示例#1
0
/**
 * Update a note
 *
 * @param string   $p_username The name of the user trying to add a note to an issue.
 * @param string   $p_password The password of the user.
 * @param stdClass $p_note     The note to update.
 * @return true on success, false on failure
 */
function mc_issue_note_update($p_username, $p_password, stdClass $p_note)
{
    global $g_project_override;
    $t_user_id = mci_check_login($p_username, $p_password);
    if ($t_user_id === false) {
        return mci_soap_fault_login_failed();
    }
    $p_note = SoapObjectsFactory::unwrapObject($p_note);
    if (!isset($p_note['id']) || is_blank($p_note['id'])) {
        return SoapObjectsFactory::newSoapFault('Client', 'Issue note id must not be blank.');
    }
    if (!isset($p_note['text']) || is_blank($p_note['text'])) {
        return SoapObjectsFactory::newSoapFault('Client', 'Issue note text must not be blank.');
    }
    $t_issue_note_id = $p_note['id'];
    if (!bugnote_exists($t_issue_note_id)) {
        return SoapObjectsFactory::newSoapFault('Client', 'Issue note \'' . $t_issue_note_id . '\' does not exist.');
    }
    $t_issue_id = bugnote_get_field($t_issue_note_id, 'bug_id');
    $t_project_id = bug_get_field($t_issue_id, 'project_id');
    $g_project_override = $t_project_id;
    if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    $t_issue_author_id = bugnote_get_field($t_issue_note_id, 'reporter_id');
    # Check if the user owns the bugnote and is allowed to update their own bugnotes
    # regardless of the update_bugnote_threshold level.
    $t_user_owns_the_bugnote = bugnote_is_user_reporter($t_issue_note_id, $t_user_id);
    $t_user_can_update_own_bugnote = config_get('bugnote_user_edit_threshold', null, $t_user_id, $t_project_id);
    if ($t_user_owns_the_bugnote && !$t_user_can_update_own_bugnote) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    # Check if the user has an access level beyond update_bugnote_threshold for the
    # project containing the bugnote to update.
    $t_update_bugnote_threshold = config_get('update_bugnote_threshold', null, $t_user_id, $t_project_id);
    if (!$t_user_owns_the_bugnote && !access_has_bugnote_level($t_update_bugnote_threshold, $t_issue_note_id, $t_user_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    # Check if the bug is readonly
    if (bug_is_readonly($t_issue_id)) {
        return mci_soap_fault_access_denied($t_user_id, 'Issue \'' . $t_issue_id . '\' is readonly');
    }
    if (isset($p_note['view_state'])) {
        $t_view_state = $p_note['view_state'];
        $t_view_state_id = mci_get_enum_id_from_objectref('view_state', $t_view_state);
        bugnote_set_view_state($t_issue_note_id, $t_view_state_id == VS_PRIVATE);
    }
    log_event(LOG_WEBSERVICE, 'updating bugnote id \'' . $t_issue_note_id . '\'');
    bugnote_set_text($t_issue_note_id, $p_note['text']);
    return bugnote_date_update($t_issue_note_id);
}
示例#2
0
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('print_api.php');
require_api('string_api.php');
form_security_validate('bugnote_set_view_state');
$f_bugnote_id = gpc_get_int('bugnote_id');
$f_private = gpc_get_bool('private');
$t_bug_id = bugnote_get_field($f_bugnote_id, 'bug_id');
$t_bug = bug_get($t_bug_id, true);
if ($t_bug->project_id != helper_get_current_project()) {
    # in case the current project is not the same project of the bug we are viewing...
    # ... override the current project. This to avoid problems with categories and handlers lists etc.
    $g_project_override = $t_bug->project_id;
}
# Check if the bug is readonly
if (bug_is_readonly($t_bug_id)) {
    error_parameters($t_bug_id);
    trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
# Check if the current user is allowed to change the view state of this bugnote
$t_user_id = bugnote_get_field($f_bugnote_id, 'reporter_id');
if ($t_user_id == auth_get_current_user_id()) {
    access_ensure_bugnote_level(config_get('bugnote_user_change_view_state_threshold'), $f_bugnote_id);
} else {
    access_ensure_bugnote_level(config_get('update_bugnote_threshold'), $f_bugnote_id);
    access_ensure_bugnote_level(config_get('change_view_status_threshold'), $f_bugnote_id);
}
bugnote_set_view_state($f_bugnote_id, $f_private);
form_security_purge('bugnote_set_view_state');
print_successful_redirect(string_get_bug_view_url($t_bug_id) . '#bugnotes');
示例#3
0
/**
 * Update a note
 *
 * @param string $p_username  The name of the user trying to add a note to an issue.
 * param string $p_password  The password of the user.
 * @param IssueNoteData $p_note  The note to update.
 * @return true on success, false on failure
 */
function mc_issue_note_update( $p_username, $p_password, $p_note ) {
    $t_user_id = mci_check_login( $p_username, $p_password );
    
