Пример #1
0
		public static void add_news(int bugid, string desc, string action, Security security)
		{

			if (btnet.Util.get_setting("EnableWhatsNewPage","0") == "1")
			{

				long seconds = DateTime.Now.Ticks / ten_million;
				if (seconds == prev_seconds)
				{
					seconds++; // prevent dupes, even if we have to lie.
				}
				prev_seconds = seconds;
				
				BugNews bn = new BugNews();
				bn.seconds = seconds;
				bn.seconds_string = Convert.ToString(seconds);
				bn.bugid = Convert.ToString(bugid);
				bn.desc = desc;
				bn.action = action;
				bn.who = security.user.username;

				lock(mylock)
				{
                    HttpApplicationState app = (HttpApplicationState)HttpRuntime.Cache["Application"];
                    List<BugNews> list = (List<BugNews>) app["whatsnew"];

					// create the list if necessary
					if (list == null)
					{
						list = new List<BugNews>();
						app["whatsnew"] = list;
					}

					// Add the newest item
					list.Add(bn);
					
					// Trim the old items
					int max = Convert.ToInt32(btnet.Util.get_setting("WhatsNewMaxItemsCount","200"));
					while (list.Count > max)
					{
						list.RemoveAt(0);
					}

				}

			}

		}
Пример #2
0
		///////////////////////////////////////////////////////////////////////
		public static void send_notifications(int insert_or_update, int bugid, Security security, int just_to_this_user_id)
		{
			send_notifications(insert_or_update,
				bugid,
				security,
				just_to_this_user_id,
				false,  // status changed
				false,  // assigend to changed
				0);  // prev assigned to
		}
Пример #3
0
		///////////////////////////////////////////////////////////////////////
		public static void print_bug (HttpResponse Response, DataRow dr, Security security, 
            bool include_style, 
            bool images_inline, 
            bool history_inline,
            bool internal_posts)
		{

			int bugid = Convert.ToInt32(dr["id"]);
			string string_bugid = Convert.ToString(bugid);

            if (include_style) // when sending emails
            {
                Response.Write("\n<style>\n");

                // If this file exists, use it.

                string map_path = (string) HttpRuntime.Cache["MapPath"];

                string css_for_email_file = map_path + "\\custom\\btnet_css_for_email.css";

                try
                {
                    if (System.IO.File.Exists(css_for_email_file))
                    {
                        Response.WriteFile(css_for_email_file);
					    Response.Write("\n");
                    }
                    else
                    {
                        css_for_email_file = map_path + "\\btnet_base.css";
                        Response.WriteFile(css_for_email_file);
					    Response.Write("\n");
                        css_for_email_file = map_path + "\\custom\\" + "btnet_custom.css";
                        if (System.IO.File.Exists(css_for_email_file))
                        {
                            Response.WriteFile(css_for_email_file);
                            Response.Write("\n");
                        }
                    }
                }
                catch (Exception e)
                {
                    btnet.Util.write_to_log("Exception trying to read css file for email \"" 
                        + css_for_email_file
                        + "\":" 
                        + e.Message);
                }

                // underline links in the emails to make them more obvious
                Response.Write("\na {text-decoration: underline; }");
                Response.Write("\na:visited {text-decoration: underline; }");
                Response.Write("\na:hover {text-decoration: underline; }");
                Response.Write("\n</style>\n");
            }

			Response.Write ("<body style='background:white'>");
			Response.Write ("<b>"
				+ btnet.Util.capitalize_first_letter(btnet.Util.get_setting("SingularBugLabel","bug"))
				+ " ID:&nbsp;<a href="
				+ btnet.Util.get_setting("AbsoluteUrlPrefix","http://127.0.0.1/")
				+ "edit_bug.aspx?id="
				+ string_bugid
				+ ">"
				+ string_bugid
				+ "</a><br>");

			Response.Write ("Short desc:&nbsp;<a href="
				+ btnet.Util.get_setting("AbsoluteUrlPrefix","http://127.0.0.1/")
				+ "edit_bug.aspx?id="
				+ string_bugid
				+ ">"
				+ HttpUtility.HtmlEncode((string)dr["short_desc"])
				+ "</a></b><p>");

			// start of the table with the bug fields
			Response.Write ("\n<table border=1 cellpadding=3 cellspacing=0>");
            Response.Write("\n<tr><td>Last changed by<td>"
				+ format_username((string)dr["last_updated_user"],(string)dr["last_updated_fullname"])
				+ "&nbsp;");
            Response.Write("\n<tr><td>Reported By<td>"
				+ format_username((string)dr["reporter"],(string)dr["reporter_fullname"])
				+ "&nbsp;");
            Response.Write("\n<tr><td>Reported On<td>" + btnet.Util.format_db_date_and_time(dr["reported_date"]) + "&nbsp;");

            if (security.user.tags_field_permission_level > 0)
	            Response.Write("\n<tr><td>Tags<td>" + dr["bg_tags"] + "&nbsp;");

            if (security.user.project_field_permission_level > 0)
	            Response.Write("\n<tr><td>Project<td>" + dr["current_project"] + "&nbsp;");

            if (security.user.org_field_permission_level > 0)
	            Response.Write("\n<tr><td>Organization<td>" + dr["og_name"] + "&nbsp;");

            if (security.user.category_field_permission_level > 0)
	            Response.Write("\n<tr><td>Category<td>" + dr["category_name"] + "&nbsp;");

            if (security.user.priority_field_permission_level > 0)
	            Response.Write("\n<tr><td>Priority<td>" + dr["priority_name"] + "&nbsp;");

            if (security.user.assigned_to_field_permission_level > 0)
	            Response.Write("\n<tr><td>Assigned<td>"
					+ format_username((string)dr["assigned_to_username"],(string)dr["assigned_to_fullname"])
					+ "&nbsp;");

            if (security.user.status_field_permission_level > 0)
            	Response.Write("\n<tr><td>Status<td>" + dr["status_name"] + "&nbsp;");

			if (security.user.udf_field_permission_level > 0)
				if (btnet.Util.get_setting("ShowUserDefinedBugAttribute","1") == "1")
				{
					Response.Write("\n<tr><td>"
						+ btnet.Util.get_setting("UserDefinedBugAttributeName","YOUR ATTRIBUTE")
						+ "<td>"
						+ dr["udf_name"] + "&nbsp;");
				}

			// Get custom column info  (There's an inefficiency here - we just did this
			// same call in get_bug_datarow...)

			
			DataSet ds_custom_cols = btnet.Util.get_custom_columns();


			// Show custom columns

			foreach (DataRow drcc in ds_custom_cols.Tables[0].Rows)
			{
                string column_name = (string) drcc["name"];

                if (security.user.dict_custom_field_permission_level[column_name] == Security.PERMISSION_NONE)
                {
                    continue;
                }

                Response.Write("\n<tr><td>");
				Response.Write (column_name);
				Response.Write ("<td>");

				if ((string)drcc["datatype"] == "datetime")
				{
					object dt = dr[(string)drcc["name"]];

					Response.Write (btnet.Util.format_db_date_and_time(dt));
				}
				else
				{
					string s = "";

					if ((string)drcc["dropdown type"] == "users")
					{
						object obj = dr[(string)drcc["name"]];
						if (obj.GetType().ToString() != "System.DBNull")
						{
							int userid = Convert.ToInt32(obj);
							if (userid != 0)
							{
								string sql_get_username = "******";
								s = (string) btnet.DbUtil.execute_scalar(sql_get_username.Replace("$1", Convert.ToString(userid)));
							}
						}
					}
					else
					{
						s = Convert.ToString(dr[(string)drcc["name"]]);
					}

					s = HttpUtility.HtmlEncode(s);
					s = s.Replace("\n","<br>");
					s = s.Replace("  ","&nbsp; ");
					s = s.Replace("\t","&nbsp;&nbsp;&nbsp;&nbsp;");
					Response.Write (s);
				}
				Response.Write ("&nbsp;");
			}


			// create project custom dropdowns
			if ((int)dr["project"] != 0)
			{

				string sql = @"select
					isnull(pj_enable_custom_dropdown1,0) [pj_enable_custom_dropdown1],
					isnull(pj_enable_custom_dropdown2,0) [pj_enable_custom_dropdown2],
					isnull(pj_enable_custom_dropdown3,0) [pj_enable_custom_dropdown3],
					isnull(pj_custom_dropdown_label1,'') [pj_custom_dropdown_label1],
					isnull(pj_custom_dropdown_label2,'') [pj_custom_dropdown_label2],
					isnull(pj_custom_dropdown_label3,'') [pj_custom_dropdown_label3]
					from projects where pj_id = $pj";

				sql = sql.Replace("$pj", Convert.ToString((int)dr["project"]));

