Show
Ignore:
Timestamp:
06/03/08 15:13:09 (6 months ago)
Author:
proofek
Message:

Merging changes to dbBackend.py from 3763 to 3770 from 0.11 branch

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • peerreviewplugin/trunk/codereview/dbBackend.py

    r717 r3771  
    1414from codereview.ReviewFilesStruct import * 
    1515from codereview.ReviewCommentStruct import * 
    16 from codereview.dbEscape import dbEscape 
    1716import string 
    1817 
     
    3029            if len(newStr) != 0: 
    3130                newStr = newStr + "OR " 
    32             newStr = newStr + colName + " LIKE '%" + str + "%' " 
     31            newStr = newStr + colName + " LIKE '%s%s%s' " % ('%', str, '%') 
    3332        return newStr 
    3433 
    3534    #Returns an array of all the code reviews whose author is the given user 
    3635    def getMyCodeReviews(self, user): 
    37         query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Author= '" + dbEscape(user) + "' ORDER BY DateCreate" 
     36        query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Author = '%s' ORDER BY DateCreate" % (user) 
    3837        return self.execCodeReviewQuery(query, False) 
    3938 
    4039    #Returns an array of all the code reviews who have the given user assigned to them as a reviewer 
    4140    def getCodeReviews(self, user): 
    42         query = "SELECT CodeReviews.IDReview, CodeReviews.Author, CodeReviews.Status, CodeReviews.DateCreate, CodeReviews.Name, CodeReviews.Notes FROM CodeReviews, Reviewers WHERE Reviewers.IDReview = CodeReviews.IDReview AND Reviewer = '" + dbEscape(user) + "' ORDER BY CodeReviews.DateCreate" 
     41        query = "SELECT cr.IDReview, cr.Author, cr.Status, cr.DateCreate, cr.Name, cr.Notes FROM CodeReviews cr, Reviewers r WHERE r.IDReview = cr.IDReview AND r.Reviewer = '%s' ORDER BY cr.DateCreate" % (user) 
    4342        return self.execCodeReviewQuery(query, False) 
    4443 
    4544    #Returns an array of all the code reviews with the given status 
    4645    def getCodeReviewsByStatus(self, status): 
    47         query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Status= '" + dbEscape(status) + "'ORDER BY DateCreate" 
     46        query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Status = '%s' ORDER BY DateCreate" % (status) 
    4847        return self.execCodeReviewQuery(query, False) 
    4948 
    5049    #Returns the number of votes of type 'type' for the given code review 
    5150    def getVotesByID(self, type, id): 
    52         query = "SELECT Count(Reviewer) FROM Reviewers WHERE IDReview = '" + dbEscape(id) +"' AND Vote = '" + dbEscape(type) + "'" 
     51        query = "SELECT Count(Reviewer) FROM Reviewers WHERE IDReview = '%s' AND Vote = '%s'" % (id, type) 
    5352        cursor = self.db.cursor() 
    5453        cursor.execute(query) 
     
    6059    #Returns the code review requested by ID 
    6160    def getCodeReviewsByID(self, id): 
    62         query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE IDReview= '" + dbEscape(id) + "'" 
     61        query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE IDReview = '%s'" % (id) 
    6362        return self.execCodeReviewQuery(query, True) 
    6463 
     
    6665    #names given in the 'name' string 
    6766    def searchCodeReviewsByName(self, name): 
    68         query = self.createORLoop(dbEscape(name), "Name") 
     67        queryPart = self.createORLoop(name, "Name") 
    6968        if len(queryPart) == 0: 
    7069            query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews" 
    7170        else: 
    72             query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE " + dbEscape(query
     71            query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE %s" % (queryPart
    7372        return self.execCodeReviewQuery(query, True) 
    7473 
     