    if( $t_user_id === false ) {
        return mci_soap_fault_login_failed();
    }

    if ( !isset( $p_note['id'] ) || is_blank( $p_note['id'] ) ) {
        return new soap_fault( 'Client', '', "Issue id must not be blank." );
    }
    
    if ( !isset( $p_note['text'] ) || is_blank( $p_note['text'] ) ) {
        return new soap_fault( 'Client', '', "Issue note text must not be blank." );
    }
    
    $t_issue_note_id = $p_note['id'];

    if( !bugnote_exists( $t_issue_note_id ) ) {
        return new soap_fault( 'Server', '', "Issue note '$t_issue_note_id' does not exist." );
    }
    
	$t_issue_id = bugnote_get_field( $t_issue_note_id, 'bug_id' );
	
	$t_project_id = bug_get_field( $t_issue_id, 'project_id' );

    if( !mci_has_readwrite_access( $t_user_id, $t_project_id ) ) {
        return mci_soap_fault_access_denied( $t_user_id );
    }

    if( !access_has_bug_level( config_get( 'add_bugnote_threshold' ), $t_issue_id, $t_user_id ) ) {
        return mci_soap_fault_access_denied( $t_user_id, "You do not have access rights to add notes to this issue" );
    }

    if( bug_is_readonly( $t_issue_id ) ) {
        return mci_soap_fault_access_denied( $t_user_id, "Issue ' . $t_issue_id . ' is readonly" );
    }

    if( isset( $p_note['view_state'] )) {
        $t_view_state = $p_note['view_state'];
        $t_view_state_id = mci_get_enum_id_from_objectref( 'view_state', $t_view_state );
        bugnote_set_view_state( $t_issue_note_id, $t_view_state_id );
    }

    bugnote_set_text( $t_issue_note_id, $p_note['text'] );

