|
2009-07-29 15:21:49 +04:00
|
|
|
push @{$vars->{watchedusers}}, Bugzilla::User->new($_->[0]);
|
2011-08-26 18:40:49 +04:00
|
|
|
}
|
2009-07-29 15:21:49 +04:00
|
|
|
else
|
|
|
|
{
|
|
|
|
push @{$vars->{watchers}}, Bugzilla::User->new($_->[1]);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
2009-07-29 15:21:49 +04:00
|
|
|
$vars->{watchedusers} = [ sort { $a->identity cmp $b->identity } @{$vars->{watchedusers}} ];
|
|
|
|
$vars->{watchers} = [ sort { $a->identity cmp $b->identity } @{$vars->{watchers}} ];
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
###########################################################################
|
|
|
|
# Role-based preferences
|
|
|
|
###########################################################################
|
2009-01-12 17:32:15 +03:00
|
|
|
my $sth = $dbh->prepare(
|
|
|
|
"SELECT relationship, event FROM email_setting WHERE user_id = ?"
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
$sth->execute($user->id);
|
|
|
|
|
|
|
|
my %mail;
|
2014-10-09 19:34:53 +04:00
|
|
|
while (my ($relationship, $event) = $sth->fetchrow_array())
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
$mail{$relationship}{$event} = 1;
|
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{mail} = \%mail;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
sub SaveEmail
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
2010-05-15 00:02:34 +04:00
|
|
|
Bugzilla::User::match_field({ 'new_watchedusers' => {'type' => 'multi'} });
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
###########################################################################
|
|
|
|
# Role-based preferences
|
|
|
|
###########################################################################
|
|
|
|
$dbh->bz_start_transaction();
|
|
|
|
|
|
|
|
# Delete all the user's current preferences
|
|
|
|
$dbh->do("DELETE FROM email_setting WHERE user_id = ?", undef, $user->id);
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
# Repopulate the table - first, with normal events in the
|
2008-12-15 15:53:33 +03:00
|
|
|
# relationship/event matrix.
|
2014-10-09 19:34:53 +04:00
|
|
|
# Note: the database holds only "off" email preferences, as can be implied
|
2008-12-15 15:53:33 +03:00
|
|
|
# from the name of the table - profiles_nomail.
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $rel (RELATIONSHIPS)
|
|
|
|
{
|
2008-12-15 15:53:33 +03:00
|
|
|
# Positive events: a ticked box means "send me mail."
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $event (POS_EVENTS)
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
if ($ARGS->{"email-$rel-$event"})
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do(
|
|
|
|
"INSERT INTO email_setting (user_id, relationship, event) VALUES (?, ?, ?)",
|
|
|
|
undef, $user->id, $rel, $event
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
# Negative events: a ticked box means "don't send me mail."
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $event (NEG_EVENTS)
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
if (!$ARGS->{"neg-email-$rel-$event"})
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do(
|
|
|
|
"INSERT INTO email_setting (user_id, relationship, event) VALUES (?, ?, ?)",
|
|
|
|
undef, $user->id, $rel, $event
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# Global positive events: a ticked box means "send me mail."
