#!/usr/bin/perl -T
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
use 5.10.1;
use strict;
use warnings;
use lib qw(. lib);
use Bugzilla;
use Bugzilla::Constants;
use Bugzilla::Util;
use Bugzilla::Error;
use Bugzilla::Field;
use Bugzilla::Search;
use Bugzilla::Report;
use Bugzilla::Token;
use List::MoreUtils qw(uniq);
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template;
my $vars = {};
# Go straight back to query.cgi if we are adding a boolean chart.
if (grep(/^cmd-/, $cgi->param())) {
my $params = $cgi->canonicalise_query("format", "ctype");
my $location
= "query.cgi?format="
. $cgi->param('query_format')
. ($params ? "&$params" : "");
print $cgi->redirect($location);
exit;
}
Bugzilla->login();
my $action = $cgi->param('action') || 'menu';
my $token = $cgi->param('token');
if ($action eq "menu") {
# No need to do any searching in this case, so bail out early.
print $cgi->header();
$template->process("reports/menu.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
}
elsif ($action eq 'add') {
my $user = Bugzilla->login(LOGIN_REQUIRED);
check_hash_token($token, ['save_report']);
my $name = clean_text($cgi->param('name'));
my $query = $cgi->param('query');
if (my ($report) = grep { lc($_->name) eq lc($name) } @{$user->reports}) {
$report->set_query($query);
$report->update;
$vars->{'message'} = "report_updated";
}
else {
my $report = Bugzilla::Report->create({name => $name, query => $query});
$vars->{'message'} = "report_created";
}
$user->flush_reports_cache;
print $cgi->header();
$vars->{'reportname'} = $name;
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
}
elsif ($action eq 'del') {
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $report_id = $cgi->param('saved_report_id');
check_hash_token($token, ['delete_report', $report_id]);
my $report = Bugzilla::Report->check({id => $report_id});
$report->remove_from_db();
$user->flush_reports_cache;
print $cgi->header();
$vars->{'message'} = 'report_deleted';
$vars->{'reportname'} = $report->name;
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
}
# Sanitize the URL, to make URLs shorter.
$cgi->clean_search_url;
my $col_field = $cgi->param('x_axis_field') || '';
my $row_field = $cgi->param('y_axis_field') || '';
my $tbl_field = $cgi->param('z_axis_field') || '';
if (!($col_field || $row_field || $tbl_field)) {
ThrowUserError("no_axes_defined");
}
# There is no UI for these parameters anymore,
# but they are still here just in case.
my $width = $cgi->param('width') || 1024;
my $height = $cgi->param('height') || 600;
(detaint_natural($width) && $width > 0) || ThrowUserError("invalid_dimensions");
$width <= 2000 || ThrowUserError("chart_too_large");
(detaint_natural($height) && $height > 0)
|| ThrowUserError("invalid_dimensions");
$height <= 2000 || ThrowUserError("chart_too_large");
my $formatparam = $cgi->param('format') || '';
# These shenanigans are necessary to make sure that both vertical and
# horizontal 1D tables convert to the correct dimension when you ask to
# display them as some sort of chart.
if ($formatparam eq "table") {
if ($col_field && !$row_field) {
# 1D *tables* should be displayed vertically (with a row_field only)
$row_field = $col_field;
$col_field = '';
}
}
else {
if (!Bugzilla->feature('graphical_reports')) {
ThrowUserError('feature_disabled', {feature => 'graphical_reports'});
}
if ($row_field && !$col_field) {
# 1D *charts* should be displayed horizontally (with an col_field only)
$col_field = $row_field;
$row_field = '';
}
}
# Valid bug fields that can be reported on.
my $valid_columns = Bugzilla::Search::REPORT_COLUMNS;
# Validate the values in the axis fields or throw an error.
!$row_field
|| ($valid_columns->{$row_field} && trick_taint($row_field))
|| ThrowUserError("report_axis_invalid", {fld => "x", val => $row_field});
!$col_field
|| ($valid_columns->{$col_field} && trick_taint($col_field))
|| ThrowUserError("report_axis_invalid", {fld => "y", val => $col_field});
!$tbl_field
|| ($valid_columns->{$tbl_field} && trick_taint($tbl_field))
|| ThrowUserError("report_axis_invalid", {fld => "z", val => $tbl_field});
my @axis_fields = grep {$_} ($row_field, $col_field, $tbl_field);
# Clone the params, so that Bugzilla::Search can modify them
my $params = new Bugzilla::CGI($cgi);
my $search = new Bugzilla::Search(
fields => \@axis_fields,
params => scalar $params->Vars,
allow_unlimited => 1,
);
$::SIG{TERM} = 'DEFAULT';
$::SIG{PIPE} = 'DEFAULT';
Bugzilla->switch_to_shadow_db();
my ($results, $extra_data) = $search->data;
# We have a hash of hashes for the data itself, and a hash to hold the
# row/col/table names.
my %data;
my %names;
