Roundup Tracker - Issues

Message2148

Author rouilj
Recipients
Date 2006-02-11.17:59:47
Message-id
In-reply-to 
Logged In: YES 
user_id=707416

I can confirm this in the 1.1.0 release demo tracker.

To reproduce:
   start up demo tracker.
   log in as admin/admin
   click on search
   enter q1 in the query name box, hit return
   see q1 in the your queries area.
   click on search
   enter q2 in the query name box, hit return
   do not see q2 in the your queries area
   do not see query in query edit window.

Also David, when submitting patches it is better to use uni-diff
format (-u flag) or context diff (-c flag) since these
include the
filenames and enough info for patch to be able to
automatically apply
the diff even if the line numbers are different (say to an
updated
verion of the file).

Also you should attach the patch if possible because
sourceforge's
text box reformats and screws up the patches.

From the info in the patch I can't find the location for
your patch to
apply in 1.1.0 cgi/actions.py, however I do see a bug:

starting at line 183 (reindented):

else:
  # edit the new way, query name not a key any more
  # see if we match an existing private query
  uid = self.db.getuid()
  qids = self.db.query.filter(None, {'name': old_queryname,
	  'private_for': uid})
  if not qids:
      # ok, so there's not a private query for the current user
      # - see if there's one created by them
      qids = self.db.query.filter(None, {'name': old_queryname,
	  'creator': uid})

  if qids:  # line 195
      # edit query - make sure we get an exact match on the name
      for qid in qids:
	  if old_queryname != self.db.query.get(qid, 'name'):
	      continue
	  if not self.hasPermission('Edit', 'query', itemid=qid):
	      raise exceptions.Unauthorised, self._(
	      "You do not have permission to edit queries")
	  self.db.query.set(qid, klass=self.classname,
	      url=url, name=queryname)
       [what happens if there are private/public queries but
no exact match?]
  else:
      # create a query
      if not self.hasPermission('Create', 'query'):
	  raise exceptions.Unauthorised, self._(
	      "You do not have permission to store queries")
      qid = self.db.query.create(name=queryname,
	  klass=self.classname, url=url, private_for=uid)

Where my comment is seems to be a problem. The way around it
would be
to set a handled flag in the "for qid" loop (line 197) if an
exact
match happened and then create the query if the flag is not set.

-- rouilj
History
Date User Action Args
2009-02-03 14:21:37adminlinkissue1429368 messages
2009-02-03 14:21:37admincreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020