Changeset 3724
- Timestamp:
- 05/27/08 16:56:37 (8 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
peerreviewplugin/branches/2.1-toddler/codereview/dbBackend.py
r3708 r3724 14 14 from codereview.ReviewFilesStruct import * 15 15 from codereview.ReviewCommentStruct import * 16 from codereview.dbEscape import dbEscape17 16 import string 18 17 … … 36 35 def getMyCodeReviews(self, user): 37 36 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Author = '%s' ORDER BY DateCreate" % (user) 38 #query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Author= '" + dbEscape(user) + "' ORDER BY DateCreate"39 37 return self.execCodeReviewQuery(query, False) 40 38 … … 42 40 def getCodeReviews(self, user): 43 41 query = "SELECT cr.IDReview, cr.Author, cr.Status, cr.DateCreate, cr.Name, cr.Notes FROM CodeReviews cr, Reviewers r WHERE r.IDReview = cr.IDReview AND r.Reviewer = '%s' ORDER BY cr.DateCreate" % (user) 44 #query = "SELECT CodeReviews.IDReview, CodeReviews.Author, CodeReviews.Status, CodeReviews.DateCreate, CodeReviews.Name, CodeReviews.Notes FROM CodeReviews, Reviewers WHERE Reviewers.IDReview = CodeReviews.IDReview AND Reviewer = '" + dbEscape(user) + "' ORDER BY CodeReviews.DateCreate"45 42 return self.execCodeReviewQuery(query, False) 46 43 … … 48 45 def getCodeReviewsByStatus(self, status): 49 46 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Status = '%s' ORDER BY DateCreate" % (status) 50 #query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE Status= '" + dbEscape(status) + "'ORDER BY DateCreate"51 47 return self.execCodeReviewQuery(query, False) 52 48 … … 54 50 def getVotesByID(self, type, id): 55 51 query = "SELECT Count(Reviewer) FROM Reviewers WHERE IDReview = '%s' AND Vote = '%s'" % (id, type) 56 #query = "SELECT Count(Reviewer) FROM Reviewers WHERE IDReview = '" + dbEscape(id) +"' AND Vote = '" + dbEscape(type) + "'"57 52 cursor = self.db.cursor() 58 53 cursor.execute(query) … … 65 60 def getCodeReviewsByID(self, id): 66 61 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE IDReview = '%s'" % (id) 67 #query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE IDReview= '" + dbEscape(id) + "'"68 62 return self.execCodeReviewQuery(query, True) 69 63 … … 71 65 #names given in the 'name' string 72 66 def searchCodeReviewsByName(self, name): 73 queryPart = self.createORLoop( dbEscape(name), "Name")67 queryPart = self.createORLoop(name, "Name") 74 68 if len(queryPart) == 0: 75 69 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews" 76 70 else: 77 71 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE %s" % (queryPart) 78 #query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE " + dbEscape(query)79 72 return self.execCodeReviewQuery(query, True) 80 73 … … 83 76 def searchCodeReviews(self, crStruct): 84 77 query = "SELECT IDReview, Author, Status, DateCreate, Name, Notes FROM CodeReviews WHERE " 85 queryPart = self.createORLoop( dbEscape(crStruct.Name), "Name")78 queryPart = self.createORLoop(crStruct.Name, "Name") 86 79 if len(queryPart) != 0: 87 query = query + "(%s) AND " % queryPart88 query = query + "Author LIKE '%%s%' AND Status LIKE '%%s%' AND DateCreate >= '%s'" % crStruct.Author, crStruct.Status, crStruct.DateCreate80 query = query + "(%s) AND " % (queryPart) 81 query = query + "Author LIKE '%%s%' AND Status LIKE '%%s%' AND DateCreate >= '%s'" % (crStruct.Author, crStruct.Status, crStruct.DateCreate) 89 82 return self.execCodeReviewQuery(query, False) 90 83 91 84 #Returns an array of all the reviewers for a code review 92 85 def getReviewers(self, id): 93 query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = %s" % (id) 94 #query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '" + dbEscape(id) + "'" 86 query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '%s'" % (id) 95 87 return self.execReviewerQuery(query, False) 96 88 … … 98 90 def getReviewerEntry(self, id, name): 99 91 query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '%s' AND Reviewer = '%s'" % (id, name) 100 #query = "SELECT IDReview, Reviewer, Status, Vote FROM Reviewers WHERE IDReview = '" + dbEscape(id) + "' AND Reviewer = '" + dbEscape(name) + "'"101 92 return self.execReviewerQuery(query, True) 102 93 103 94 #Returns an array of the files associated with the given review id 104 95 def getReviewFiles(self, id): 105 query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDReview = %s" % (id) 106 #query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDReview = '" + dbEscape(id) + "'" 96 query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDReview = '%s'" % (id) 107 97 return self.execReviewFileQuery(query, False) 108 98 109 99 #Returns the requested review file 110 100 def getReviewFile(self, id): 111 query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDFile = %s" % (id) 112 #query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDFile = '" + dbEscape(id) + "'" 101 query = "SELECT IDFile, IDReview, Path, LineStart, LineEnd, Version FROM ReviewFiles WHERE IDFile = '%s'" % (id) 113 102 return self.execReviewFileQuery(query, True) 114 103 115 104 #Returns the requested comment 116 105 def getCommentByID(self, id): 117 query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDComment = %s" % (id) 118 #query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDComment = '" + dbEscape(id) + "'" 106 query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDComment = '%s'" % (id) 119 107 return self.execReviewCommentQuery(query, True) 120 108 121 109 #Returns an array of comments for the given file 122 110 def getCommentsByFileID(self, id): 123 query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = %s ORDER BY DateCreate" % (id) 124 #query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' ORDER BY DateCreate" 111 query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '%s' ORDER BY DateCreate" % (id) 125 112 return self.execReviewCommentQuery(query, False) 126 113 … … 128 115 def getCommentsByFileIDAndLine(self, id, line): 129 116 query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '%s' AND LineNum = '%s' ORDER BY DateCreate" % (id, line) 130 #query = "SELECT IDComment, IDFile, IDParent, LineNum, Author, Text, AttachmentPath, DateCreate FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' AND LineNum = '" + dbEscape(line) + "' ORDER BY DateCreate"131 117 return self.execReviewCommentQuery(query, False) 132 118 … … 148 134 #Sets the "Threshold" to the given value 149 135 def setThreshold(self, val): 150 query = "UPDATE system SET value = ' " + val + "' WHERE name = 'CodeReviewVoteThreshold'"136 query = "UPDATE system SET value = '%s' WHERE name = 'CodeReviewVoteThreshold'" % (val) 151 137 cursor = self.db.cursor() 152 138 cursor.execute(query) … … 156 142 #for the given file id. 157 143 def getCommentDictForFile(self, id): 158 #query = "SELECT LineNum, Count(IDComment) FROM ReviewComments WHERE IDFile = '" + dbEscape(id) + "' GROUP BY LineNum"159 144 query = "SELECT LineNum, Count(IDComment) FROM ReviewComments WHERE IDFile = '%s' GROUP BY LineNum" % (id) 160 145 cursor = self.db.cursor()