# Read the bug data and count the bugs for each possible value of row, column
# and table.
#
# We detect a numerical field, and sort appropriately, if all the values are
# numeric.
my $col_isnumeric = 1;
my $row_isnumeric = 1;
my $tbl_isnumeric = 1;
# define which fields are multiselect
my @multi_selects
= map { $_->name }
@{Bugzilla->fields({
obsolete => 0, type => [FIELD_TYPE_MULTI_SELECT, FIELD_TYPE_KEYWORDS]
})};
my $col_ismultiselect = scalar grep { $col_field eq $_ } @multi_selects;
my $row_ismultiselect = scalar grep { $row_field eq $_ } @multi_selects;
my $tbl_ismultiselect = scalar grep { $tbl_field eq $_ } @multi_selects;
foreach my $result (@$results) {
# handle empty dimension member names
my @rows = check_value($row_field, $result, $row_ismultiselect);
my @cols = check_value($col_field, $result, $col_ismultiselect);
my @tbls = check_value($tbl_field, $result, $tbl_ismultiselect);
my %in_total_row;
my %in_total_col;
for my $tbl (@tbls) {
my %in_row_total;
for my $col (@cols) {
for my $row (@rows) {
$data{$tbl}{$col}{$row}++;
$names{"row"}{$row}++;
$row_isnumeric &&= ($row =~ /^-?\d+(\.\d+)?$/o);
if ($formatparam eq "table") {
if (!$in_row_total{$row}) {
$data{$tbl}{'-total-'}{$row}++;
$in_row_total{$row} = 1;
}
if (!$in_total_row{$row}) {
$data{'-total-'}{'-total-'}{$row}++;
$in_total_row{$row} = 1;
}
}
}
if ($formatparam eq "table") {
$data{$tbl}{$col}{'-total-'}++;
if (!$in_total_col{$col}) {
$data{'-total-'}{$col}{'-total-'}++;
$in_total_col{$col} = 1;
}
}
$names{"col"}{$col}++;
$col_isnumeric &&= ($col =~ /^-?\d+(\.\d+)?$/o);
}
$names{"tbl"}{$tbl}++;
$tbl_isnumeric &&= ($tbl =~ /^-?\d+(\.\d+)?$/o);
if ($formatparam eq "table") {
$data{$tbl}{'-total-'}{'-total-'}++;
}
}
if ($formatparam eq "table") {
$data{'-total-'}{'-total-'}{'-total-'}++;
}
}
my @col_names = get_names($names{"col"}, $col_isnumeric, $col_field);
my @row_names = get_names($names{"row"}, $row_isnumeric, $row_field);
my @tbl_names = get_names($names{"tbl"}, $tbl_isnumeric, $tbl_field);
# The GD::Graph package requires a particular format of data, so once we've
# gathered everything into the hashes and made sure we know the size of the
# data, we reformat it into an array of arrays of arrays of data.
push(@tbl_names, "-total-") if (scalar(@tbl_names) > 1);
my @image_data;
foreach my $tbl (@tbl_names) {
my @tbl_data;
push(@tbl_data, \@col_names);
foreach my $row (@row_names) {
my @col_data;
foreach my $col (@col_names) {
$data{$tbl}{$col}{$row} = $data{$tbl}{$col}{$row} || 0;
push(@col_data, $data{$tbl}{$col}{$row});
if ($tbl ne "-total-") {
# This is a bit sneaky. We spend every loop except the last
# building up the -total- data, and then last time round,
# we process it as another tbl, and push() the total values
# into the image_data array.
$data{"-total-"}{$col}{$row} += $data{$tbl}{$col}{$row};
}
}
push(@tbl_data, \@col_data);
}
unshift(@image_data, \@tbl_data);
}
$vars->{'col_field'} = $col_field;
$vars->{'row_field'} = $row_field;
$vars->{'tbl_field'} = $tbl_field;
$vars->{'time'} = localtime(time());
$vars->{'col_names'} = \@col_names;
$vars->{'row_names'} = \@row_names;
$vars->{'tbl_names'} = \@tbl_names;
$vars->{'note_multi_select'} = $row_ismultiselect || $col_ismultiselect;
# Below a certain width, we don't see any bars, so there needs to be a minimum.
if ($formatparam eq "bar") {
my $min_width = (scalar(@col_names) || 1) * 20;
if (!$cgi->param('cumulate')) {
$min_width *= (scalar(@row_names) || 1);
}
$vars->{'min_width'} = $min_width;
}
$vars->{'width'} = $width;
$vars->{'height'} = $height;
$vars->{'queries'} = $extra_data;
$vars->{'saved_report_id'} = $cgi->param('saved_report_id');
if ( $cgi->param('debug')
&& Bugzilla->params->{debug_group}
&& Bugzilla->user->in_group(Bugzilla->params->{debug_group}))
{
$vars->{'debug'} = 1;
