343 lines
11 KiB
Perl
Executable File
343 lines
11 KiB
Perl
Executable File
#!/usr/bin/perl -T
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
#
|
|
# This Source Code Form is "Incompatible With Secondary Licenses", as
|
|
# defined by the Mozilla Public License, v. 2.0.
|
|
|
|
use 5.10.1;
|
|
use strict;
|
|
use warnings;
|
|
|
|
use lib qw(. lib);
|
|
|
|
use File::Temp;
|
|
|
|
use Bugzilla;
|
|
use Bugzilla::Constants;
|
|
use Bugzilla::Install::Filesystem;
|
|
use Bugzilla::Util;
|
|
use Bugzilla::Error;
|
|
use Bugzilla::Bug;
|
|
use Bugzilla::Status;
|
|
|
|
my $user = Bugzilla->login();
|
|
|
|
my $cgi = Bugzilla->cgi;
|
|
my $template = Bugzilla->template;
|
|
my $vars = {};
|
|
# Connect to the shadow database if this installation is using one to improve
|
|
# performance.
|
|
my $dbh = Bugzilla->switch_to_shadow_db();
|
|
|
|
our (%seen, %edgesdone, %bugtitles);
|
|
our $bug_count = 0;
|
|
|
|
# CreateImagemap: This sub grabs a local filename as a parameter, reads the
|
|
# dot-generated image map datafile residing in that file and turns it into
|
|
# an HTML map element. THIS SUB IS ONLY USED FOR LOCAL DOT INSTALLATIONS.
|
|
# The map datafile won't necessarily contain the bug summaries, so we'll
|
|
# pull possible HTML titles from the %bugtitles hash (filled elsewhere
|
|
# in the code)
|
|
|
|
# The dot mapdata lines have the following format (\nsummary is optional):
|
|
# rectangle (LEFTX,TOPY) (RIGHTX,BOTTOMY) URLBASE/show_bug.cgi?id=BUGNUM BUGNUM[\nSUMMARY]
|
|
|
|
sub CreateImagemap {
|
|
my $mapfilename = shift;
|
|
my $map = "<map name=\"imagemap\">\n";
|
|
my $default = "";
|
|
|
|
open MAP, "<", $mapfilename;
|
|
while(my $line = <MAP>) {
|
|
if($line =~ /^default ([^ ]*)(.*)$/) {
|
|
$default = qq{<area alt="" shape="default" href="$1">\n};
|
|
}
|
|
|
|
if ($line =~ /^rectangle \((\d+),(\d+)\) \((\d+),(\d+)\) (http[^ ]*) (\d+)(?:\\n.*)?$/) {
|
|
my ($leftx, $rightx, $topy, $bottomy, $url, $bugid) = ($1, $3, $2, $4, $5, $6);
|
|
|
|
# Pick up bugid from the mapdata label field. Getting the title from
|
|
# bugtitle hash instead of mapdata allows us to get the summary even
|
|
# when showsummary is off, and also gives us status and resolution.
|
|
# This text is safe; it has already been escaped.
|
|
my $bugtitle = $bugtitles{$bugid};
|
|
|
|
# The URL is supposed to be safe, because it's built manually.
|
|
# But in case someone manages to inject code, it's safer to escape it.
|
|
$url = html_quote($url);
|
|
|
|
$map .= qq{<area alt="bug $bugid" name="bug$bugid" shape="rect" } .
|
|
qq{title="$bugtitle" href="$url" } .
|
|
qq{coords="$leftx,$topy,$rightx,$bottomy">\n};
|
|
}
|
|
}
|
|
close MAP;
|
|
|
|
$map .= "$default</map>";
|
|
return $map;
|
|
}
|
|
|
|
sub AddLink {
|
|
my ($blocked, $dependson, $fh) = (@_);
|
|
my $key = "$blocked,$dependson";
|
|
if (!exists $edgesdone{$key}) {
|
|
$edgesdone{$key} = 1;
|
|
print $fh "$dependson -> $blocked\n";
|
|
$bug_count++;
|
|
$seen{$blocked} = 1;
|
|
$seen{$dependson} = 1;
|
|
}
|
|
}
|
|
|
|
ThrowUserError("missing_bug_id") unless $cgi->param('id');
|
|
|
|
# The list of valid directions. Some are not proposed in the dropdrown
|
|
# menu despite the fact that they are valid.
|
|
my @valid_rankdirs = ('LR', 'RL', 'TB', 'BT');
|
|
|
|
my $rankdir = $cgi->param('rankdir') || 'TB';