    return bugnote_date_update( $t_issue_note_id );
}
示例#4
0
 public function put($request)
 {
     /**
      * 	Updates the note.
      *
      * 	Only the text and view state of the note can be altered.
      *
      *      @param $request - The request we're responding to
      */
     $this->note_id = Bugnote::get_mantis_id_from_url($request->url);
     if (!bugnote_exists($this->note_id)) {
         throw new HTTPException(404, "No such bug note: {$this->note_id}");
     }
     # Check if the current user is allowed to edit the bugnote
     # (This comes from Mantis's bugnote_update.php)
     $user_id = auth_get_current_user_id();
     $reporter_id = bugnote_get_field($this->note_id, 'reporter_id');
     $bug_id = bugnote_get_field($this->note_id, 'bug_id');
     if ($user_id != $reporter_id || OFF == config_get('bugnote_allow_user_edit_delete')) {
         if (!access_has_bugnote_level(config_get('update_bugnote_threshold'), $this->note_id)) {
             throw new HTTPException(403, "Access denied");
         }
     }
     if (bug_is_readonly($bug_id)) {
         throw new HTTPException(500, "Can't edit a note on a read-only bug");
     }
     $this->populate_from_repr($request->body);
     bugnote_set_view_state($this->note_id, !!$this->_get_rsrc_attr('private'));
     bugnote_set_text($this->note_id, $this->_get_mantis_attr('note'));
     $resp = new Response();
     $resp->status = 204;
     return $resp;
 }
示例#5
0
/**
 * Update Issue in database
 *
 * Created By KGB
 * @param string $p_username The name of the user trying to add the issue.
 * @param string $p_password The password of the user.
 * @param Array $p_issue A IssueData structure containing information about the new issue.
 * @return integer The id of the created issue.
 */
function mc_issue_update($p_username, $p_password, $p_issue_id, $p_issue)
{
    $t_user_id = mci_check_login($p_username, $p_password);
    if ($t_user_id === false) {
        return mci_soap_fault_login_failed();
    }
    if (!bug_exists($p_issue_id)) {
        return new soap_fault('Client', '', "Issue '{$p_issue_id}' does not exist.");
    }
    $t_project_id = bug_get_field($p_issue_id, 'project_id');
    if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    $t_project_id = mci_get_project_id($p_issue['project']);
    $t_handler_id = isset($p_issue['handler']) ? mci_get_user_id($p_issue['handler']) : 0;
    $t_priority_id = isset($p_issue['priority']) ? mci_get_priority_id($p_issue['priority']) : config_get('default_bug_priority');
    $t_severity_id = isset($p_issue['severity']) ? mci_get_severity_id($p_issue['severity']) : config_get('default_bug_severity');
    $t_status_id = isset($p_issue['status']) ? mci_get_status_id($p_issue['status']) : config_get('bug_submit_status');
    $t_reproducibility_id = isset($p_issue['reproducibility']) ? mci_get_reproducibility_id($p_issue['reproducibility']) : config_get('default_bug_reproducibility');
    $t_resolution_id = isset($p_issue['resolution']) ? mci_get_resolution_id($p_issue['resolution']) : config_get('default_bug_resolution');
    $t_projection_id = isset($p_issue['projection']) ? mci_get_projection_id($p_issue['projection']) : config_get('default_bug_resolution');
    $t_eta_id = isset($p_issue['eta']) ? mci_get_eta_id($p_issue['eta']) : config_get('default_bug_eta');
    $t_view_state_id = isset($p_issue['view_state']) ? mci_get_view_state_id($p_issue['view_state']) : config_get('default_bug_view_status');
    $t_reporter_id = isset($p_issue['reporter']) ? mci_get_user_id($p_issue['reporter']) : 0;
    $t_project = $p_issue['project'];
    $t_summary = isset($p_issue['summary']) ? $p_issue['summary'] : '';
    $t_description = isset($p_issue['description']) ? $p_issue['description'] : '';
    $t_additional_information = isset($p_issue['additional_information']) ? $p_issue['additional_information'] : '';
    $t_steps_to_reproduce = isset($p_issue['steps_to_reproduce']) ? $p_issue['steps_to_reproduce'] : '';
    $t_build = isset($p_issue['build']) ? $p_issue['build'] : '';
    $t_platform = isset($p_issue['platform']) ? $p_issue['platform'] : '';
    $t_os = isset($p_issue['os']) ? $p_issue['os'] : '';
    $t_os_build = isset($p_issue['os_build']) ? $p_issue['os_build'] : '';
    $t_sponsorship_total = isset($p_issue['sponsorship_total']) ? $p_issue['sponsorship_total'] : 0;
