This module integrates Drupal Webforms with Redmine Backend. Users have option to map the various fields on Webforms to that fields in Redmine Issues. Currently only Redmine Issues can be created. Further Integrations will be looked into once the code is made more generic.

Features of this module

  1. It plays well with existing Webforms.
  2. Users can change the mapping for fields. ie they can decide which field on webform has to be mapped to which field on Redmine
  3. You can use multiple Webforms to submit tickets to the Redmine BackEnd
  4. There is an option to enable or disable the submission of form to Redmine in the Webform settings page
  5. You can select default project, in which issues could be created


Project page:
https://www.drupal.org/sandbox/sriharshauppuluri/2744545
Git url: git clone --branch 7.x-1.x https://git.drupal.org/sandbox/sriharsha.uppuluri/2744545.git webform_redmine_integration
PAreview: http://pareview.sh/pareview/httpsgitdrupalorgsandboxsriharshauppuluri274...

Comments

sriharsha.uppuluri created an issue. See original summary.

PA robot’s picture

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

gisle’s picture

Category: Feature request » Task
Status: Active » Needs review

To get people to review your application, you need to set its state to "Needs review". Please see project applicaton workflow.

ashwinsh’s picture

Hello sriharsha.uppuluri,

My findings for your module as follows:

webform_redmine.module

Line 33: Menu item titles and descriptions should NOT be enclosed within t().
'description' => t('Select a Redmine project.'),
Please check : https://www.drupal.org/node/140311

Line 257: Control statements should have one space between the control keyword and opening parenthesis
if(isset($token)){

Line 257: use a space between the closing parenthesis and the open bracket
if(isset($token)){

Line 258: Functions should be called with no spaces between the function name and opening parentheses
$uploads['upload'] = array (

Line 260: String concatenation should be formatted with a space separating the operators (dot .) and the surrounding terms
'filename' => 'fmuser_'.$user->uid.'_on_'.time().'.json',

Line 285: String concatenation should be formatted with a space separating the operators (dot .) and the surrounding terms
$request_url = $rm_base_url.$rm_endpoint;

Line 291: Control statements should have one space between the control keyword and opening parenthesis
if($response->status_message != 'Created') {

Line 297: The $message argument to drupal_set_message() should be enclosed within t() so that it is translatable.
drupal_set_message('Thanks for your feedback, an issue has been created.', 'status');

Line 311: use a space between the closing parenthesis and the open bracket
function webform_redmine_issue_attach($file_contents){

Line 327: String concatenation should be formatted with a space separating the operators (dot .) and the surrounding terms
$request_url = $rm_base_url.$rm_endpoint;

Line 333: Control statements should have one space between the control keyword and opening parenthesis
if(isset($response->error) && $response->error != 'Created') {

Line 345: Control statements should have one space between the control keyword and opening parenthesis
if(isset($results->upload->token)){

Line 345: use a space between the closing parenthesis and the open bracket
if(isset($results->upload->token)){

webform_redmine.admin.inc

Line 76: use a space between the closing parenthesis and the open bracket
function webform_redmine_admin_rmapi_config_submit($form, &$form_state){

Line 89: use a space between the closing parenthesis and the open bracket
function webform_redmine_rmproject_select($form, &$form_state){

Line 92: Control statements should have one space between the control keyword and opening parenthesis
if(!isset($rmkey_check)){

Line 92: use a space between the closing parenthesis and the open bracket
if(!isset($rmkey_check)){

Line 96: The $text argument to l() should be enclosed within t() so that it is translatable.
'#markup' => t('Configure your !apisettings first.', array('!apisettings' => l('Redmine API settings', 'admin/config/services/webform_redmine'))),

Line 104: Control statements should have one space between the control keyword and opening parenthesis
if(isset($rmuid)){

Line 104: use a space between the closing parenthesis and the open bracket
if(isset($rmuid)){

Line 116: Control statements should have one space between the control keyword and opening parenthesis
if(!isset($projects)){

Line 116: use a space between the closing parenthesis and the open bracket
if(!isset($projects)){

Line 118: The $text argument to l() should be enclosed within t() so that it is translatable.
$args = array('!apisettings' => l('Redmine API settings', 'admin/config/services/webform_redmine'), '!recentlogs' => l('recent log entries', 'admin/reports/dblog'));

Line 145: use a space between the closing parenthesis and the open bracket

function webform_redmine_rmproject_select_submit($form, &$form_state){

Line 157: use a space between the closing parenthesis and the open bracket
function webform_redmine_rmuid(){