				DataRow project_dr = btnet.DbUtil.get_datarow(sql);


				if (project_dr != null)
				{
					for (int i = 1; i < 4; i++)
					{
						if ((int)project_dr["pj_enable_custom_dropdown" + Convert.ToString(i)] == 1)
						{
                            Response.Write("\n<tr><td>");
							Response.Write (project_dr["pj_custom_dropdown_label" + Convert.ToString(i)]);
							Response.Write ("<td>");
							Response.Write (dr["bg_project_custom_dropdown_value"  + Convert.ToString(i)]);
							Response.Write ("&nbsp;");
						}
					}
				}
			}



			Response.Write("\n</table><p>"); // end of the table with the bug fields

			// Relationships
			if (btnet.Util.get_setting("EnableRelationships", "0") == "1")
			{
				write_relationships(Response, bugid);
			}

			// Tasks
			if (btnet.Util.get_setting("EnableTasks", "0") == "1")
			{
				write_tasks(Response, bugid);
			}


            DataSet ds_posts = get_bug_posts(bugid, security.user.external_user, history_inline);
			write_posts (
                ds_posts,
                Response, 
                bugid, 
                0, 
                false, /* don't write links */
                images_inline, 
                history_inline, 
                internal_posts,
                security.user);

			Response.Write ("</body>");

		}
Пример #4
0
        ///////////////////////////////////////////////////////////////////////
        static string get_buglist_paging_string(DataView dv, Security security, bool IsPostBack, string new_page, ref int this_page)
        {

            // format the text "page N of N:  1 2..."
            this_page = 0;
            if (IsPostBack)
            {
                this_page = Convert.ToInt32(new_page);
                HttpContext.Current.Session["page"] = this_page;
            }
            else
            {
                if (HttpContext.Current.Session["page"] != null)
                {
                    this_page = (int)HttpContext.Current.Session["page"];
                }
            }

            // how many pages to show all the rows?
            int total_pages = (dv.Count - 1) / security.user.bugs_per_page + 1;

            if (this_page > total_pages - 1)
            {
                this_page = 0;
                HttpContext.Current.Session["page"] = this_page;
            }

            string paging_string = "";

            if (total_pages > 1)
            {

                // The "<"
                if (this_page > 0)
                {
                    paging_string += "<a href='javascript: on_page("
                        + Convert.ToString(this_page - 1)
                        + ")'><b>&nbsp;&lt&lt&nbsp;</b></a>&nbsp;";
                }


                // first page is "0", second page is "1", so add 1 for display purposes
                paging_string += "page&nbsp;"
                    + Convert.ToString(this_page + 1)
                    + "&nbsp;of&nbsp;"
                    + Convert.ToString(total_pages)
                    + "&nbsp;";

                // The ">"
                if (this_page < total_pages - 1)
                {
                    paging_string += "<a href='javascript: on_page("
                        + Convert.ToString(this_page + 1)
                        + ")'><b>&nbsp;&gt;&gt;&nbsp;</b></a>";
                }

                paging_string += "&nbsp;&nbsp;&nbsp;";

                int left = this_page - 16;
                if (left < 1)
                {
                    left = 0;
                }
                else
                {
                    paging_string += "<a href='javascript: on_page(0)'>[first]</a>...&nbsp;";
                }

                int right = left + 32;
                if (right > total_pages)
                {
                    right = total_pages;
                }


                for (int i = left; i < right; i++)
                {
                    if (this_page == i)
                    {
                        paging_string += "[" + Convert.ToString(i + 1) + "]&nbsp;";
                    }
                    else
                    {
                        paging_string += "<a href='javascript: on_page("
                            + Convert.ToString(i)
                            + ")'>"
                            + Convert.ToString(i + 1)
                            + "</a>&nbsp;";
                    }
                }

                if (right < total_pages)
                {
                    paging_string += "&nbsp;...<a href='javascript: on_page("
                    + Convert.ToString(total_pages - 1)
                    + ")'>[last]</a>";
                }

            }

            return paging_string;
        }
Пример #5
0
        ///////////////////////////////////////////////////////////////////////
        public static void display_bugs(
            bool show_checkbox,
            DataView dv,
            HttpResponse Response,
            Security security,
            string new_page_val,
            bool IsPostBack,
            DataSet ds_custom_cols,
            string filter_val
            )
        {
            int this_page = 0;
            string paging_string = get_buglist_paging_string(
                dv,
                security,
                IsPostBack,
                new_page_val,
                ref this_page);

            string bug_count_string = get_buglist_bug_count_string(dv);

            Response.Write("<table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td align=left valign=top>");
            Response.Write(paging_string);
            Response.Write("<td align=right valign=top><span class=smallnote>clicking while holding Ctrl key toggles \"NOT\" in a filter: \"NOT project 1\"</span></table>");
            Response.Write("\n<table class=bugt border=1 ><tr>\n");

            ///////////////////////////////////////////////////////////////////
            // headings
            ///////////////////////////////////////////////////////////////////

            int db_column_count = 0;
            int description_column = -1;
            
            int search_desc_column = -1;
            int search_source_column = -1;
            int search_text_column = -1;

            foreach (DataColumn dc in dv.Table.Columns)
            {

                if (db_column_count == 0)
                {
                    // skip color/style

                    if (show_checkbox)
                    {
                        Response.Write("<td class=bugh><font size=0>sel</font>");
                    }
                }
                else if (dc.ColumnName == "$SCORE")
                {
                    // don't display the score, but the "union" and "order by" in the
                    // query forces us to include it as one of the columns
                }
                else
                {

                    Response.Write("<td class=bugh>\n");
                    // sorting
                    string s = "<a href='javascript: on_sort($col)'>";
                    s = s.Replace("$col", Convert.ToString(db_column_count - 1));
                    Response.Write(s);

                    if (dc.ColumnName == "$FLAG")
                    {
                        Response.Write("flag");
                    }
                    else if (dc.ColumnName == "$SEEN")
                    {
                        Response.Write("new");
                    }
                    else if (dc.ColumnName.ToLower().IndexOf("desc") == 0)
                    {
                        // remember this column so that we can make it a link
                        description_column = db_column_count; // zero based here
                        Response.Write(dc.ColumnName);
                    }
                    else if (dc.ColumnName == "search_desc")
                    {
                        search_desc_column = db_column_count;
                        Response.Write("desc");
                    }
                    else if (dc.ColumnName == "search_text")
                    {
                        search_text_column = db_column_count;
                        Response.Write("context");
                    }
                    else if (dc.ColumnName == "search_source")
                    {
                        search_source_column = db_column_count;
                        Response.Write("text source");
                    }
                    else
                    {
                        Response.Write(dc.ColumnName);
                    }

                    Response.Write("</a>");
                    Response.Write("\n");

                }

                db_column_count++;

            }

            Response.Write("\n<tr>");

            ////////////////////////////////////////////////////////////////////
            /// filter row
            ////////////////////////////////////////////////////////////////////

            if (ds_custom_cols == null)
            {
                ds_custom_cols = Util.get_custom_columns();
            }

            db_column_count = 0;
            string udf_column_name = Util.get_setting("UserDefinedBugAttributeName", "YOUR ATTRIBUTE");

            foreach (DataColumn dc in dv.Table.Columns)
            {

                // skip color
                if (db_column_count == 0)
                {
                    if (show_checkbox)
                    {
                        Response.Write("<td class=bugf>&nbsp;");
                    }
                }
                else if (dc.ColumnName == "$SCORE")
                {
                    // skip
                }
                else
                {
                    Response.Write("<td class=bugf> ");

                    if (dc.ColumnName == "$FLAG")
                    {
                        display_filter_select(Response, filter_val, "[$FLAG]", "red|green");
                    }
                    else if (dc.ColumnName == "$SEEN")
                    {
                        display_filter_select(Response, filter_val, "[$SEEN]", "yes|no");
                    }
                    else if (dc.ColumnName == "project"
                    || dc.ColumnName == "organization"
                    || dc.ColumnName == "category"
                    || dc.ColumnName == "priority"
                    || dc.ColumnName == "status"
                    || dc.ColumnName == "reported by"
                    || dc.ColumnName == "assigned to"
                    || dc.ColumnName == udf_column_name)
                    {
                        string string_vals = get_distinct_vals_from_dataset(
                            (DataTable)HttpContext.Current.Session["bugs_unfiltered"],
                            db_column_count);