|
2014-10-09 19:34:53 +04:00
|
|
|
foreach my $event (GLOBAL_EVENTS)
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
if ($ARGS->{"email-".REL_ANY."-$event"})
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do(
|
|
|
|
"INSERT INTO email_setting (user_id, relationship, event) VALUES (?, ?, ?)",
|
|
|
|
undef, $user->id, REL_ANY, $event
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$dbh->bz_commit_transaction();
|
|
|
|
|
|
|
|
###########################################################################
|
|
|
|
# User watching
|
|
|
|
###########################################################################
|
2014-10-09 19:38:53 +04:00
|
|
|
if ($ARGS->{new_watchedusers} || $ARGS->{remove_watched_users} ||
|
|
|
|
$ARGS->{new_watchers} || $ARGS->{remove_watchers})
|
2008-12-15 15:53:33 +03:00
|
|
|
{
|
|
|
|
$dbh->bz_start_transaction();
|
|
|
|
|
2009-01-12 17:32:15 +03:00
|
|
|
my $userid = $user->id;
|
|
|
|
my $add_wdwr = [];
|
|
|
|
my $del_wdwr = [];
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2009-01-12 17:32:15 +03:00
|
|
|
# New watched users
|
|
|
|
push @$add_wdwr,
|
|
|
|
map { [ login_to_id(trim($_), THROW_ERROR), $userid ] }
|
|
|
|
split /[,\s]+/,
|
2014-10-09 19:38:53 +04:00
|
|
|
join(',', $ARGS->{new_watchedusers}) || '';
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2009-01-12 17:32:15 +03:00
|
|
|
# New watchers
|
|
|
|
push @$add_wdwr,
|
|
|
|
map { [ $userid, login_to_id(trim($_), THROW_ERROR) ] }
|
|
|
|
split /[,\s]+/,
|
2014-10-09 19:38:53 +04:00
|
|
|
join(',', $ARGS->{new_watchers}) || '';
|
2009-01-12 17:32:15 +03:00
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
if ($ARGS->{remove_watched_users})
|
2009-01-12 17:32:15 +03:00
|
|
|
{
|
|
|
|
# User wants to remove selected watched users
|
|
|
|
push @$del_wdwr,
|
|
|
|
map { [ login_to_id(trim($_), THROW_ERROR), $userid ] }
|
2014-10-09 19:38:53 +04:00
|
|
|
$ARGS->{watched_by_you};
|
2014-10-09 19:34:53 +04:00
|
|
|
}
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
if ($ARGS->{remove_watchers})
|
2009-01-12 17:32:15 +03:00
|
|
|
{
|
|
|
|
# User wants to remove selected watchers
|
|
|
|
push @$del_wdwr,
|
|
|
|
map { [ $userid, login_to_id(trim($_), THROW_ERROR) ] }
|
2014-10-09 19:38:53 +04:00
|
|
|
$ARGS->{watchers};
|
2014-10-09 19:34:53 +04:00
|
|
|
}
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2009-01-12 17:32:15 +03:00
|
|
|
if (@$add_wdwr)
|
|
|
|
{
|
|
|
|
# Add new watchers / watched users
|
|
|
|
$dbh->do(
|
|
|
|
"REPLACE INTO watch (watched, watcher) VALUES " .
|
|
|
|
(join ",", ("(?,?)") x scalar @$add_wdwr),
|
|
|
|
undef, map { @$_ } @$add_wdwr
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (@$del_wdwr)
|
|
|
|
{
|
|
|
|
# Delete watchers / watched users
|
|
|
|
$dbh->do(
|
|
|
|
"DELETE FROM watch WHERE (watched, watcher) IN (" .
|
|
|
|
(join ",", ("(?,?)") x scalar @$del_wdwr) . ")",
|
|
|
|
undef, map { @$_ } @$del_wdwr
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
$dbh->bz_commit_transaction();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-01-20 16:34:27 +03:00
|
|
|
sub DoPermissions
|
|
|
|
{
|
2014-08-12 18:01:05 +04:00
|
|
|
$vars->{all_groups} = [ Bugzilla::Group->get_all ];
|
2014-08-12 19:07:24 +04:00
|
|
|
$vars->{pergroup} = Bugzilla::Group->get_per_group_permissions;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