}
if ($action eq "wrap") {
# So which template are we using? If action is "wrap", we will be using
# no format (it gets passed through to be the format of the actual data),
# and either report.csv.tmpl (CSV), or report.html.tmpl (everything else).
# report.html.tmpl produces an HTML framework for either tables of HTML
# data, or images generated by calling report.cgi again with action as
# "plot".
$formatparam =~ s/[^a-zA-Z\-]//g;
$vars->{'format'} = $formatparam;
$formatparam = '';
# We need to keep track of the defined restrictions on each of the
# axes, because buglistbase, below, throws them away. Without this, we
# get buglistlinks wrong if there is a restriction on an axis field.
$vars->{'col_vals'} = get_field_restrictions($col_field);
$vars->{'row_vals'} = get_field_restrictions($row_field);
$vars->{'tbl_vals'} = get_field_restrictions($tbl_field);
# We need a number of different variants of the base URL for different
# URLs in the HTML.
$vars->{'buglistbase'} = $cgi->canonicalise_query(
"x_axis_field", "y_axis_field", "z_axis_field", "ctype",
"format", "query_format", @axis_fields
);
$vars->{'imagebase'}
= $cgi->canonicalise_query($tbl_field, "action", "ctype", "format", "width",
"height");
$vars->{'switchbase'}
= $cgi->canonicalise_query("query_format", "action", "ctype", "format",
"width", "height");
$vars->{'data'} = \%data;
}
elsif ($action eq "plot") {
# If action is "plot", we will be using a format as normal (pie, bar etc.)
# and a ctype as normal (currently only png.)
$vars->{'cumulate'} = $cgi->param('cumulate') ? 1 : 0;
$vars->{'x_labels_vertical'} = $cgi->param('x_labels_vertical') ? 1 : 0;
$vars->{'data'} = \@image_data;
}
else {
ThrowUserError('unknown_action', {action => $action});
}
my $format = $template->get_format("reports/report", $formatparam,
scalar($cgi->param('ctype')));
# If we get a template or CGI error, it comes out as HTML, which isn't valid
# PNG data, and the browser just displays a "corrupt PNG" message. So, you can
# set debug=1 to always get an HTML content-type, and view the error.
$format->{'ctype'} = "text/html" if $cgi->param('debug');
$cgi->set_dated_content_disp("inline", "report", $format->{extension});
print $cgi->header($format->{'ctype'});
# Problems with this CGI are often due to malformed data. Setting debug=1
# prints out both data structures.
if ($cgi->param('debug')) {
require Data::Dumper;
say "<pre>data hash:";
say html_quote(Data::Dumper::Dumper(%data));
say "\ndata array:";
say html_quote(Data::Dumper::Dumper(@image_data)) . "\n\n</pre>";
}
# All formats point to the same section of the documentation.
$vars->{'doc_section'} = 'using/reports-and-charts.html#reports';
disable_utf8() if ($format->{'ctype'} =~ /^image\//);
$template->process("$format->{'template'}", $vars)
|| ThrowTemplateError($template->error());
sub get_names {
my ($names, $isnumeric, $field_name) = @_;
my ($field, @sorted);
# XXX - This is a hack to handle the actual_time/work_time field,
# because it's named 'actual_time' in Search.pm but 'work_time' in Field.pm.
$_[2] = $field_name = 'work_time' if $field_name eq 'actual_time';
# _realname fields aren't real Bugzilla::Field objects, but they are a
# valid axis, so we don't vailidate them as Bugzilla::Field objects.
$field = Bugzilla::Field->check($field_name)
if ($field_name && $field_name !~ /_realname$/);
if ($field && $field->is_select) {
foreach my $value (@{$field->legal_values}) {
push(@sorted, $value->name) if $names->{$value->name};
}
unshift(@sorted, '---')
if ($field_name eq 'resolution' || $field->type == FIELD_TYPE_MULTI_SELECT);
@sorted = uniq @sorted;
}
elsif ($isnumeric) {
# It's not a field we are preserving the order of, so sort it
# numerically...
@sorted = sort { $a <=> $b } keys %$names;
}
else {
# ...or alphabetically, as appropriate.
@sorted = sort keys %$names;
}
return @sorted;
}
sub check_value {
my ($field, $result, $ismultiselect) = @_;
my $value;
if (!defined $field) {
$value = '';
}
elsif ($field eq '') {
$value = ' ';
}
else {
$value = shift @$result;
$value = ' ' if (!defined $value || $value eq '');
$value = '---' if (($field eq 'resolution' || $ismultiselect) && $value eq ' ');
}
if ($ismultiselect) {
# Some DB servers have a space after the comma, some others don't.
return split(/, ?/, $value);
}
else {
return ($value);
}
}
sub get_field_restrictions {
my $field = shift;
my $cgi = Bugzilla->cgi;
return join('&',
map { url_quote($field) . '=' . url_quote($_) } $cgi->param($field));
}