                        display_filter_select(
                            Response,
                            filter_val,
                            "[" + dc.ColumnName + "]",
                            string_vals);
                    }
                    else
                    {
                        bool with_filter = false;
                        foreach (DataRow drcc in ds_custom_cols.Tables[0].Rows)
                        {
                            if (dc.ColumnName == (string)drcc["name"])
                            {
                                if ((string)drcc["dropdown type"] == "normal"
                                || (string)drcc["dropdown type"] == "users")
                                {
                                    with_filter = true;

                                    string string_vals = get_distinct_vals_from_dataset(
                                        (DataTable)HttpContext.Current.Session["bugs_unfiltered"],
                                        db_column_count);

                                    display_filter_select(
                                        Response,
                                        filter_val,
                                        "[" + (string)drcc["name"] + "]",
                                        string_vals);
                                }

                                break;
                            }
                        }

                        if (!with_filter)
                        {
                            Response.Write("&nbsp");
                        }
                    }

                    Response.Write("\n");
                }

                db_column_count++;

            }

            Response.Write("\n");

            string class_or_color = "class=bugd";
            string col_one;



            ///////////////////////////////////////////////////////////////////
            // data
            ///////////////////////////////////////////////////////////////////
            int rows_this_page = 0;
            int j = 0;

            foreach (DataRowView drv in dv)
            {

                // skip over rows prior to this page
                if (j < security.user.bugs_per_page * this_page)
                {
                    j++;
                    continue;
                }


                // do not show rows beyond this page
                rows_this_page++;
                if (rows_this_page > security.user.bugs_per_page)
                {
                    break;
                }


                DataRow dr = drv.Row;

                Response.Write("\n<tr>");

                if (show_checkbox)
                {
                    Response.Write("<td class=bugd><input type=checkbox name=");
                    Response.Write(Convert.ToString(dr[1]));
                    Response.Write(">");
                }

                for (int i = 0; i < dv.Table.Columns.Count; i++)
                {

                    if (i == 0)
                    {
                        col_one = Convert.ToString(dr[0]);

                        if (col_one == "")
                        {
                            class_or_color = "class=bugd";
                        }
                        else
                        {
                            if (col_one[0] == '#')
                            {
                                class_or_color = "class=bugd bgcolor=" + col_one;
                            }
                            else
                            {
                                class_or_color = "class=\"" + col_one + "\"";
                            }
                        }
                    }
                    else
                    {

                        if (dv.Table.Columns[i].ColumnName == "$SCORE")
                        {
                            // skip
                        }
                        else if (dv.Table.Columns[i].ColumnName == "$FLAG")
                        {
                            int flag = (int)dr[i];
                            string cls = "wht";
                            if (flag == 1) cls = "red";
                            else if (flag == 2) cls = "grn";

                            Response.Write("<td class=bugd align=center><span class="
                                + cls
                                + " onclick='flag(this, "
                                + Convert.ToString(dr[1])
                                + ")'>&nbsp;</span>");
                        }
                        else if (dv.Table.Columns[i].ColumnName == "$SEEN")
                        {
                            int seen = (int)dr[i];
                            string cls = "old";
                            if (seen == 0)
                            {
                                cls = "new";
                            }
                            else
                            {
                                cls = "old";
                            }

                            Response.Write("<td class=bugd align=center><span class="
                                + cls
                                + " onclick='seen(this, "
                                + Convert.ToString(dr[1])
                                + ")'>&nbsp;</span>");
                        }
                        else
                        {

                            string datatype = dv.Table.Columns[i].DataType.ToString();

                            if (Util.is_numeric_datatype(datatype))
                            {
                                Response.Write("<td " + class_or_color + " align=right>");
                            }
                            else
                            {
                                Response.Write("<td " + class_or_color + " >");
                            }

                            // write the data
                            if (dr[i].ToString() == "")
                            {
                                Response.Write("&nbsp;");
                            }
                            else
                            {
                                if (datatype == "System.DateTime")
                                {
                                    // Some columns we'd like both date and time, some just date,
                                    // so let's be clever and if the time is exactly midnight, space it out
                                    Response.Write(Util.format_db_date_and_time(dr[i]));
                                }
                                else
                                {
                                    if (i == description_column)
                                    {
                                        // write description as a link
                                        Response.Write("<a onmouseover=on_mouse_over(this) onmouseout=on_mouse_out() href=edit_bug.aspx?id="
                                            + Convert.ToString(dr[1]) + ">");
                                        Response.Write(HttpContext.Current.Server.HtmlEncode(dr[i].ToString()));
                                        Response.Write("</a>");
                                    }
                                    else if (i == search_desc_column)
                                    {
                                        // write description as a link
                                        Response.Write("<a onmouseover=on_mouse_over(this) onmouseout=on_mouse_out() href=edit_bug.aspx?id="
                                        + Convert.ToString(dr[1]) + ">");
                                        Response.Write(dr[i].ToString()); // already encoded
                                        Response.Write("</a>");
                                    }
                                    else if (i == search_source_column)
                                    {
                                        string val = dr[i].ToString();
                                        if (string.IsNullOrEmpty(val))
                                        {
                                            Response.Write("&nbsp;");
                                        }
                                        else
                                        {
                                            string[] parts = btnet.Util.split_string_using_commas(val);

                                            if (parts.Length < 2)
                                            {
                                            	Response.Write(val);
                                            }
                                            else
                                            {
												Response.Write("<a href=edit_bug.aspx?id=");
												Response.Write(Convert.ToString(dr[1])); // bg_id
												Response.Write("#");
												Response.Write(parts[1]);  // bp_id, the post id
												Response.Write(">");
												Response.Write(parts[0]); // sent, received, comment
												Response.Write(" #");
												Response.Write(parts[1]);
												Response.Write("</a>");
											}
                                        }
                                    }
                                    else if (i == search_text_column)
                                    {
                                        Response.Write(dr[i].ToString()); // already encoded
                                    }
                                    else
                                    {
                                        Response.Write(HttpContext.Current.Server.HtmlEncode(dr[i].ToString()).Replace("\n", "<br>"));
                                    }
                                }
                            }
                        }

                        Response.Write("");

                    }
                }

                Response.Write("\n");

                j++;
            }

            Response.Write("</table>");
            Response.Write(paging_string);
            Response.Write(bug_count_string);
        }
Пример #6
0
 ///////////////////////////////////////////////////////////////////////
 public static void display_you_dont_have_permission(HttpResponse Response, Security security)
 {
     Response.Write("<link rel=StyleSheet href=btnet.css type=text/css>");
     security.write_menu(Response, btnet.Util.get_setting("PluralBugLabel", "bugs"));
     Response.Write("<p>&nbsp;</p><div class=align>");
     Response.Write("<div class=err>You are not allowed to view this "
         + btnet.Util.get_setting("SingularBugLabel", "bug")
         + "</div>");
     Response.Write("<p><a href=bugs.aspx>View "
         + btnet.Util.capitalize_first_letter(btnet.Util.get_setting
         ("PluralBugLabel", "bugs")) + "</a>");
     Response.End();
 }
Пример #7
0
		///////////////////////////////////////////////////////////////////////
		public static int get_bug_permission_level(int bugid, Security security)
		{
			/*
					public const int PERMISSION_NONE = 0;
					public const int PERMISSION_READONLY = 1;
					public const int PERMISSION_REPORTER = 3;
					public const int PERMISSION_ALL = 2;
			*/

			// fetch the revised permission level
			string sql = @"
declare @bg_org int

select isnull(pu_permission_level,$dpl),
bg_org
from bugs
left outer join project_user_xref
on pu_project = bg_project
and pu_user = $us
where bg_id = $bg";
			;

			sql = sql.Replace("$dpl", Util.get_setting("DefaultPermissionLevel", "2"));
			sql = sql.Replace("$bg", Convert.ToString(bugid));
			sql = sql.Replace("$us", Convert.ToString(security.user.usid));
			
			DataRow dr = btnet.DbUtil.get_datarow(sql);
			
			if (dr == null)
			{
				return Security.PERMISSION_NONE;
				
			}
			
			int pl = (int)dr[0];
			int bg_org = (int)dr[1];