Line 163: Control statements should have one space between the control keyword and opening parenthesis
if(!isset($rm_api_key)){

Line 163: use a space between the closing parenthesis and the open bracket
if(!isset($rm_api_key)){

Line 178: String concatenation should be formatted with a space separating the operators (dot .) and the surrounding terms
$request_url = $rm_base_url.$rm_endpoint;

Line 184: Control statements should have one space between the control keyword and opening parenthesis
if($response->status_message == 'OK') {

Line 202: use a space between the closing parenthesis and the open bracket
function webform_redmine_getrmprojects(){

Line 208: Control statements should have one space between the control keyword and opening parenthesis
if(!isset($rm_api_key)){

Line 208: use a space between the closing parenthesis and the open bracket
if(!isset($rm_api_key)){

Line 226: String concatenation should be formatted with a space separating the operators (dot .) and the surrounding terms
$request_url = $rm_base_url.$rm_endpoint.'?'.drupal_http_build_query($rm_options);

Line 232: Control statements should have one space between the control keyword and opening parenthesis

if($response->status_message == 'OK') {

Line 235: Control statements should have one space between the control keyword and opening parenthesis
if(count($results->projects) < 1){

Line 235: use a space between the closing parenthesis and the open bracket
if(count($results->projects) < 1){

Line 247: Control statements should have one space between the control keyword and opening parenthesis
foreach($results->projects as $key => $project){

Line 247: use a space between the closing parenthesis and the open bracket
foreach($results->projects as $key => $project){

Thank you,

sriharsha.uppuluri’s picture

Hello ashwin.shaharkar,

Thanks for reviewing, I have made the changes and committed.

David Fiaty’s picture

Status: Needs review » Needs work

Hello ashwin.shaharkar,

It looks like your code has been through pareview.sh, which is a very good thing.
There are a couple of things that should maybe be modified:

1. In webform_redmine.install line 28 there is a mysql table field definition called 'status', which is a reserved word in MySQL.
It could generate issues when using your module. You should rename this field and update any code that calls the field.

2. In webform_redmine.install line 34 there is a mysql table field definition called 'value', which is a reserved word in MySQL.
It could generate issues when using your module. You should rename this field and update any code that calls the field.

Thank you.

sriharsha.uppuluri’s picture

Status: Needs work » Needs review

Thanks, for reviewing. Changes are commited

gokulnk’s picture

Status: Needs review » Reviewed & tested by the community

Looks ok to me. If there are no more concerns, I think we can mark it as RTBC.

sriharsha.uppuluri’s picture

Issue summary: View changes
sriharsha.uppuluri’s picture

Priority: Normal » Major
misc’s picture

Status: Reviewed & tested by the community » Needs work

Renewed the automatic review, and there are are some issues that you should take care of before a new manual review

http://pareview.sh/pareview/httpsgitdrupalorgsandboxsriharshauppuluri274...

visabhishek’s picture

Issue summary: View changes
visabhishek’s picture

Hi Harsha,

I think you have to retest all validations, because i am getting errors while i am trying to use.
Without setting APIs keys if i am trying to access mapping urls then i am getting error. Please see the screenshot.

Some more suggestions are :
Use t() for #value and #title.

  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => 'Next',
  );
   $form['notice'] = array(
      '#type' => 'item',
      '#title' => 'NOTICE',
      '#markup' => t('Configure your !apisettings first.', array('!apisettings' => l('Redmine API settings', 'admin/config/services/webform_redmine'))),
    );
sriharsha.uppuluri’s picture

I think pa-review has been updated. Updated the code accordingly. Thanks for the feedback @visabhishek.

sriharsha.uppuluri’s picture

Status: Needs work » Needs review
visabhishek’s picture

Status: Needs review » Needs work
StatusFileSize
new49.05 KB

Hi Harsha,

Some more points :

    $form['submit'] = array(
      '#type' => 'submit',
      '#value' => 'Finish',
    );

AS

    $form['submit'] = array(
      '#type' => 'submit',
      '#value' => t('Finish'),
    );

Please remove all variables in hook_uninstall()

variable_get('webform_redmine_rmurl', NULL);
variable_get('webform_redmine_rmapikey', NULL);
variable_get('webform_redmine_rmuid', NULL);
variable_get('webform_redmine_rmprojectid', NULL);

And i am getting following error , Please see screenshot.

sriharsha.uppuluri’s picture

Thanks for the feedback. Fixed the error message.

sriharsha.uppuluri’s picture

Status: Needs work » Needs review
visabhishek’s picture

Priority: Major » Normal
Status: Needs review » Reviewed & tested by the community