# No SavePermissions() because this panel has no changeable fields.
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
sub DoSavedSearches
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
|
|
|
my $user = Bugzilla->user;
|
2009-10-21 21:43:01 +04:00
|
|
|
# CustIS Bug 53697 - Bookmarks
|
2014-10-09 19:38:53 +04:00
|
|
|
if ((my $name = trim($ARGS->{addbookmarkname})) &&
|
|
|
|
(my $url = $ARGS->{addbookmarkurl}))
|
2009-10-21 21:43:01 +04:00
|
|
|
{
|
|
|
|
trick_taint($name);
|
|
|
|
trick_taint($url);
|
|
|
|
eval { $url = URI->new($url)->canonical->as_string; };
|
|
|
|
ThrowCodeError("invalid_url", { url => $url }) if $@;
|
2014-10-09 19:34:53 +04:00
|
|
|
$dbh->do(
|
|
|
|
'INSERT INTO namedqueries (userid, name, query) VALUES (?, ?, ?)',
|
|
|
|
undef, $user->id, $name, $url
|
|
|
|
);
|
2009-10-21 21:43:01 +04:00
|
|
|
$dbh->commit;
|
|
|
|
}
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($user->queryshare_groups_as_string)
|
|
|
|
{
|
|
|
|
$vars->{queryshare_groups} = Bugzilla::Group->new_from_list($user->queryshare_groups);
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{bless_group_ids} = [ map { $_->id } @{$user->bless_groups} ];
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2010-11-17 16:41:00 +03:00
|
|
|
sub SaveSavedSearches
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
my $dbh = Bugzilla->dbh;
|
|
|
|
my $user = Bugzilla->user;
|
|
|
|
|
|
|
|
# We'll need this in a loop, so do the call once.
|
|
|
|
my $user_id = $user->id;
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
my $sth_insert_ngm = $dbh->prepare(
|
|
|
|
'INSERT INTO namedquery_group_map (namedquery_id, group_id) VALUES (?, ?)'
|
|
|
|
);
|
|
|
|
my $sth_update_ngm = $dbh->prepare(
|
|
|
|
'UPDATE namedquery_group_map SET group_id = ? WHERE namedquery_id = ?'
|
|
|
|
);
|
|
|
|
my $sth_delete_ngm = $dbh->prepare(
|
|
|
|
'DELETE FROM namedquery_group_map WHERE namedquery_id = ?'
|
|
|
|
);
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-07-28 12:57:30 +04:00
|
|
|
# FIXME do batch updates
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
# For user's own queries, update namedquery_group_map.
|
2010-11-17 16:41:00 +03:00
|
|
|
my $group;
|
|
|
|
foreach my $q (@{$user->queries})
|
|
|
|
{
|
|
|
|
if ($user->in_group(Bugzilla->params->{querysharegroup}))
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
$group = $ARGS->{"share_".$q->id};
|
2010-11-17 16:41:00 +03:00
|
|
|
$group = $group ? Bugzilla::Group->check({ id => $group }) : undef;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
2014-10-09 19:38:53 +04:00
|
|
|
$q->set_shared_with_group($group, $ARGS->{'force_'.$q->id});
|
2010-11-17 16:41:00 +03:00
|
|
|
}
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2010-11-17 16:41:00 +03:00
|
|
|
# Update namedqueries_link_in_footer for this user.
|
|
|
|
foreach my $q (@{$user->queries}, @{$user->queries_available})
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
$q->set_link_in_footer($ARGS->{"link_in_footer_".$q->id});
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
$user->flush_queries_cache;
|
2010-11-17 16:41:00 +03:00
|
|
|
|
2008-12-15 15:53:33 +03:00
|
|
|
# Update profiles.mybugslink.
|
2014-10-09 19:38:53 +04:00
|
|
|
my $showmybugslink = defined($ARGS->{showmybugslink}) ? 1 : 0;
|
2010-11-17 16:41:00 +03:00
|
|
|
$dbh->do("UPDATE profiles SET mybugslink = ? WHERE userid = ?", undef, $showmybugslink, $user->id);
|
|
|
|
$user->{showmybugslink} = $showmybugslink;
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
# Live code (not subroutine definitions) starts here
|
|
|
|
###############################################################################
|
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
my $ARGS = Bugzilla->input_params;