    if ($t_reporter_id == 0) {
        $t_reporter_id = $t_user_id;
    }
    if ($t_project_id == 0 || !project_exists($t_project_id)) {
        if ($t_project_id == 0) {
            return new soap_fault('Client', '', "Project '" . $t_project['name'] . "' does not exist.");
        }
        return new soap_fault('Client', '', "Project '{$t_project_id}' does not exist.");
    }
    if (!access_has_bug_level(config_get('update_bug_threshold'), $p_issue_id, $t_user_id)) {
        return mci_soap_fault_access_denied($t_user_id, "Not enough rights to update issues");
    }
    if ($t_handler_id != 0 && !user_exists($t_handler_id)) {
        return new soap_fault('Client', '', "User '{$t_handler_id}' does not exist.");
    }
    $t_category = isset($p_issue['category']) ? $p_issue['category'] : null;
    $t_category_id = translate_category_name_to_id($t_category, $t_project_id);
    if ($t_category_id == 0 && !config_get('allow_no_category')) {
        if (isset($p_issue['category']) && !is_blank($p_issue['category'])) {
            return new soap_fault('Client', '', "Category field must be supplied.");
        } else {
            return new soap_fault('Client', '', "Category '" . $p_issue['category'] . "' not found for project '{$t_project_name}'.");
        }
    }
    if (isset($p_issue['version']) && !is_blank($p_issue['version']) && !version_get_id($p_issue['version'], $t_project_id)) {
        $t_error_when_version_not_found = config_get('mc_error_when_version_not_found');
        if ($t_error_when_version_not_found == ON) {
            $t_project_name = project_get_name($t_project_id);
            return new soap_fault('Client', '', "Version '" . $p_issue['version'] . "' does not exist in project '{$t_project_name}'.");
        } else {
            $t_version_when_not_found = config_get('mc_version_when_not_found');
            $p_issue['version'] = $t_version_when_not_found;
        }
    }
    if (is_blank($t_summary)) {
        return new soap_fault('Client', '', "Mandatory field 'summary' is missing.");
    }
    if (is_blank($t_description)) {
        return new soap_fault('Client', '', "Mandatory field 'description' is missing.");
    }
    if ($t_priority_id == 0) {
        $t_priority_id = config_get('default_bug_priority');
    }
    if ($t_severity_id == 0) {
        $t_severity_id = config_get('default_bug_severity');
    }
    if ($t_view_state_id == 0) {
        $t_view_state_id = config_get('default_bug_view_status');
    }
    if ($t_reproducibility_id == 0) {
        $t_reproducibility_id = config_get('default_bug_reproducibility');
    }
    $t_bug_data = new BugData();
    $t_bug_data->id = $p_issue_id;
    $t_bug_data->project_id = $t_project_id;
    $t_bug_data->reporter_id = $t_reporter_id;
    $t_bug_data->handler_id = $t_handler_id;
    $t_bug_data->priority = $t_priority_id;
    $t_bug_data->severity = $t_severity_id;
    $t_bug_data->reproducibility = $t_reproducibility_id;
    $t_bug_data->status = $t_status_id;
    $t_bug_data->resolution = $t_resolution_id;
    $t_bug_data->projection = $t_projection_id;
    $t_bug_data->category_id = $t_category_id;
    $t_bug_data->date_submitted = isset($v_date_submitted) ? $v_date_submitted : '';
    $t_bug_data->last_updated = isset($v_last_updated) ? $v_last_updated : '';
    $t_bug_data->eta = $t_eta_id;
    $t_bug_data->os = $t_os;
    $t_bug_data->os_build = $t_os_build;
    $t_bug_data->platform = $t_platform;
    $t_bug_data->version = isset($p_issue['version']) ? $p_issue['version'] : '';
    $t_bug_data->fixed_in_version = isset($p_issue['fixed_in_version']) ? $p_issue['fixed_in_version'] : '';
    $t_bug_data->build = $t_build;
    $t_bug_data->view_state = $t_view_state_id;
    $t_bug_data->summary = $t_summary;
    $t_bug_data->sponsorship_total = $t_sponsorship_total;
    if (isset($p_issue['due_date']) && access_has_global_level(config_get('due_date_update_threshold'))) {
        $t_bug_data->due_date = mci_iso8601_to_timestamp($p_issue['due_date']);
    } else {
        $t_bug_data->due_date = date_get_null();
    }
    if (access_has_project_level(config_get('roadmap_update_threshold'), $t_bug_data->project_id, $t_user_id)) {
        $t_bug_data->target_version = isset($p_issue['target_version']) ? $p_issue['target_version'] : '';
    }
    # omitted:
    # var $bug_text_id
    # $t_bug_data->profile_id;