			// maybe reduce permissions
			if (bg_org != security.user.org)
			{
				if (security.user.other_orgs_permission_level == Security.PERMISSION_NONE
				|| security.user.other_orgs_permission_level == Security.PERMISSION_READONLY)
				{
					if (security.user.other_orgs_permission_level < pl)
					{
						pl = security.user.other_orgs_permission_level;
					}
				}
			}

			return pl;
		}
Пример #8
0
		///////////////////////////////////////////////////////////////////////
		public static DataRow get_bug_datarow(
			int bugid,
			Security security)
		{

			
			DataSet ds_custom_cols = btnet.Util.get_custom_columns();
			return get_bug_datarow(bugid, security, ds_custom_cols);
		}
Пример #9
0
        ///////////////////////////////////////////////////////////////////////
        public static void add_attachments(SharpMimeMessage mime_message, int bugid, int parent_postid, Security security)
        {
            if (mime_message.IsMultipart)
            {
                foreach (SharpMimeMessage part in mime_message)
                {
                    if (part.IsMultipart)
                    {
                        // recursive call to this function
                        add_attachments(part, bugid, parent_postid, security);
                    }
                    else
                    {

                        string filename = determine_part_filename(part);

                        if (filename != "")
                        {
                            add_attachment(filename, part, bugid, parent_postid, security);
                        }
                    }
                }
            }

            else
            {
                string filename = determine_part_filename(mime_message);

                if (filename != "")
                {
                    add_attachment(filename, mime_message, bugid, parent_postid, security);
                }
            }

        }
Пример #10
0
        ///////////////////////////////////////////////////////////////////////
        public void Page_Load(Object sender, EventArgs e)
        {
            Util.do_not_cache(Response);

            security = new Security();
            security.check_security(HttpContext.Current, Security.ANY_USER_OK);

            if (security.user.is_admin || security.user.can_search)
            {
                //
            }
            else
            {
                Response.Write("You are not allowed to use this page.");
                Response.End();
            }

            titl.InnerText = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
                + "search";

            show_udf = (Util.get_setting("ShowUserDefinedBugAttribute", "1") == "1");
            use_full_names = (Util.get_setting("UseFullNames", "0") == "1");

            ds_custom_cols = Util.get_custom_columns();

            dt_users = Util.get_related_users(security, false);

            if (!IsPostBack)
            {
                load_drop_downs();
                project_custom_dropdown1_label.Style["display"] = "none";
                project_custom_dropdown1.Style["display"] = "none";

                project_custom_dropdown2_label.Style["display"] = "none";
                project_custom_dropdown2.Style["display"] = "none";

                project_custom_dropdown3_label.Style["display"] = "none";
                project_custom_dropdown3.Style["display"] = "none";

                // are there any project dropdowns?

                string sql = @"
select count(1)
from projects
where isnull(pj_enable_custom_dropdown1,0) = 1
or isnull(pj_enable_custom_dropdown2,0) = 1
or isnull(pj_enable_custom_dropdown3,0) = 1";

                int projects_with_custom_dropdowns = (int)btnet.DbUtil.execute_scalar(sql);

                if (projects_with_custom_dropdowns == 0)
                {
                    project.AutoPostBack = false;
                }

            }
            else
            {

                // get the project dropdowns

                string sql = @"
select
pj_id,
isnull(pj_enable_custom_dropdown1,0) pj_enable_custom_dropdown1,
isnull(pj_enable_custom_dropdown2,0) pj_enable_custom_dropdown2,
isnull(pj_enable_custom_dropdown3,0) pj_enable_custom_dropdown3,
isnull(pj_custom_dropdown_label1,'') pj_custom_dropdown_label1,
isnull(pj_custom_dropdown_label2,'') pj_custom_dropdown_label2,
isnull(pj_custom_dropdown_label3,'') pj_custom_dropdown_label3,
isnull(pj_custom_dropdown_values1,'') pj_custom_dropdown_values1,
isnull(pj_custom_dropdown_values2,'') pj_custom_dropdown_values2,
isnull(pj_custom_dropdown_values3,'') pj_custom_dropdown_values3
from projects
where isnull(pj_enable_custom_dropdown1,0) = 1
or isnull(pj_enable_custom_dropdown2,0) = 1
or isnull(pj_enable_custom_dropdown3,0) = 1";

                DataSet ds_projects = btnet.DbUtil.get_dataset(sql);

                foreach (DataRow dr in ds_projects.Tables[0].Rows)
                {
                    BtnetProject btnet_project = new BtnetProject();

                    ProjectDropdown dropdown;

                    dropdown = new ProjectDropdown();
                    dropdown.enabled = Convert.ToBoolean((int)dr["pj_enable_custom_dropdown1"]);
                    dropdown.label = (string)dr["pj_custom_dropdown_label1"];
                    dropdown.values = (string)dr["pj_custom_dropdown_values1"];
                    btnet_project.map_dropdowns[1] = dropdown;

                    dropdown = new ProjectDropdown();
                    dropdown.enabled = Convert.ToBoolean((int)dr["pj_enable_custom_dropdown2"]);
                    dropdown.label = (string)dr["pj_custom_dropdown_label2"];
                    dropdown.values = (string)dr["pj_custom_dropdown_values2"];
                    btnet_project.map_dropdowns[2] = dropdown;

                    dropdown = new ProjectDropdown();
                    dropdown.enabled = Convert.ToBoolean((int)dr["pj_enable_custom_dropdown3"]);
                    dropdown.label = (string)dr["pj_custom_dropdown_label3"];
                    dropdown.values = (string)dr["pj_custom_dropdown_values3"];
                    btnet_project.map_dropdowns[3] = dropdown;

                    map_projects[(int)dr["pj_id"]] = btnet_project;

                }

                // which button did the user hit?

                if (project_changed.Value == "1" && project.AutoPostBack == true)
                {
                    handle_project_custom_dropdowns();
                }
                else if (hit_submit_button.Value == "1")
                {
                    handle_project_custom_dropdowns();
                    do_query();
                }
                else
                {
                    dv = (DataView)Session["bugs"];
                    if (dv == null)
                    {
                        do_query();
                    }
                    call_sort_and_filter_buglist_dataview();
                }
            }

            hit_submit_button.Value = "0";
            project_changed.Value = "0";

            if (security.user.is_admin || security.user.can_edit_sql)
            {

            }
            else
            {
                visible_sql_label.Style["display"] = "none";
                visible_sql_text.Style["display"] = "none";
            }

        }
Пример #11
0
        ///////////////////////////////////////////////////////////////////////
        public void Page_Load(Object sender, EventArgs e)
        {

            Util.do_not_cache(Response);

            security = new Security();
            security.check_security(HttpContext.Current, Security.ANY_USER_OK);

            titl.InnerText = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
                + Util.get_setting("PluralBugLabel", "bugs");


            if (!IsPostBack)
            {

                load_query_dropdown();

                if (Session["just_did_text_search"] == null)
                {
                    do_query();
                }
                else
                {
                    Session["just_did_text_search"] = null;
                    dv = (DataView)Session["bugs"];
                }

            }
            else
            {

                // posting back a query change?
                // posting back a filter change?
                // posting back a sort change?

                if (actn.Value == "query")
                {
                    qu_id_string = Convert.ToString(query.SelectedItem.Value);
                    reset_query_state();
                    do_query();
                }
                else
                {
                    // sorting, paging, filtering, so don't go back to the database

                    dv = (DataView)Session["bugs"];
                    if (dv == null)
                    {
                        do_query();
                    }
                    else
                    {
                        if (actn.Value == "sort")
                        {
                            new_page.Value = "0";
                        }
                    }
                }
            }

            select_query_in_dropdown();

            call_sort_and_filter_buglist_dataview();

            actn.Value = "";

        }
Пример #12
0
		///////////////////////////////////////////////////////////////////////
		public static DataTable get_related_users(Security security, bool force_full_names)
		{
			string sql = "";

			if (Util.get_setting("DefaultPermissionLevel","2") == "0")
			{
				// only show users who have explicit permission
				// for projects that this user has permissions for

				sql = @"
/* get related users 1 */

select us_id,
case when $fullnames then
    case when len(isnull(us_firstname,'') + ' ' + isnull(us_lastname,'')) > 1
	then isnull(us_firstname,'') + ' ' + isnull(us_lastname,'')
    else us_username end
else us_username end us_username,
isnull(us_email,'') us_email,
us_org,
og_external_user
into #temp
from users
inner join orgs on us_org = og_id
where us_id in
	(select pu1.pu_user from project_user_xref pu1
	where pu1.pu_project in
		(select pu2.pu_project from project_user_xref pu2
		where pu2.pu_user = $user.usid
		and pu2.pu_permission_level <> 0
		)
	and pu1.pu_permission_level <> 0
	)

if $og_external_user = 1 -- external
and $og_other_orgs_permission_level = 0 -- other orgs
begin
	delete from #temp where og_external_user = 1 and us_org <> $user.org 
end