Hi Harsha,

Now module is lookes good and working for me. I dont think we have any blocker point, So marking as RTBC.

sriharsha.uppuluri’s picture

Priority: Normal » Major
klausi’s picture

Assigned: Unassigned » visabhishek
Priority: Major » Normal
Status: Reviewed & tested by the community » Needs work
Issue tags: -PAreview: review bonus +PAreview: security

Review of the 7.x-1.x branch (commit ad62dad):

  • Coder Sniffer has found some issues with your code (please check the Drupal coding standards).
    FILE: /home/klausi/pareview_temp/webform_redmine.module
    ----------------------------------------------------------------------
    FOUND 1 ERROR AFFECTING 1 LINE
    ----------------------------------------------------------------------
     207 | ERROR | Type hint "array" missing for $data
    ----------------------------------------------------------------------
    
  • No automated test cases were found, did you consider writing Simpletests or PHPUnit tests? This is not a requirement but encouraged for professional software development.

This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.

manual review:

  1. permission "administer redmine form": where is that permission defined? Did you forget to implement hook_permission()? That is not a security issue because the module will simply be only usable to user 1 on a Drupal site.
  2. There is a security issue in this project and as part of our git admin training I'm assigning this to visabhishek so that he can take look. If he does not find anything I'm going to post the vulnerability details in one week. And please don't remove the security tag, we keep that for statistics and to show examples of security problems.

Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.

visabhishek’s picture

Assigned: visabhishek » Unassigned

Thanks klausi for this assignment.

My Findings are :


1: Please use % or @ instead of ! placeholder.
The placeholders (e.g. '%data' or '@data') are passed as plain-text and will be escaped when inserted into the translatable string. You can disable this escaping by using placeholders of the form '!data' but only if you are sure that the string is safe.

Examples are :

$msg = t("Unable to create a new Redmine ticket.<br><br><strong>Data:</strong><br>!data<br><strong>Request URL:</strong><br>!request<br><strong>Headers:</strong><br>!headers");
    $vars = array(
      '!data' => $options['data'],
      '!request' => $request_url,
      '!headers' => print_r($options['headers'], 1),
    );
    watchdog('webform_redmine', $msg, $vars);

In webform_redmine_getrmprojects()

$msg = t('Recieved a bad response while attempting to retrieve Redmine projects.<br><strong>Response as JSON:</strong><br>!response');
    $vars = array('!response' => json_encode($response));
    watchdog('webform_redmine', $msg, $vars);



2: URLs must be checked with check_url()
Examples are :

in webform_redmine_api_call();

curl_setopt($ch, CURLOPT_URL, $redmine_url . '/api/v2/' . $command);

In webform_redmine_rmuid();

 $request_url = $rm_base_url . $rm_endpoint;

  // Get response.
  $response = drupal_http_request($request_url, $options);

IN webform_redmine_getrmprojects()

  $request_url = $rm_base_url . $rm_endpoint . '?' . drupal_http_build_query($rm_options);

  // Get response.
  $response = drupal_http_request($request_url, $options);

Please let me know if i missed anything.
Thanks
Abhishek

klausi’s picture

@visabhishek: your point 1) is correct.

point 2 is not correct: you should use check_url() only when printing something to HTML. drupal_http_request() is performing a request to a different site, but does not print anything to your HTML output. Same for curl_set_opt().

sriharsha.uppuluri’s picture

Thanks for the review @visabhishek and @klausi will fix the issues.

PA robot’s picture

Status: Needs work » Closed (won't fix)

Closing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).

I'm a robot and this is an automated message from Project Applications Scraper.

sriharsha.uppuluri’s picture

Fixed the security issues.

sriharsha.uppuluri’s picture

Status: Closed (won't fix) » Needs review
poojasharmaece’s picture

Status: Needs review » Reviewed & tested by the community

Modules Looks good and working fine, Marking as RTBC.

visabhishek’s picture

Status: Reviewed & tested by the community » Fixed

Review of the 7.x-1.x branch (commit 72ea4ae):

No automated test cases were found, did you consider writing Simpletests or PHPUnit tests? This is not a requirement but encouraged for professional software development.

This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.

Please update your readme file as https://www.drupal.org/node/2181737 otherwise all looks good for me.

Thanks for your contribution, sriharsha.uppuluri!

I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.

Here are some recommended readings to help with excellent maintainership:

You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!

Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

Thanks to the dedicated reviewer(s) as well.

visabhishek’s picture

Assigning credits.

sriharsha.uppuluri’s picture

Thanks for the feedback and approving my project. @klausi @visabhishek

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.