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2010-05-15 00:02:34 +04:00
|
|
|
# Delete credentials before logging in in case we are in a sudo session.
|
2014-10-09 19:38:53 +04:00
|
|
|
if (Bugzilla->cookies->{sudo})
|
|
|
|
{
|
|
|
|
delete $ARGS->{Bugzilla_login};
|
|
|
|
delete $ARGS->{Bugzilla_password};
|
|
|
|
}
|
|
|
|
delete $ARGS->{GoAheadAndLogIn};
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2010-05-15 00:02:34 +04:00
|
|
|
# First try to get credentials from cookies.
|
|
|
|
Bugzilla->login(LOGIN_OPTIONAL);
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if (!Bugzilla->user->id)
|
|
|
|
{
|
2010-05-15 00:02:34 +04:00
|
|
|
# Use credentials given in the form if login cookies are not available.
|
2014-10-09 19:38:53 +04:00
|
|
|
$ARGS->{Bugzilla_login} = $ARGS->{old_login};
|
|
|
|
$ARGS->{Bugzilla_password} = $ARGS->{old_password};
|
2010-05-15 00:02:34 +04:00
|
|
|
}
|
2008-12-15 15:53:33 +03:00
|
|
|
Bugzilla->login(LOGIN_REQUIRED);
|
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
$vars->{changes_saved} = $ARGS->{dosave};
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
my $current_tab_name = $ARGS->{tab} || "settings";
|
2008-12-15 15:53:33 +03:00
|
|
|
|
|
|
|
# The SWITCH below makes sure that this is valid
|
|
|
|
trick_taint($current_tab_name);
|
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
$vars->{current_tab_name} = $current_tab_name;
|
2008-12-15 15:53:33 +03:00
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
my $token = $ARGS->{token};
|
|
|
|
check_token_data($token, 'edit_user_prefs') if $ARGS->{dosave};
|
2009-02-09 18:57:34 +03:00
|
|
|
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($current_tab_name eq 'account')
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
SaveAccount() if $ARGS->{dosave};
|
2014-10-09 19:34:53 +04:00
|
|
|
DoAccount();
|
|
|
|
}
|
|
|
|
elsif ($current_tab_name eq 'settings')
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
SaveSettings() if $ARGS->{dosave};
|
2014-10-09 19:34:53 +04:00
|
|
|
DoSettings();
|
|
|
|
}
|
|
|
|
elsif ($current_tab_name eq 'email')
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
SaveEmail() if $ARGS->{dosave};
|
2014-10-09 19:34:53 +04:00
|
|
|
DoEmail();
|
|
|
|
}
|
|
|
|
elsif ($current_tab_name eq 'permissions')
|
|
|
|
{
|
|
|
|
DoPermissions();
|
|
|
|
}
|
|
|
|
elsif ($current_tab_name eq 'saved-searches')
|
|
|
|
{
|
2014-10-09 19:38:53 +04:00
|
|
|
SaveSavedSearches() if $ARGS->{dosave};
|
2014-10-09 19:34:53 +04:00
|
|
|
DoSavedSearches();
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
ThrowUserError("unknown_tab", { current_tab_name => $current_tab_name });
|
2008-12-15 15:53:33 +03:00
|
|
|
}
|
|
|
|
|
2014-10-09 19:38:53 +04:00
|
|
|
delete_token($token) if $ARGS->{dosave};
|
2014-10-09 19:34:53 +04:00
|
|
|
if ($current_tab_name ne 'permissions')
|
|
|
|
{
|
|
|
|
$vars->{token} = issue_session_token('edit_user_prefs');
|
2009-02-09 18:57:34 +03:00
|
|
|
}
|
|
|
|
|
2008-12-15 15:53:33 +03:00
|
|
|
# Generate and return the UI (HTML page) from the appropriate template.
|
|
|
|
$template->process("account/prefs/prefs.html.tmpl", $vars)
|
2011-10-28 21:01:59 +04:00
|
|
|
|| ThrowTemplateError($template->error());
|
|
|
|
exit;
|