$limit_users

select us_id, us_username, us_email from #temp order by us_username

drop table #temp";



			}
			else
			{
				// show users UNLESS they have been explicitly excluded
				// from all the projects the viewer is able to view

				// the cartesian join in the first select is intentional

				sql= @"
/* get related users 2 */
select  pj_id, us_id,
case when $fullnames then
    case when len(isnull(us_firstname,'') + ' ' + isnull(us_lastname,'')) > 1
	then isnull(us_firstname,'') + ' ' + isnull(us_lastname,'')
    else us_username end
else us_username end us_username,
isnull(us_email,'') us_email
into #temp
from projects, users
where pj_id not in
(
	select pu_project from project_user_xref
	where pu_permission_level = 0 and pu_user = $user.usid
)


$limit_users


if $og_external_user = 1 -- external
and $og_other_orgs_permission_level = 0 -- other orgs
begin
	select distinct a.us_id, a.us_username, a.us_email
	from #temp a
	inner join users b on a.us_id = b.us_id
	inner join orgs on b.us_org = og_id
	where og_external_user = 0 or b.us_org = $user.org
	order by a.us_username
end
else
begin

	select distinct us_id, us_username, us_email
		from #temp
		left outer join project_user_xref on pj_id = pu_project
		and us_id = pu_user
		where isnull(pu_permission_level,2) <> 0
		order by us_username
end

drop table #temp";

			}

			if (Util.get_setting("LimitUsernameDropdownsInSearch","0") == "1")
			{
				string sql_limit_user_names = @"

select isnull(bg_assigned_to_user,0) keep_me
into #temp2
from bugs
union
select isnull(bg_reported_user,0) from bugs

delete from #temp
where us_id not in (select keep_me from #temp2)
drop table #temp2";

				sql = sql.Replace("$limit_users",sql_limit_user_names);
			}
			else
			{
				sql = sql.Replace("$limit_users","");
			}



            if (force_full_names || Util.get_setting("UseFullNames", "0") == "1")
			{
                // true condition
                sql = sql.Replace("$fullnames", "1 = 1");
            }
			else
			{
                // false condition
                sql = sql.Replace("$fullnames", "0 = 1");
			}

			sql = sql.Replace("$user.usid",Convert.ToString(security.user.usid));
			sql = sql.Replace("$user.org",Convert.ToString(security.user.org));
			sql = sql.Replace("$og_external_user",Convert.ToString(security.user.external_user ? 1 : 0));
			sql = sql.Replace("$og_other_orgs_permission_level",Convert.ToString(security.user.other_orgs_permission_level));

			return btnet.DbUtil.get_dataset(sql).Tables[0];

		}
Пример #13
0
		///////////////////////////////////////////////////////////////////////
		public static string alter_sql_per_project_permissions(string sql, Security security)
		{

			string project_permissions_sql;

			string dpl = Util.get_setting("DefaultPermissionLevel","2");

			if (dpl == "0")
			{
				project_permissions_sql = @" (bugs.bg_project in (
					select pu_project
					from project_user_xref
					where pu_user = $user
					and pu_permission_level > 0)) ";
			}
			else
			{
				project_permissions_sql = @" (bugs.bg_project not in (
					select pu_project
					from project_user_xref
					where pu_user = $user
					and pu_permission_level = 0)) ";
			}

            if (security.user.can_only_see_own_reported)
            {
                project_permissions_sql += @"
					    and bugs.bg_reported_user = $user ";

            }
            else
            {
                if (security.user.other_orgs_permission_level == 0)
                {
                    project_permissions_sql += @"
					    and bugs.bg_org = $user.org ";

                }
            }

			project_permissions_sql
				= project_permissions_sql.Replace("$user.org",Convert.ToString(security.user.org));

			project_permissions_sql
				= project_permissions_sql.Replace("$user",Convert.ToString(security.user.usid));


			// Figure out where to alter sql for project permissions
            // I've tried lots of different schemes over the years....

            int alter_here_pos = sql.IndexOf("$ALTER_HERE"); // places - can be multiple - are explicitly marked
            if (alter_here_pos != -1)
            {
                return sql.Replace("$ALTER_HERE", "/* ALTER_HERE */ " + project_permissions_sql);
            }
            else
            {
                string bug_sql;

                int where_pos = sql.IndexOf("WhErE"); // first look for a "special" where, case sensitive, in case there are multiple where's to choose from
                if (where_pos == -1)
                    where_pos = sql.ToUpper().IndexOf("WHERE");

                int order_pos = sql.IndexOf("/*ENDWHR*/"); // marker for end of the where statement

                if (order_pos == -1)
                    order_pos = sql.ToUpper().LastIndexOf("ORDER BY");

                if (order_pos < where_pos)
                    order_pos = -1; // ignore an order by that occurs in a subquery, for example

                if (where_pos != -1 && order_pos != -1)
                {
                    // both WHERE and ORDER BY clauses
                    bug_sql = sql.Substring(0, where_pos + 5)
                        + " /* altered - both  */ ( "
                        + sql.Substring(where_pos + 5, order_pos - (where_pos + 5))
                        + " ) AND ( "
                        + project_permissions_sql
                        + " ) "
                        + sql.Substring(order_pos);
                }
                else if (order_pos == -1 && where_pos == -1)
                {
                    // Neither
                    bug_sql = sql + " /* altered - neither */ WHERE " + project_permissions_sql;
                }
                else if (order_pos == -1)
                {
                    // WHERE, without order
                    bug_sql = sql.Substring(0, where_pos + 5)
                        + " /* altered - just where */ ( "
                        + sql.Substring(where_pos + 5)
                        + " ) AND ( "
                        + project_permissions_sql + " )";
                }
                else
                {
                    // ORDER BY, without WHERE
                    bug_sql = sql.Substring(0, order_pos)
                        + " /* altered - just order by  */ WHERE "
                        + project_permissions_sql
                        + sql.Substring(order_pos);
                }

                return bug_sql;
            }

		}
Пример #14
0
		///////////////////////////////////////////////////////////////////////
		public static DataSet get_all_tasks(Security security, int bugid)
		{
            string sql = "select ";
            
            if (bugid == 0)
            {
                sql += @"
bg_id as [id], 
bg_short_desc as [description], 
pj_name as [project], 
ct_name as [category], 
bug_statuses.st_name as [status],  
bug_users.us_username as [assigned to],";
            }

            sql += "tsk_id [task<br>id], tsk_description [task<br>description] ";

			if (btnet.Util.get_setting("ShowTaskAssignedTo","1") == "1")
			{
				sql += ", task_users.us_username [task<br>assigned to]";
			}

			if (btnet.Util.get_setting("ShowTaskPlannedStartDate","1") == "1")
			{
				sql += ", tsk_planned_start_date [planned start]";
			}
			if (btnet.Util.get_setting("ShowTaskActualStartDate","1") == "1")
			{
				sql += ", tsk_actual_start_date [actual start]";
			}

			if (btnet.Util.get_setting("ShowTaskPlannedEndDate","1") == "1")
			{
				sql += ", tsk_planned_end_date [planned end]";
			}
			if (btnet.Util.get_setting("ShowTaskActualEndDate","1") == "1")
			{
				sql += ", tsk_actual_end_date [actual end]";
			}

			if (btnet.Util.get_setting("ShowTaskPlannedDuration","1") == "1")
			{
				sql += ", tsk_planned_duration [planned<br>duration]";
			}
			if (btnet.Util.get_setting("ShowTaskActualDuration","1") == "1")
			{
				sql += ", tsk_actual_duration  [actual<br>duration]";
			}


			if (btnet.Util.get_setting("ShowTaskDurationUnits","1") == "1")
			{
				sql += ", tsk_duration_units [duration<br>units]";
			}

			if (btnet.Util.get_setting("ShowTaskPercentComplete","1") == "1")
			{
				sql += ", tsk_percent_complete [percent<br>complete]";
			}

			if (btnet.Util.get_setting("ShowTaskStatus","1") == "1")
			{
				sql += ", task_statuses.st_name  [task<br>status]";
			}		

			if (btnet.Util.get_setting("ShowTaskSortSequence","1") == "1")
			{
				sql += ", tsk_sort_sequence  [seq]";
			}	

			sql += @"
from bug_tasks 
inner join bugs on tsk_bug = bg_id
left outer join projects on bg_project = pj_id
left outer join categories on bg_category = ct_id
left outer join statuses bug_statuses on bg_status = bug_statuses.st_id
left outer join statuses task_statuses on tsk_status = task_statuses.st_id
left outer join users bug_users on bg_assigned_to_user = bug_users.us_id
left outer join users task_users on tsk_assigned_to_user = task_users.us_id
where tsk_bug in 
("; 

			if (bugid == 0)
			{
				sql += btnet.Util.alter_sql_per_project_permissions("select bg_id from bugs", security);
			}
			else
			{
				sql += Convert.ToString(bugid);
			}
			sql += @"
)
order by tsk_sort_sequence, tsk_id";

