| Version 9 (modified by , 8 years ago) ( diff ) |
|---|
Trac Ticket Queries
Table of Contents
In addition to reports, Trac provides support for custom ticket queries, which can be used to display tickets that meet specified criteria.
To configure and execute a custom query, switch to the View Tickets module from the navigation bar, and select the Custom Query link.
Filters
When you first go to the query page, the default filter will display tickets relevant to you:
- If logged in then all open tickets, it will display open tickets assigned to you.
- If not logged in but you have specified a name or email address in the preferences, then it will display all open tickets where your email (or name if email not defined) is in the CC list.
- If not logged in and no name/email is defined in the preferences, then all open issues are displayed.
Current filters can be removed by clicking the button to the left with the minus sign on the label. New filters are added from the pulldown lists at the bottom corners of the filters box; 'And' conditions on the left, 'Or' conditions on the right. Filters with either a text box or a pulldown menu of options can be added multiple times to perform an Or on the criteria.
You can use the fields just below the filters box to group the results based on a field, or display the full description for each ticket.
After you have edited your filters, click the Update button to refresh your results.
Some shortcuts can be used to manipulate checkbox filters.
- Clicking on a filter row label toggles all checkboxes.
- Pressing the modifier key while clicking on a filter row label inverts the state of all checkboxes.
- Pressing the modifier key while clicking on a checkbox selects the checkbox and deselects all other checkboxes in the filter.
The modifier key is platform and browser dependent. On Mac the modified key is Option/Alt or Command. On Linux the modifier key is Ctrl + Alt. Opera on Windows seems to use Ctrl + Alt, while Alt is effective for other Windows browsers.
Navigating Tickets
Clicking on one of the query results will take you to that ticket. You can navigate through the results by clicking the Next Ticket or Previous Ticket links just below the main menu bar, or click the Back to Query link to return to the query page.
You can safely edit any of the tickets and continue to navigate through the results using the Next/Previous/Back to Query links after saving your results. When you return to the query any tickets which were edited will be displayed with italicized text. If one of the tickets was edited such that it no longer matches the query criteria , the text will also be greyed. Lastly, if a new ticket matching the query criteria has been created, it will be shown in bold.
The query results can be refreshed and cleared of these status indicators by clicking the Update button again.
Saving Queries
Trac allows you to save the query as a named query accessible from the reports module. To save a query ensure that you have Updated the view and then click the Save query button displayed beneath the results. You can also save references to queries in Wiki content, as described below.
Note: one way to easily build queries like the ones below, you can build and test the queries in the Custom report module and when ready - click Save query. This will build the query string for you. All you need to do is remove the extra line breaks.
Note: you must have the REPORT_CREATE permission in order to save queries to the list of default reports. The Save query button will only appear if you are logged in as a user that has been granted this permission. If your account does not have permission to create reports, you can still use the methods below to save a query.
Using TracLinks
You may want to save some queries so that you can come back to them later. You can do this by making a link to the query from any Wiki page.
[query:status=new|assigned|reopened&version=1.0 Active tickets against 1.0]
Which is displayed as:
This uses a very simple query language to specify the criteria, see Query Language.
Alternatively, you can copy the query string of a query and paste that into the Wiki link, including the leading ? character:
[query:?status=new&status=assigned&status=reopened&group=owner Assigned tickets by owner]
Which is displayed as:
Customizing the table format
You can also customize the columns displayed in the table format (format=table) by using col=<field>. You can specify multiple fields and what order they are displayed in by placing pipes (|) between the columns:
[[TicketQuery(max=3,status=closed,order=id,desc=1,format=table,col=resolution|summary|owner|reporter)]]
This is displayed as:
Results (1 - 3 of 34369)
Full rows
In table format you can also have full rows by using rows=<field>:
[[TicketQuery(max=3,status=closed,order=id,desc=1,format=table,col=resolution|summary|owner|reporter,rows=description)]]
This is displayed as:
Results (1 - 3 of 34369)
| Ticket | Resolution | Summary | Owner | Reporter |
|---|---|---|---|---|
| #36209 | duplicate | Add HttpResponse subclasses for No Content and Created | ||
| Description |
Django has HttpResponse subclasses for many status codes. Although you can use the generic HttpResponse and provide it with a status code, the subclasses provide for more readable code: it's more clear to write HttpResponseRedirect() or HttpResponsePermanentRedirect() than to use HttpResponse with a 301 or 302 status code, because that requires you to 'know' which status code is which. However for the RESTful HTTP response codes 201 Created and 204 No Content there are no HttpResponse subclasses. It would be helpful to people writing RESTful HTTP APIs to have HttpResponse subclasses for these codes. This patch adds HttpResponseCreated and HttpResponseNoContent subclasses. I've targeted Django 6 because 5.2 is closed for new features. |
|||
| #36206 | invalid | Issues in the Existing SecurityMiddleware Code 1. Incorrect use of response.setdefault() instead of response.headers.setdefault() 2. In the process_request() method, HTTPS redirection is done While this works, %-formatting is less readable and slightly less performant than modern alternatives like f-strings 3. Preventing Overwriting of Existing Headers | ||