    # extended info
    $t_bug_data->description = $t_description;
    $t_bug_data->steps_to_reproduce = isset($t_steps_to_reproduce) ? $t_steps_to_reproduce : '';
    $t_bug_data->additional_information = isset($t_additional_information) ? $t_additional_information : '';
    # submit the issue
    $t_is_success = $t_bug_data->update(true, true);
    mci_issue_set_custom_fields($p_issue_id, $p_issue['custom_fields'], true);
    if (isset($p_issue['notes']) && is_array($p_issue['notes'])) {
        foreach ($p_issue['notes'] as $t_note) {
            if (isset($t_note['view_state'])) {
                $t_view_state = $t_note['view_state'];
            } else {
                $t_view_state = config_get('default_bugnote_view_status');
            }
            if (isset($t_note['id']) && (int) $t_note['id'] > 0) {
                $t_bugnote_id = (int) $t_note['id'];
                if (bugnote_exists($t_bugnote_id)) {
                    bugnote_set_text($t_bugnote_id, $t_note['text']);
                    bugnote_set_view_state($t_bugnote_id, $t_view_state_id == VS_PRIVATE);
                    bugnote_date_update($t_bugnote_id);
                    if (isset($t_note['time_tracking'])) {
                        bugnote_set_time_tracking($t_bugnote_id, mci_get_time_tracking_from_note($p_issue_id, $t_note));
                    }
                }
            } else {
                $t_view_state_id = mci_get_enum_id_from_objectref('view_state', $t_view_state);
                bugnote_add($p_issue_id, $t_note['text'], mci_get_time_tracking_from_note($p_issue_id, $t_note), $t_view_state_id == VS_PRIVATE, BUGNOTE, '', $t_user_id, FALSE);
            }
        }
    }
    return $t_is_success;
}
/**
 * Update a note
 *
 * @param string $p_username  The name of the user trying to add a note to an issue.
 * param string $p_password  The password of the user.
 * @param IssueNoteData $p_note  The note to update.
 * @return true on success, false on failure
 */
function mc_issue_note_update($p_username, $p_password, $p_note)
{
    $t_user_id = mci_check_login($p_username, $p_password);
    if ($t_user_id === false) {
        return mci_soap_fault_login_failed();
    }
    if (!isset($p_note['id']) || is_blank($p_note['id'])) {
        return new soap_fault('Client', '', "Issue note id must not be blank.");
    }
    if (!isset($p_note['text']) || is_blank($p_note['text'])) {
        return new soap_fault('Client', '', "Issue note text must not be blank.");
    }
    $t_issue_note_id = $p_note['id'];
    if (!bugnote_exists($t_issue_note_id)) {
        return new soap_fault('Server', '', "Issue note '{$t_issue_note_id}' does not exist.");
    }
    $t_issue_id = bugnote_get_field($t_issue_note_id, 'bug_id');
    $t_project_id = bug_get_field($t_issue_id, 'project_id');
    if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    $t_issue_author_id = bugnote_get_field($t_issue_note_id, 'reporter_id');
    # Check if the user owns the bugnote and is allowed to update their own bugnotes
    # regardless of the update_bugnote_threshold level.
    $t_user_owns_the_bugnote = bugnote_is_user_reporter($t_issue_note_id, $t_user_id);
    $t_user_can_update_own_bugnote = config_get('bugnote_allow_user_edit_delete', null, $t_user_id, $t_project_id);
    if ($t_user_owns_the_bugnote && !$t_user_can_update_own_bugnote) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    # Check if the user has an access level beyond update_bugnote_threshold for the
    # project containing the bugnote to update.
    $t_update_bugnote_threshold = config_get('update_bugnote_threshold', null, $t_user_id, $t_project_id);
    if (!$t_user_owns_the_bugnote && !access_has_bugnote_level($t_update_bugnote_threshold, $t_issue_note_id, $t_user_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    # Check if the bug is readonly
    if (bug_is_readonly($t_issue_id)) {
        return mci_soap_fault_access_denied($t_user_id, "Issue ' . {$t_issue_id} . ' is readonly");
    }
    if (isset($p_note['view_state'])) {
        $t_view_state = $p_note['view_state'];
        $t_view_state_id = mci_get_enum_id_from_objectref('view_state', $t_view_state);
        bugnote_set_view_state($t_issue_note_id, $t_view_state_id);
    }
    bugnote_set_text($t_issue_note_id, $p_note['text']);
    return bugnote_date_update($t_issue_note_id);
}