			
			DataSet ds = btnet.DbUtil.get_dataset(sql);
			
			return ds;
		}
Пример #15
0
		///////////////////////////////////////////////////////////////////////
		public static void send_notifications(int insert_or_update, int bugid, Security security)
		{
			send_notifications(insert_or_update,
				bugid,
				security,
				0,  // just to this
				false,  // status changed
				false,  // assigend to changed
				0);  // prev assigned to
		}
Пример #16
0
        ///////////////////////////////////////////////////////////////////////

        public static void add_attachment(string filename, SharpMimeMessage part, int bugid, int parent_postid, Security security)
        {

            Util.write_to_log("attachment:" + filename);

            string missing_attachment_msg = "";

            int max_upload_size = Convert.ToInt32(Util.get_setting("MaxUploadSize", "100000"));
            if (part.Size > max_upload_size)
            {
                missing_attachment_msg = "ERROR: email attachment exceeds size limit.";
            }

            string content_type = part.Header.TopLevelMediaType + "/" + part.Header.SubType;
            string desc;
            MemoryStream attachmentStream = new MemoryStream();

            if (missing_attachment_msg == "")
            {
                desc = "email attachment";
            }
            else
            {
                desc = missing_attachment_msg;
            }

            part.DumpBody(attachmentStream);
            attachmentStream.Position = 0;
            Bug.insert_post_attachment(
                security,
                bugid,
                attachmentStream,
                (int)attachmentStream.Length,
                filename,
                desc,
                content_type,
                parent_postid,
                false,  // not hidden
                false); // don't send notifications

        }
Пример #17
0
		///////////////////////////////////////////////////////////////////////
		// This used to send the emails, but not now.  Now it just queues
		// the emails to be sent, then spawns a thread to send them.
		public static void send_notifications(int insert_or_update,  // The implementation
			int bugid,
			Security security,
			int just_to_this_userid,
			bool status_changed,
			bool assigned_to_changed,
			int prev_assigned_to_user)
		{

			// If there's something worth emailing about, then there's 
			// probably something worth updating the index about.
			// Really, though, we wouldn't want to update the index if it were
			// just the status that were changing...
			if (btnet.Util.get_setting("EnableLucene", "1") == "1")
			{
				MyLucene.update_lucene_index(bugid);
			}

			bool notification_email_enabled = (btnet.Util.get_setting("NotificationEmailEnabled", "1") == "1");

			if (!notification_email_enabled)
			{
				return;
			}
			// MAW -- 2006/01/27 -- Determine level of change detected
			int changeLevel = 0;
			if (insert_or_update == INSERT)
			{
				changeLevel = 1;
			}
			else if (status_changed)
			{
				changeLevel = 2;
			}
			else if (assigned_to_changed)
			{
				changeLevel = 3;
			}
			else
			{
				changeLevel = 4;
			}

			string sql;

			if (just_to_this_userid > 0)
			{
				sql = @"
/* get notification email for just one user  */
select us_email, us_id, us_admin, og.*
from bug_subscriptions
inner join users on bs_user = us_id
inner join orgs og on us_org = og_id
inner join bugs on bg_id = bs_bug
left outer join project_user_xref on pu_user = us_id and pu_project = bg_project
where us_email is not null
and us_enable_notifications = 1
-- $status_change
and us_active = 1
and us_email <> ''
and
case
when
	us_org <> bg_org
	and og_other_orgs_permission_level < 2
	and og_other_orgs_permission_level < isnull(pu_permission_level,$dpl)
		then og_other_orgs_permission_level
else
	isnull(pu_permission_level,$dpl)
end <> 0
and bs_bug = $id
and us_id = $just_this_usid";

				sql = sql.Replace("$just_this_usid", Convert.ToString(just_to_this_userid));
			}
			else
			{

				// MAW -- 2006/01/27 -- Added different notifications if reported or assigned-to
				sql = @"
/* get notification emails for all subscribers */
select us_email, us_id, us_admin, og.*
from bug_subscriptions
inner join users on bs_user = us_id
inner join orgs og on us_org = og_id
inner join bugs on bg_id = bs_bug
left outer join project_user_xref on pu_user = us_id and pu_project = bg_project
where us_email is not null
and us_enable_notifications = 1
-- $status_change
and us_active = 1
and us_email <> ''
and (   ($cl <= us_reported_notifications and bg_reported_user = bs_user)
or ($cl <= us_assigned_notifications and bg_assigned_to_user = bs_user)
or ($cl <= us_assigned_notifications and $pau = bs_user)
or ($cl <= us_subscribed_notifications))
and
case
when
us_org <> bg_org
and og_other_orgs_permission_level < 2
and og_other_orgs_permission_level < isnull(pu_permission_level,$dpl)
	then og_other_orgs_permission_level
else
isnull(pu_permission_level,$dpl)
end <> 0
and bs_bug = $id
and (us_id <> $us or isnull(us_send_notifications_to_self,0) = 1)";
			}

			sql = sql.Replace("$cl", changeLevel.ToString());
			sql = sql.Replace("$pau", prev_assigned_to_user.ToString());
			sql = sql.Replace("$id", Convert.ToString(bugid));
			sql = sql.Replace("$dpl", btnet.Util.get_setting("DefaultPermissionLevel", "2"));
			sql = sql.Replace("$us", Convert.ToString(security.user.usid));


			DataSet ds_subscribers = btnet.DbUtil.get_dataset(sql);

			if (ds_subscribers.Tables[0].Rows.Count > 0)
			{

				bool added_to_queue = false;


				// Get bug html
				DataRow bug_dr = btnet.Bug.get_bug_datarow(bugid, security);

				string from = btnet.Util.get_setting("NotificationEmailFrom", "");

				// Format the subject line
				string subject = btnet.Util.get_setting("NotificationSubjectFormat", "$THING$:$BUGID$ was $ACTION$ - $SHORTDESC$ $TRACKINGID$");

				subject = subject.Replace("$THING$", btnet.Util.capitalize_first_letter(btnet.Util.get_setting("SingularBugLabel", "bug")));

				string action = "";
				if (insert_or_update == INSERT)
				{
					action = "added";
				}
				else
				{
					action = "updated";
				}

				subject = subject.Replace("$ACTION$", action);
				subject = subject.Replace("$BUGID$", Convert.ToString(bugid));
				subject = subject.Replace("$SHORTDESC$", (string)bug_dr["short_desc"]);

				string tracking_id = " (";
				tracking_id += btnet.Util.get_setting("TrackingIdString", "DO NOT EDIT THIS:");
				tracking_id += Convert.ToString(bugid);
				tracking_id += ")";
				subject = subject.Replace("$TRACKINGID$", tracking_id);

				subject = subject.Replace("$PROJECT$", (string)bug_dr["current_project"]);
				subject = subject.Replace("$ORGANIZATION$", (string)bug_dr["og_name"]);
				subject = subject.Replace("$CATEGORY$", (string)bug_dr["category_name"]);
				subject = subject.Replace("$PRIORITY$", (string)bug_dr["priority_name"]);
				subject = subject.Replace("$STATUS$", (string)bug_dr["status_name"]);
				subject = subject.Replace("$ASSIGNED_TO$", (string)bug_dr["assigned_to_username"]);