|
|
# Make sure the submitted 'rankdir' value is valid.
|
|
if (!grep { $_ eq $rankdir } @valid_rankdirs) {
|
|
$rankdir = 'TB';
|
|
}
|
|
|
|
my $display = $cgi->param('display') || 'tree';
|
|
my $webdotdir = bz_locations()->{'webdotdir'};
|
|
|
|
my ($fh, $filename) = File::Temp::tempfile("XXXXXXXXXX",
|
|
SUFFIX => '.dot',
|
|
DIR => $webdotdir,
|
|
UNLINK => 1);
|
|
|
|
chmod Bugzilla::Install::Filesystem::CGI_WRITE, $filename
|
|
or warn install_string('chmod_failed', { path => $filename,
|
|
error => $! });
|
|
|
|
my $urlbase = correct_urlbase();
|
|
|
|
print $fh "digraph G {";
|
|
print $fh qq(
|
|
graph [URL="${urlbase}query.cgi", rankdir=$rankdir]
|
|
node [URL="${urlbase}show_bug.cgi?id=\\N", style=filled, color=lightgrey]
|
|
);
|
|
|
|
my %baselist;
|
|
|
|
foreach my $i (split('[\s,]+', $cgi->param('id'))) {
|
|
my $bug = Bugzilla::Bug->check($i);
|
|
$baselist{$bug->id} = 1;
|
|
}
|
|
|
|
my @stack = keys(%baselist);
|
|
|
|
if ($display eq 'web') {
|
|
my $sth = $dbh->prepare(q{SELECT blocked, dependson
|
|
FROM dependencies
|
|
WHERE blocked = ? OR dependson = ?});
|
|
|
|
foreach my $id (@stack) {
|
|
my $dependencies = $dbh->selectall_arrayref($sth, undef, ($id, $id));
|
|
foreach my $dependency (@$dependencies) {
|
|
my ($blocked, $dependson) = @$dependency;
|
|
if ($blocked != $id && !exists $seen{$blocked}) {
|
|
push @stack, $blocked;
|
|
}
|
|
if ($dependson != $id && !exists $seen{$dependson}) {
|
|
push @stack, $dependson;
|
|
}
|
|
AddLink($blocked, $dependson, $fh);
|
|
}
|
|
}
|
|
}
|
|
# This is the default: a tree instead of a spider web.
|
|
else {
|
|
my @blocker_stack = @stack;
|
|
foreach my $id (@blocker_stack) {
|
|
my $blocker_ids = Bugzilla::Bug::EmitDependList('blocked', 'dependson', $id);
|
|
foreach my $blocker_id (@$blocker_ids) {
|
|
push(@blocker_stack, $blocker_id) unless $seen{$blocker_id};
|
|
AddLink($id, $blocker_id, $fh);
|
|
}
|
|
}
|
|
my @dependent_stack = @stack;
|
|
foreach my $id (@dependent_stack) {
|
|
my $dep_bug_ids = Bugzilla::Bug::EmitDependList('dependson', 'blocked', $id);
|
|
foreach my $dep_bug_id (@$dep_bug_ids) {
|
|
push(@dependent_stack, $dep_bug_id) unless $seen{$dep_bug_id};
|
|
AddLink($dep_bug_id, $id, $fh);
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach my $k (keys(%baselist)) {
|
|
$seen{$k} = 1;
|
|
}
|
|
|
|
my $sth = $dbh->prepare(
|
|
q{SELECT bug_status, resolution, short_desc
|
|
FROM bugs
|
|
WHERE bugs.bug_id = ?});
|
|
|
|
my @bug_ids = keys %seen;
|
|
$user->visible_bugs(\@bug_ids);
|
|
foreach my $k (@bug_ids) {
|
|
# Retrieve bug information from the database
|
|
my ($stat, $resolution, $summary) = $dbh->selectrow_array($sth, undef, $k);
|
|
|
|
$vars->{'short_desc'} = $summary if ($k eq $cgi->param('id'));
|
|
|
|
# The bug summary is shown only if the user can see the bug.
|
|
if ($user->can_see_bug($k)) {
|
|
$summary = html_quote(clean_text($summary));
|
|
}
|
|
else {
|
|
$summary = '';
|
|
}
|
|
|
|
my @params;
|
|
|
|
if ($summary ne "" && $cgi->param('showsummary')) {
|
|
# Wide characters cause GraphViz to die.
|
|
if (Bugzilla->params->{'utf8'}) {
|
|
utf8::encode($summary) if utf8::is_utf8($summary);
|
|
}
|
|
$summary =~ s/([\\\"])/\\$1/g;
|
|
# Newlines must be escaped too, to not break the .map file
|
|
# and to prevent code injection.
|
|
$summary =~ s/\n/\\n/g;
|
|
push(@params, qq{label="$k\\n$summary"});
|
|
}
|
|
|
|
if (exists $baselist{$k}) {
|
|
push(@params, "shape=box");
|
|
}
|
|
|
|
if (is_open_state($stat)) {
|
|
push(@params, "color=green");
|
|
}
|
|
|
|
if (@params) {
|
|
print $fh "$k [" . join(',', @params) . "]\n";
|
|
} else {
|
|
print $fh "$k\n";
|
|
}
|
|
|
|
# Push the bug tooltip texts into a global hash so that
|
|
# CreateImagemap sub (used with local dot installations) can
|
|
# use them later on.
|
|
my $stat_display = display_value('bug_status', $stat);
|
|
my $resolution_display = display_value('resolution', $resolution);
|
|
$bugtitles{$k} = trim("$stat_display $resolution_display");
|
|
|
|
# Show the bug summary in tooltips only if not shown on
|
|
# the graph and it is non-empty (the user can see the bug)
|
|
if (!$cgi->param('showsummary') && $summary ne "") {
|
|
$bugtitles{$k} .= " - $summary";
|
|
}
|
|
}
|
|
|
|
|
|
print $fh "}\n";
|
|
close $fh;
|
|
|
|
if ($bug_count > MAX_WEBDOT_BUGS) {
|
|
unlink($filename);
|
|
ThrowUserError("webdot_too_large");
|
|
}
|
|
|
|
my $webdotbase = Bugzilla->params->{'webdotbase'};
|
|
|
|
if ($webdotbase =~ /^https?:/) {
|
|
# Remote dot server. We don't hardcode 'urlbase' here in case
|
|
# 'sslbase' is in use.
|
|
$webdotbase =~ s/%([a-z]*)%/Bugzilla->params->{$1}/eg;
|
|
my $url = $webdotbase . $filename;
|
|
$vars->{'image_url'} = $url . ".gif";
|
|
$vars->{'map_url'} = $url . ".map";
|
|
} else {
|
|
# Local dot installation
|
|
|
|
# First, generate the png image file from the .dot source
|
|
|
|
my ($pngfh, $pngfilename) = File::Temp::tempfile("XXXXXXXXXX",
|
|
SUFFIX => '.png',
|
|
DIR => $webdotdir);
|
|
|
|
chmod Bugzilla::Install::Filesystem::WS_SERVE, $pngfilename
|
|
or warn install_string('chmod_failed', { path => $pngfilename,
|
|
error => $! });
|
|
|
|
binmode $pngfh;
|
|
open(DOT, '-|', "\"$webdotbase\" -Tpng $filename");
|
|
binmode DOT;
|
|
print $pngfh $_ while <DOT>;
|
|
close DOT;
|
|
close $pngfh;
|
|
|
|
# On Windows $pngfilename will contain \ instead of /
|
|
$pngfilename =~ s|\\|/|g if ON_WINDOWS;
|
|
|
|
# Under mod_perl, pngfilename will have an absolute path, and we
|
|
# need to make that into a relative path.
|
|
my $cgi_root = bz_locations()->{cgi_path};
|
|
$pngfilename =~ s#^\Q$cgi_root\E/?##;
|
|
|
|
$vars->{'image_url'} = $pngfilename;
|
|
|
|
# Then, generate a imagemap datafile that contains the corner data
|
|
# for drawn bug objects. Pass it on to CreateImagemap that
|
|
# turns this monster into html.
|
|
|
|
my ($mapfh, $mapfilename) = File::Temp::tempfile("XXXXXXXXXX",
|
|
SUFFIX => '.map',
|
|
DIR => $webdotdir);
|
|
|
|
chmod Bugzilla::Install::Filesystem::WS_SERVE, $mapfilename
|
|
or warn install_string('chmod_failed', { path => $mapfilename,
|
|
error => $! });
|
|
|
|
binmode $mapfh;
|
|
open(DOT, '-|', "\"$webdotbase\" -Tismap $filename");
|
|
binmode DOT;
|
|
print $mapfh $_ while <DOT>;
|
|
close DOT;
|
|
close $mapfh;
|
|
|
|
$vars->{'image_map'} = CreateImagemap($mapfilename);
|
|
}
|
|
|
|
# Cleanup any old .dot files created from previous runs.
|
|
my $since = time() - 24 * 60 * 60;
|
|
# Can't use glob, since even calling that fails taint checks for perl < 5.6
|
|
opendir(DIR, $webdotdir);
|
|
my @files = grep { /\.dot$|\.png$|\.map$/ && -f "$webdotdir/$_" } readdir(DIR);
|
|
closedir DIR;
|
|
foreach my $f (@files)
|
|
{
|
|
$f = "$webdotdir/$f";
|
|
# Here we are deleting all old files. All entries are from the
|
|
# $webdot directory. Since we're deleting the file (not following
|
|
# symlinks), this can't escape to delete anything it shouldn't
|
|
# (unless someone moves the location of $webdotdir, of course)
|
|
trick_taint($f);
|
|
my $mtime = (stat($f))[9];
|
|
if ($mtime && $mtime < $since) {
|
|
unlink $f;
|
|
}
|
|
}
|
|
|
|
# Make sure we only include valid integers (protects us from XSS attacks).
|
|
my @bugs = grep(detaint_natural($_), split(/[\s,]+/, $cgi->param('id')));
|
|
$vars->{'bug_id'} = join(', ', @bugs);
|
|
$vars->{'multiple_bugs'} = ($cgi->param('id') =~ /[ ,]/);
|
|
$vars->{'display'} = $display;
|
|
$vars->{'rankdir'} = $rankdir;
|
|
$vars->{'showsummary'} = $cgi->param('showsummary');
|
|
|
|
# Generate and return the UI (HTML page) from the appropriate template.
|
|
print $cgi->header();
|
|
$template->process("bug/dependency-graph.html.tmpl", $vars)
|
|
|| ThrowTemplateError($template->error());
|