Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 360231: importxml.pl ignores the maxattachmentsize and maxlocalattachment parameters when importing attachments

Browse Source 
r=dkl a=justdave


git-svn-id: svn://10.0.0.236/trunk@265173 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
bzrmirror%bugzilla.org 2014-01-08 23:15:40 +00:00
parent 013e0995dd
commit 07ae92c83f
2 changed files with 31 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mozilla/webtools/bugzilla/.bzrrev
View File

@ -1 +1 @@
8857 8858

48
mozilla/webtools/bugzilla/importxml.pl
View File

@ -54,6 +54,7 @@ use lib qw(. lib);
use Bugzilla; use Bugzilla;
use Bugzilla::Object; use Bugzilla::Object;
use Bugzilla::Bug; use Bugzilla::Bug;
use Bugzilla::Attachment;
use Bugzilla::Product; use Bugzilla::Product;
use Bugzilla::Version; use Bugzilla::Version;
use Bugzilla::Component; use Bugzilla::Component;
@ -1053,6 +1054,7 @@ sub process_bug {
$dbh->do( $query, undef, @values ); $dbh->do( $query, undef, @values );
my $id = $dbh->bz_last_key( 'bugs', 'bug_id' ); my $id = $dbh->bz_last_key( 'bugs', 'bug_id' );
my $bug_obj = Bugzilla::Bug->new($id);
# We are almost certain to get some uninitialized warnings # We are almost certain to get some uninitialized warnings
# Since this is just for debugging the query, let's shut them up # Since this is just for debugging the query, let's shut them up
@ -1135,31 +1137,41 @@ sub process_bug {
$err .= "No attachment ID specified, dropping attachment\n"; $err .= "No attachment ID specified, dropping attachment\n";
next; next;
} }
if (!$exporter->is_insider && $att->{'isprivate'}) {
$err .= "Exporter not in insidergroup and attachment marked private.\n"; my $attacher;
if ($att->{'attacher'}) {
$attacher = Bugzilla::User->new({name => $att->{'attacher'}, cache => 1});
}
my $new_attacher = $attacher || $exporter;
if ($att->{'isprivate'} && !$new_attacher->is_insider) {
my $who = $new_attacher->login;
$err .= "$who not in insidergroup and attachment marked private.\n";
$err .= " Marking attachment public\n"; $err .= " Marking attachment public\n";
$att->{'isprivate'} = 0; $att->{'isprivate'} = 0;
} }
my $attacher_id = $att->{'attacher'} ? login_to_id($att->{'attacher'}) : undef; # We log in the user so that the attachment creator is set correctly.
Bugzilla->set_user($new_attacher);
$dbh->do("INSERT INTO attachments my $attachment = Bugzilla::Attachment->create(
(bug_id, creation_ts, modification_time, filename, description, { bug => $bug_obj,
mimetype, ispatch, isprivate, isobsolete, submitter_id) creation_ts => $att->{date},
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", data => $att->{data},
undef, $id, $att->{'date'}, $att->{'date'}, $att->{'filename'}, description => $att->{desc},
$att->{'desc'}, $att->{'ctype'}, $att->{'ispatch'}, filename => $att->{filename},
$att->{'isprivate'}, $att->{'isobsolete'}, $attacher_id || $exporterid); ispatch => $att->{ispatch},
my $att_id = $dbh->bz_last_key( 'attachments', 'attach_id' ); isprivate => $att->{isprivate},
my $att_data = $att->{'data'}; isobsolete => $att->{isobsolete},
my $sth = $dbh->prepare("INSERT INTO attach_data (id, thedata) mimetype => $att->{ctype},
VALUES ($att_id, ?)" ); });
trick_taint($att_data); my $att_id = $attachment->id;
$sth->bind_param( 1, $att_data, $dbh->BLOB_TYPE );
$sth->execute(); # We log out the attacher as the remaining steps are not on his behalf.
Bugzilla->logout_request;
$comments .= "Imported an attachment (id=$att_id)\n"; $comments .= "Imported an attachment (id=$att_id)\n";
if (!$attacher_id) { if (!$attacher) {
if ($att->{'attacher'}) { if ($att->{'attacher'}) {
$err .= "The original submitter of attachment $att_id was\n "; $err .= "The original submitter of attachment $att_id was\n ";
$err .= $att->{'attacher'} . ", but he doesn't have an account here.\n"; $err .= $att->{'attacher'} . ", but he doesn't have an account here.\n";