				// send a separate email to each subscriber
				foreach (DataRow dr in ds_subscribers.Tables[0].Rows)
				{
					string to = (string)dr["us_email"];

					// Create a fake response and let the code
					// write the html to that response
					System.IO.StringWriter writer = new System.IO.StringWriter();
					HttpResponse my_response = new HttpResponse(writer);
					my_response.Write("<html>");
					my_response.Write("<base href=\"" +
					btnet.Util.get_setting("AbsoluteUrlPrefix", "http://127.0.0.1/") + "\"/>");

					// create a security rec for the user receiving the email
					Security sec2 = new Security();

					// fill in what we know is needed downstream
					sec2.user.is_admin = Convert.ToBoolean(dr["us_admin"]);
					sec2.user.external_user = Convert.ToBoolean(dr["og_external_user"]);
					sec2.user.tags_field_permission_level = (int)dr["og_category_field_permission_level"];
					sec2.user.category_field_permission_level = (int)dr["og_category_field_permission_level"];
					sec2.user.priority_field_permission_level = (int)dr["og_priority_field_permission_level"];
					sec2.user.assigned_to_field_permission_level = (int)dr["og_assigned_to_field_permission_level"];
					sec2.user.status_field_permission_level = (int)dr["og_status_field_permission_level"];
					sec2.user.project_field_permission_level = (int)dr["og_project_field_permission_level"];
					sec2.user.org_field_permission_level = (int)dr["og_org_field_permission_level"];
					sec2.user.udf_field_permission_level = (int)dr["og_udf_field_permission_level"];

					DataSet ds_custom = Util.get_custom_columns();
					foreach (DataRow dr_custom in ds_custom.Tables[0].Rows)
					{
						string bg_name = (string)dr_custom["name"];
						string og_name = "og_"
							+ (string)dr_custom["name"]
							+ "_field_permission_level";

						object obj = dr[og_name];
						if (Convert.IsDBNull(obj))
						{
							sec2.user.dict_custom_field_permission_level[bg_name] = Security.PERMISSION_ALL;
						}
						else
						{
							sec2.user.dict_custom_field_permission_level[bg_name] = (int) dr[og_name];
						}

					}

					PrintBug.print_bug(
						my_response,
						bug_dr,
						sec2,
						true,  // include style 
						false, // images_inline 
						true,  // history_inline
                        true); // internal_posts

					// at this point "writer" has the bug html

					sql = @"
delete from queued_notifications where qn_bug = $bug and qn_to = N'$to'

insert into queued_notifications
(qn_date_created, qn_bug, qn_user, qn_status, qn_retries, qn_to, qn_from, qn_subject, qn_body, qn_last_exception)
values (getdate(), $bug, $user, N'not sent', 0, N'$to', N'$from', N'$subject', N'$body', N'')";

					sql = sql.Replace("$bug",Convert.ToString(bugid));
					sql = sql.Replace("$user",Convert.ToString(dr["us_id"]));
					sql = sql.Replace("$to", to.Replace("'","''"));
					sql = sql.Replace("$from", from.Replace("'","''"));
					sql = sql.Replace("$subject", subject.Replace("'","''"));
					sql = sql.Replace("$body", writer.ToString().Replace("'","''"));

					btnet.DbUtil.execute_nonquery_without_logging(sql);

					added_to_queue = true;

				} // end loop through ds_subscribers

				if (added_to_queue)
				{
					// spawn a worker thread to send the emails
                    System.Threading.Thread thread = new System.Threading.Thread(threadproc_notifications);
                    thread.Start();
				}

			}  // if there are any subscribers


		}
Пример #18
0
        public static Security get_synthesized_security(SharpMimeMessage mime_message, string from_addr, string username)
        {
            // Get the btnet user, which might actually be a user that corresonds with the email sender, not the username above
            DataRow dr = MyMime.get_user_datarow_maybe_using_from_addr(mime_message, from_addr, username);

            // simulate a user having logged in, for downstream code
            Security security = new Security();
            security.context = System.Web.HttpContext.Current;
            security.user.username = username;
            security.user.usid = (int)dr["us_id"];
            security.user.is_admin = Convert.ToBoolean(dr["us_admin"]);
            security.user.org = (int)dr["us_org"];
            security.user.other_orgs_permission_level = (int)dr["og_other_orgs_permission_level"];
            security.user.forced_project = (int)dr["us_forced_project"];

            return security;
        }
Пример #19
0
		///////////////////////////////////////////////////////////////////////
		public static DataRow get_bug_datarow(
			int bugid,
			Security security,
			DataSet ds_custom_cols)
		{
			string sql = @" /* get_bug_datarow */";

			if (btnet.Util.get_setting("EnableSeen", "0") == "1")
			{
				sql += @"
if not exists (select bu_bug from bug_user where bu_bug = $id and bu_user = $this_usid)
	insert into bug_user (bu_bug, bu_user, bu_flag, bu_seen, bu_vote) values($id, $this_usid, 0, 1, 0) 
update bug_user set bu_seen = 1, bu_seen_datetime = getdate() where bu_bug = $id and bu_user = $this_usid and bu_seen <> 1";

			}

			sql += @"
declare @svn_revisions int
declare @git_commits int
declare @hg_revisions int
declare @tasks int
declare @related int;
set @svn_revisions = 0
set @git_commits = 0
set @hg_revisions = 0
set @tasks = 0
set @related = 0";

			if (btnet.Util.get_setting("EnableSubversionIntegration", "0") == "1")
			{
				sql += @"
select @svn_revisions = count(1)
from svn_affected_paths
inner join svn_revisions on svnap_svnrev_id = svnrev_id
where svnrev_bug = $id;";
			}

			if (btnet.Util.get_setting("EnableGitIntegration", "0") == "1")
			{
				sql += @"
select @git_commits = count(1)
from git_affected_paths
inner join git_commits on gitap_gitcom_id = gitcom_id
where gitcom_bug = $id;";
			}

			if (btnet.Util.get_setting("EnableMercurialIntegration", "0") == "1")
			{
				sql += @"
select @hg_revisions = count(1)
from hg_affected_paths
inner join hg_revisions on hgap_hgrev_id = hgrev_id
where hgrev_bug = $id;";
			}

			if (btnet.Util.get_setting("EnableTasks", "0") == "1")
			{
				sql += @"
select @tasks = count(1)
from bug_tasks
where tsk_bug = $id;";
			}

			if (btnet.Util.get_setting("EnableRelationships", "0") == "1")
			{
                sql += @"
select @related = count(1)
from bug_relationships
where re_bug1 = $id;";
            }
    
            sql += @"

select bg_id [id],
bg_short_desc [short_desc],
isnull(bg_tags,'') [bg_tags],
isnull(ru.us_username,'[deleted user]') [reporter],
isnull(ru.us_email,'') [reporter_email],
case rtrim(ru.us_firstname)
	when null then isnull(ru.us_lastname, '')
	when '' then isnull(ru.us_lastname, '')
	else isnull(ru.us_lastname + ', ' + ru.us_firstname,'')
	end [reporter_fullname],
bg_reported_date [reported_date],
datediff(s,bg_reported_date,getdate()) [seconds_ago],
isnull(lu.us_username,'') [last_updated_user],
case rtrim(lu.us_firstname)
	when null then isnull(lu.us_lastname, '')
	when '' then isnull(lu.us_lastname, '')
	else isnull(lu.us_lastname + ', ' + lu.us_firstname,'')
	end [last_updated_fullname],


bg_last_updated_date [last_updated_date],
isnull(bg_project,0) [project],
isnull(pj_name,'[no project]') [current_project],

isnull(bg_org,0) [organization],
isnull(bugorg.og_name,'') [og_name],

isnull(bg_category,0) [category],
isnull(ct_name,'') [category_name],

isnull(bg_priority,0) [priority],
isnull(pr_name,'') [priority_name],

isnull(bg_status,0) [status],
isnull(st_name,'') [status_name],

isnull(bg_user_defined_attribute,0) [udf],
isnull(udf_name,'') [udf_name],

isnull(bg_assigned_to_user,0) [assigned_to_user],
isnull(asg.us_username,'[not assigned]') [assigned_to_username],
case rtrim(asg.us_firstname)
when null then isnull(asg.us_lastname, '[not assigned]')
when '' then isnull(asg.us_lastname, '[not assigned]')
else isnull(asg.us_lastname + ', ' + asg.us_firstname,'[not assigned]')
end [assigned_to_fullname],