    7776    def searchCodeReviews(self, crStruct): 
    7877        query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE " 
    79         queryPart = self.createORLoop(dbEscape(crStruct.Name), "Name") 
     78        queryPart = self.createORLoop(crStruct.Name, "Name") 
    8079        if len(queryPart) != 0: 
    81             query = query + "(" + queryPart + ") AND " 
    82         query = query + "Author LIKE '%" + dbEscape(crStruct.Author) + "%' AND Status LIKE '%" + dbEscape(crStruct.Status) + "%' AND DateCreate >= '" + crStruct.DateCreate + "'" 
     80            query = query + "(%s) AND " % (queryPart) 
     81        query = query + "Author LIKE '%s%s%s' AND Status LIKE '%s%s%s' AND DateCreate >= '%s'" % ('%', crStruct.Author, '%', '%', crStruct.Status, '%', crStruct.DateCreate) 
    8382        return self.execCodeReviewQuery(query, False) 
    8483 
    8584    #Returns an array of all the reviewers for a code review 
    8685    def getReviewers(self, id): 
    87         query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '" + dbEscape(id) + "'" 
     86        query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '%s'" % (id) 
    8887        return self.execReviewerQuery(query, False) 
    8988 
    9089    #Returns a specific reviewer entry for the given code review and name 
    9190    def getReviewerEntry(self, id, name): 
    92         query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '" + dbEscape(id) + "' AND Reviewer = '" + dbEscape(name) + "'" 
     91        query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '%s' AND Reviewer = '%s'" % (id, name) 
    9392        return self.execReviewerQuery(query, True) 
    9493 
    9594    #Returns an array of the files associated with the given review id 
    9695    def getReviewFiles(self, id): 
    97         query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDReview = '" + dbEscape(id) + "'" 
     96        query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDReview = '%s'" % (id) 
    9897        return self.execReviewFileQuery(query, False) 
    9998 
    10099    #Returns the requested review file 
    101100    def getReviewFile(self, id): 
    102         query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDFile = '" + dbEscape(id) + "'" 
    103        return self.execReviewFileQuery(query, True) 
     101        query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDFile = '%s'" % (id) 
     102        return self.execReviewFileQuery(query, True) 
    104103 
    105104    #Returns the requested comment 
    106105    def getCommentByID(self, id): 
    107         query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDComment = '" + dbEscape(id) + "'" 
     106        query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDComment = '%s'" % (id) 
    108107        return self.execReviewCommentQuery(query, True) 
    109108 
    110109    #Returns an array of comments for the given file 
    111110    def getCommentsByFileID(self, id): 
    112         query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' ORDER BY DateCreate" 
     111        query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '%s' ORDER BY DateCreate" % (id) 
    113112        return self.execReviewCommentQuery(query, False) 
    114113 
    115114    #Returns all the comments for the given file on the given line 
    116115    def getCommentsByFileIDAndLine(self, id, line): 
    117         query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' AND LineNum = '" + dbEscape(line) + "' ORDER BY DateCreate" 
     116        query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '%s' AND LineNum = '%s' ORDER BY DateCreate" % (id, line) 
    118117        return self.execReviewCommentQuery(query, False) 
    119118 
     
    135134    #Sets the "Threshold" to the given value 
    136135    def setThreshold(self, val): 
    137         query = "UPDATE system SET value = '" + val + "' WHERE name = 'CodeReviewVoteThreshold'" 
     136        query = "UPDATE system SET value = '%s' WHERE name = 'CodeReviewVoteThreshold'" % (val) 
    138137        cursor = self.db.cursor() 
    139138        cursor.execute(query) 
     
    143142    #for the given file id. 
    144143    def getCommentDictForFile(self, id): 
    145         query = "SELECT LineNum, Count(IDComment) FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' GROUP BY LineNum" 
     144        query = "SELECT LineNum, Count(IDComment) FROM ReviewComments WHERE IDFile = '%s' GROUP BY LineNum" % (id) 
    146145        cursor = self.db.cursor() 
    147146        cursor.execute(query) 
     
    157156    def getPossibleUsers(self): 
    158157        cursor = self.db.cursor() 
    159         cursor.execute("SELECT DISTINCT username FROM permission WHERE action = 'CODE_REVIEW_DEV' OR action = 'CODE_REVIEW_MGR'") 
     158        cursor.execute("SELECT DISTINCT p1.username as username FROM permission p1 left join permission p2 on p1.action = p2.username WHERE p1.action = 'CODE_REVIEW_DEV' OR p2.action = 'CODE_REVIEW_DEV' OR p1.action = 'CODE_REVIEW_MGR' OR p2.action = 'CODE_REVIEW_MGR'") 
    160159        rows = cursor.fetchall() 
    161160        if not rows: