queries.aspx

Bug管理系统

<%@ Page language="C#"%>
<!--
Copyright 2002-2005 Corey Trager
Distributed under the terms of the GNU General Public License
-->
<!-- #include file = "inc.aspx" -->

<script language="C#" runat="server">

DataSet ds;
DbUtil dbutil;
Security security;

void Page_Load(Object sender, EventArgs e)
{

	Util.do_not_cache(Response);
	dbutil = new DbUtil();
	security = new Security();

	if (Util.get_setting("AllowQueryPageForNonAdmins", "1") == "1")
	{
		security.check_security(dbutil, Request, Response, Security.ANY_USER_OK);
	}
	else
	{
		security.check_security(dbutil, Request, Response, Security.MUST_BE_ADMIN);
	}

	title.InnerText = Util.get_setting("AppTitle","BugTracker.NET") + " - " 
		+ "queries";

	string sql;
		

	if (security.this_is_admin)
	{
		// allow admin to edit all queries
		
		sql =  @"select
			qu_id [id],
			qu_desc [query],
			case when isnull(us_username,'') = '' then 'public' else us_username end [visibility],
			qu_sql [sql],
			case when qu_default = 1 then 'Y' else 'N' end [default<br>bugs query],
			'<a href=bugs.aspx?qu_id=' + convert(varchar,qu_id) + '>view bugs</a>' [view bugs],
			'<a target=_blank href=print_bugs.aspx?qu_id=' + convert(varchar,qu_id) + '>print bug list</a>' [print bug list],
			'<a target=_blank href=print_bugs.aspx?format=excel&qu_id=' + convert(varchar,qu_id) + '>export as excel</a>' [export as excel],
			'<a target=_blank href=print_bugs2.aspx?qu_id=' + convert(varchar,qu_id) + '>print bug detail</a>' [print bug detail],
			'<a href=edit_query.aspx?id=' + convert(varchar,qu_id) + '>edit</a>' [edit],
			'<a href=delete_query.aspx?id=' + convert(varchar,qu_id) + '>delete</a>' [delete]
			from queries
			left outer join users on qu_user = us_id
			where isnull(qu_user,0) = $us
			or isnull(qu_user,0) = 0
			order by qu_desc";
	}
	else if (Util.get_setting("AllowQueryEditingForNonAdmins", "0") == "1" && !security.this_is_guest)
	{
		// allow editing for users own queries
		
		sql =  @"select
			qu_id [id],
			qu_desc [query],
			case when isnull(us_username,'') = '' then 'public' else us_username end [visibility],
			qu_sql [sql],
			case when qu_default = 1 then 'Y' else 'N' end [default<br>bugs query],
			'<a href=bugs.aspx?qu_id=' + convert(varchar,qu_id) + '>view bugs</a>' [view bugs],
			'<a target=_blank href=print_bugs.aspx?qu_id=' + convert(varchar,qu_id) + '>print bug list</a>' [print bug list],
			'<a target=_blank href=print_bugs.aspx?format=excel&qu_id=' + convert(varchar,qu_id) + '>export as excel</a>' [export as excel],
			'<a target=_blank href=print_bugs2.aspx?qu_id=' + convert(varchar,qu_id) + '>print bug detail</a>' [print bug detail],
			case when isnull(qu_user,0) = $us then
				'<a href=edit_query.aspx?id=' + convert(varchar,qu_id) + '>edit</a>'
				else '&nbsp;' end [edit],
			case when isnull(qu_user,0) = $us then
				'<a href=delete_query.aspx?id=' + convert(varchar,qu_id) + '>delete</a>' 
				else '&nbsp;' end	[delete]
			from queries
			left outer join users on qu_user = us_id
			where isnull(qu_user,0) = $us
			or isnull(qu_user,0) = 0
			order by qu_desc";
	}
	else
	{
		// don't allow editing
		
		sql =  @"select
			qu_id [id],
			qu_desc [query],
			case when isnull(us_username,'') = '' then 'public' else us_username end [visibility],
			qu_sql [sql],
			case when qu_default = 1 then 'Y' else 'N' end [default<br>bugs query],
			'<a href=bugs.aspx?qu_id=' + convert(varchar,qu_id) + '>view bugs</a>' [view bugs],
			'<a target=_blank href=print_bugs.aspx?format=html&qu_id=' + convert(varchar,qu_id) + '>print bug list</a>' [print bug list],
			'<a target=_blank href=print_bugs.aspx?format=excel&qu_id=' + convert(varchar,qu_id) + '>export as excel</a>' [export as excel],
			'<a target=_blank href=print_bugs2.aspx?qu_id=' + convert(varchar,qu_id) + '>print bug detail</a>' [print bug detail]
			from queries 
			left outer join users on qu_user = us_id
			where isnull(qu_user,0) = $us
			or isnull(qu_user,0) = 0
			order by qu_desc";
	}

	if (Util.get_setting("HideSql", "0") == "1")
	{
		sql = sql.Replace("qu_sql [sql],","");
	}
	sql = sql.Replace("$us",Convert.ToString(security.this_usid));
	ds = dbutil.get_dataset(sql);

}

void Page_Unload(Object sender, EventArgs e)
{
	if (dbutil != null) {dbutil.close();}
}


</script>

<html>
<head>
<title id="title" runat="server">btnet queries</title>
<link rel="StyleSheet" href="btnet.css" type="text/css">
<script type="text/javascript" language="JavaScript" src="sortable.js"></script>
</head>

<body>
<% security.write_menu(Response, "queries"); %>

<div class=align>

<% 
if (Util.get_setting("AllowQueryEditingForNonAdmins", "0") == "1"
|| security.this_is_admin)
{
%>

<a href=edit_query.aspx>add new query</a>

<% 
} 
%>
</p>

<%


if (ds.Tables[0].Rows.Count > 0)
{
	SortableHtmlTable.create_from_dataset(
		Response, ds, "", "", false);
}
else
{
	Response.Write ("No queries in the database.");
}

%>
</body>
</div>
</html>