| Description |
Issue: In the original code, the Cross-Origin-Opener-Policy (COOP) header is set using: response.setdefault("Cross-Origin-Opener-Policy", self.cross_origin_opener_policy) This is incorrect because:
Suggested Modification: Replace: response.setdefault("Cross-Origin-Opener-Policy", self.cross_origin_opener_policy) With: response.headers.setdefault("Cross-Origin-Opener-Policy", self.cross_origin_opener_policy)
Issue: In the process_request() method, HTTPS redirection is done using: return HttpResponsePermanentRedirect( "https://%s%s" % (host, request.get_full_path()) ) While this works, %-formatting is less readable and slightly less performant than modern alternatives like f-strings. Suggested Modification: Change: return HttpResponsePermanentRedirect( "https://%s%s" % (host, request.get_full_path()) ) To: return HttpResponsePermanentRedirect(f"https://{host}{request.get_full_path()}")
Issue: The original code unconditionally sets security headers like: response.headers["Strict-Transport-Security"] = sts_header response.headers["X-Content-Type-Options"] = "nosniff" is could Override existing security policies set by other middleware or custom responses & Prevent flexibility in modifying security headers dynamically. Suggested Modification:
Use response.headers.setdefault("Strict-Transport-Security", sts_header) response.headers.setdefault("X-Content-Type-Options", "nosniff") Suggested Code: import re from django.conf import settings from django.http import HttpResponsePermanentRedirect from django.utils.deprecation import MiddlewareMixin class SecurityMiddleware(MiddlewareMixin): def __init__(self, get_response): super().__init__(get_response) self.sts_seconds = settings.SECURE_HSTS_SECONDS self.sts_include_subdomains = settings.SECURE_HSTS_INCLUDE_SUBDOMAINS self.sts_preload = settings.SECURE_HSTS_PRELOAD self.content_type_nosniff = settings.SECURE_CONTENT_TYPE_NOSNIFF self.redirect = settings.SECURE_SSL_REDIRECT self.redirect_host = settings.SECURE_SSL_HOST self.redirect_exempt = [re.compile(r) for r in settings.SECURE_REDIRECT_EXEMPT] self.referrer_policy = settings.SECURE_REFERRER_POLICY self.cross_origin_opener_policy = settings.SECURE_CROSS_ORIGIN_OPENER_POLICY def process_request(self, request): path = request.path.lstrip("/") if ( self.redirect and not request.is_secure() and not any(pattern.search(path) for pattern in self.redirect_exempt) ): host = self.redirect_host or request.get_host() return HttpResponsePermanentRedirect(f"https://{host}{request.get_full_path()}") def process_response(self, request, response): if ( self.sts_seconds and request.is_secure() and "Strict-Transport-Security" not in response.headers ): sts_header = f"max-age={self.sts_seconds}" if self.sts_include_subdomains: sts_header += "; includeSubDomains" if self.sts_preload: sts_header += "; preload" response.headers.setdefault("Strict-Transport-Security", sts_header) if self.content_type_nosniff: response.headers.setdefault("X-Content-Type-Options", "nosniff") if self.referrer_policy: # Support a comma-separated string or iterable of values to allow fallback. response.headers.setdefault( "Referrer-Policy", ",".join( [v.strip() for v in self.referrer_policy.split(",")] if isinstance(self.referrer_policy, str) else self.referrer_policy ), ) if self.cross_origin_opener_policy: response.headers.setdefault( "Cross-Origin-Opener-Policy", self.cross_origin_opener_policy, ) return response |
|||
| #36205 | duplicate | Date format issue in Django 5.1.6 | ||
| Description |
In Django 5.1.6, when setting USE_L10N = False and DATETIME_FORMAT = 'Y-m-d H:i:s', the expectation is that DateTimeField in the Admin interface displays as '2024-04-15 23:33:00'. However, it displays as 'April 15, 2024, 11:33 p.m.' (default en-us format). This worked correctly in previous versions (e.g., 5.0.x or 4.x). Steps to reproduce:
Expected behavior: Displays '2024-04-15 23:33:00'. Actual behavior: Displays 'April 15, 2024, 11:33 p.m.'. |
|||
Query Language
query: TracLinks and the [[TicketQuery]] macro both use a mini “query language” for specifying query filters. Filters are separated by ampersands (&). Each filter consists of the ticket field name, an operator and one or more values. More than one value are separated by a pipe (|), meaning that the filter matches any of the values. To include a literal & or | in a value, escape the character with a backslash (\).
The available operators are:
= | the field content exactly matches one of the values |
~= | the field content contains one or more of the values |
^= | the field content starts with one of the values |
$= | the field content ends with one of the values |
All of these operators can also be negated:
!= | the field content matches none of the values |
!~= | the field content does not contain any of the values |
!^= | the field content does not start with any of the values |
!$= | the field content does not end with any of the values |
The date fields created and modified can be constrained by using the = operator and specifying a value containing two dates separated by two dots (..). Either end of the date range can be left empty, meaning that the corresponding end of the range is open. The date parser understands a few natural date specifications like "3 weeks ago", "last month" and "now", as well as Bugzilla-style date specifications like "1d", "2w", "3m" or "4y" for 1 day, 2 weeks, 3 months and 4 years, respectively. Spaces in date specifications can be omitted to avoid having to quote the query string.
created=2007-01-01..2008-01-01 | query tickets created in 2007 |
created=lastmonth..thismonth | query tickets created during the previous month |
modified=1weekago.. | query tickets that have been modified in the last week |
modified=..30daysago | query tickets that have been inactive for the last 30 days |
See also: TracTickets, TracReports, TracGuide, TicketQuery