isnull(bs_user,0) [subscribed],

case
when
	$this_org <> bg_org
	and userorg.og_other_orgs_permission_level < 2
	and userorg.og_other_orgs_permission_level < isnull(pu_permission_level,$dpl)
		then userorg.og_other_orgs_permission_level
else
	isnull(pu_permission_level,$dpl)
end [pu_permission_level],

isnull(bg_project_custom_dropdown_value1,'') [bg_project_custom_dropdown_value1],
isnull(bg_project_custom_dropdown_value2,'') [bg_project_custom_dropdown_value2],
isnull(bg_project_custom_dropdown_value3,'') [bg_project_custom_dropdown_value3],
@related [relationship_cnt],
@svn_revisions [svn_revision_cnt],
@git_commits [git_commit_cnt],
@hg_revisions [hg_commit_cnt],
@tasks [task_cnt],
getdate() [snapshot_timestamp]
$custom_cols_placeholder
from bugs
inner join users this_user on us_id = $this_usid
inner join orgs userorg on this_user.us_org = userorg.og_id
left outer join user_defined_attribute on bg_user_defined_attribute = udf_id
left outer join projects on bg_project = pj_id
left outer join orgs bugorg on bg_org = bugorg.og_id
left outer join categories on bg_category = ct_id
left outer join priorities on bg_priority = pr_id
left outer join statuses on bg_status = st_id
left outer join users asg on bg_assigned_to_user = asg.us_id
left outer join users ru on bg_reported_user = ru.us_id
left outer join users lu on bg_last_updated_user = lu.us_id
left outer join bug_subscriptions on bs_bug = bg_id and bs_user = $this_usid
left outer join project_user_xref on pj_id = pu_project
and pu_user = $this_usid
where bg_id = $id";

			if (ds_custom_cols.Tables[0].Rows.Count == 0)
			{
				sql = sql.Replace("$custom_cols_placeholder", "");
			}
			else
			{
				string custom_cols_sql = "";

				foreach (DataRow drcc in ds_custom_cols.Tables[0].Rows)
				{
					custom_cols_sql += ",[" + drcc["name"].ToString() + "]";

				}
				sql = sql.Replace("$custom_cols_placeholder", custom_cols_sql);
			}

			sql = sql.Replace("$id", Convert.ToString(bugid));
			sql = sql.Replace("$this_usid", Convert.ToString(security.user.usid));
			sql = sql.Replace("$this_org", Convert.ToString(security.user.org));
			sql = sql.Replace("$dpl", Util.get_setting("DefaultPermissionLevel", "2"));

			
			return btnet.DbUtil.get_datarow(sql);


		}
Пример #20
0
        ///////////////////////////////////////////////////////////////////////
        public static void display_buglist_tags_line(HttpResponse Response, Security security)
        {
            if (security.user.category_field_permission_level == Security.PERMISSION_NONE)
            {
                return;
            }

            Response.Write("\n<p>Show only rows with the following tags:&nbsp;");
            Response.Write("<input class=txt size=40 name=tags_input id=tags_input onchange='javascript:on_tags_change()' value='");
            Response.Write(HttpContext.Current.Request["tags"]);
            Response.Write("'>");
            Response.Write("<a href='javascript:show_tags()'>&nbsp;&nbsp;select tags</a>");
            Response.Write("<br><br>\n");
        }
Пример #21
0
		///////////////////////////////////////////////////////////////////////
		public static NewIds insert_bug(
			string short_desc,
			Security security,
			string tags,
			int projectid,
			int orgid,
			int categoryid,
			int priorityid,
			int statusid,
			int assigned_to_userid,
			int udfid,
			string project_custom_dropdown_value1,
			string project_custom_dropdown_value2,
			string project_custom_dropdown_value3,
			string comment_formated,
			string comment_search,
			string from,
			string cc,
			string content_type,
			bool internal_only,
			SortedDictionary<string,string> hash_custom_cols,
			bool send_notifications)
		{

			if (short_desc.Trim() == "")
			{
				short_desc = "[No Description]";
			}

			if (assigned_to_userid == 0)
			{
				assigned_to_userid = btnet.Util.get_default_user(projectid);
			}

			string sql = @"insert into bugs
					(bg_short_desc,
					bg_tags,
					bg_reported_user,
					bg_last_updated_user,
					bg_reported_date,
					bg_last_updated_date,
					bg_project,
					bg_org,
					bg_category,
					bg_priority,
					bg_status,
					bg_assigned_to_user,
					bg_user_defined_attribute,
					bg_project_custom_dropdown_value1,
					bg_project_custom_dropdown_value2,
					bg_project_custom_dropdown_value3
					$custom_cols_placeholder1)
					values (N'$short_desc', N'$tags', $reported_user,  $reported_user, getdate(), getdate(),
					$project, $org,
					$category, $priority, $status, $assigned_user, $udf,
					N'$pcd1',N'$pcd2',N'$pcd3' $custom_cols_placeholder2)";

			sql = sql.Replace("$short_desc", short_desc.Replace("'", "''"));
			sql = sql.Replace("$tags", tags.Replace("'", "''"));
			sql = sql.Replace("$reported_user", Convert.ToString(security.user.usid));
			sql = sql.Replace("$project", Convert.ToString(projectid));
			sql = sql.Replace("$org", Convert.ToString(orgid));
			sql = sql.Replace("$category", Convert.ToString(categoryid));
			sql = sql.Replace("$priority", Convert.ToString(priorityid));
			sql = sql.Replace("$status", Convert.ToString(statusid));
			sql = sql.Replace("$assigned_user", Convert.ToString(assigned_to_userid));
			sql = sql.Replace("$udf", Convert.ToString(udfid));
			sql = sql.Replace("$pcd1", project_custom_dropdown_value1);
			sql = sql.Replace("$pcd2", project_custom_dropdown_value2);
			sql = sql.Replace("$pcd3", project_custom_dropdown_value3);

			if (hash_custom_cols == null)
			{
				sql = sql.Replace("$custom_cols_placeholder1", "");
				sql = sql.Replace("$custom_cols_placeholder2", "");
			}
			else
			{

				string custom_cols_sql1 = "";
				string custom_cols_sql2 = "";

				DataSet ds_custom_cols = btnet.Util.get_custom_columns();

				foreach (DataRow drcc in ds_custom_cols.Tables[0].Rows)
				{

					string column_name = (string) drcc["name"];

					// skip if no permission to update
					if (security.user.dict_custom_field_permission_level[column_name] != Security.PERMISSION_ALL)
					{
						continue;
					}

					custom_cols_sql1 += ",[" + column_name + "]";
					
					string datatype = (string) drcc["datatype"];
					
					string custom_col_val = btnet.Util.request_to_string_for_sql(
						hash_custom_cols[column_name],
						datatype);
					
					custom_cols_sql2 += "," + custom_col_val;
					
				}
				sql = sql.Replace("$custom_cols_placeholder1", custom_cols_sql1);
				sql = sql.Replace("$custom_cols_placeholder2", custom_cols_sql2);
			}



			sql += "\nselect scope_identity()";


			int bugid = Convert.ToInt32(btnet.DbUtil.execute_scalar(sql));
			int postid = btnet.Bug.insert_comment(
				bugid,
				security.user.usid,
				comment_formated,
				comment_search,
				from,
				cc,
				content_type,
				internal_only);

			btnet.Bug.auto_subscribe(bugid);

			if (send_notifications)
			{
				btnet.Bug.send_notifications(btnet.Bug.INSERT, bugid, security);
			}

			return new NewIds(bugid, postid);

		}
Пример #22
0
 ///////////////////////////////////////////////////////////////////////
 public static void display_bug_not_found(HttpResponse Response, Security security, int id)
 {
     Response.Write("<link rel=StyleSheet href=btnet.css type=text/css>");
     security.write_menu(Response, btnet.Util.get_setting("PluralBugLabel", "bugs"));
     Response.Write("<p>&nbsp;</p><div class=align>");
     Response.Write("<div class=err>");
     Response.Write(btnet.Util.capitalize_first_letter(btnet.Util.get_setting("SingularBugLabel", "bug")));
     Response.Write(" not found:&nbsp;" + Convert.ToString(id) + "</div>");
     Response.Write("<p><a href=bugs.aspx>View ");
     Response.Write(btnet.Util.get_setting("PluralBugLabel", "bug"));
     Response.Write("</a>");
     Response.End();
 }