mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 14:52:41 +01:00
Remove nonfunctional AJAX embed behavior for Slowvote
Summary: See <https://hackerone.com/reports/434116>. Slowvote has a piece of Javascript that attempts to let you vote on `{V123}` polls inline. It does not work: nothing ever triggers it (nothing renders a control with a `slowvote-option` sigil). At least for now, just remove it. It has a completely separate pathway in the controller and both pathways are buggy, so this makes fixing them easier. Test Plan: Voted in plurality and approval polls via Slowvote and the embedded widget. Reviewers: amckinley Reviewed By: amckinley Differential Revision: https://secure.phabricator.com/D19773
This commit is contained in:
parent
798a391e5a
commit
5e1d94f336
4 changed files with 0 additions and 95 deletions
|
@ -422,7 +422,6 @@ return array(
|
||||||
'rsrc/js/application/repository/repository-crossreference.js' => '9a860428',
|
'rsrc/js/application/repository/repository-crossreference.js' => '9a860428',
|
||||||
'rsrc/js/application/search/behavior-reorder-profile-menu-items.js' => 'e2e0a072',
|
'rsrc/js/application/search/behavior-reorder-profile-menu-items.js' => 'e2e0a072',
|
||||||
'rsrc/js/application/search/behavior-reorder-queries.js' => 'e9581f08',
|
'rsrc/js/application/search/behavior-reorder-queries.js' => 'e9581f08',
|
||||||
'rsrc/js/application/slowvote/behavior-slowvote-embed.js' => '887ad43f',
|
|
||||||
'rsrc/js/application/transactions/behavior-comment-actions.js' => '038bf27f',
|
'rsrc/js/application/transactions/behavior-comment-actions.js' => '038bf27f',
|
||||||
'rsrc/js/application/transactions/behavior-reorder-configs.js' => 'd7a74243',
|
'rsrc/js/application/transactions/behavior-reorder-configs.js' => 'd7a74243',
|
||||||
'rsrc/js/application/transactions/behavior-reorder-fields.js' => 'b59e1e96',
|
'rsrc/js/application/transactions/behavior-reorder-fields.js' => 'b59e1e96',
|
||||||
|
@ -674,7 +673,6 @@ return array(
|
||||||
'javelin-behavior-select-content' => 'bf5374ef',
|
'javelin-behavior-select-content' => 'bf5374ef',
|
||||||
'javelin-behavior-select-on-click' => '4e3e79a6',
|
'javelin-behavior-select-on-click' => '4e3e79a6',
|
||||||
'javelin-behavior-setup-check-https' => '491416b3',
|
'javelin-behavior-setup-check-https' => '491416b3',
|
||||||
'javelin-behavior-slowvote-embed' => '887ad43f',
|
|
||||||
'javelin-behavior-stripe-payment-form' => 'a6b98425',
|
'javelin-behavior-stripe-payment-form' => 'a6b98425',
|
||||||
'javelin-behavior-test-payment-form' => 'fc91ab6c',
|
'javelin-behavior-test-payment-form' => 'fc91ab6c',
|
||||||
'javelin-behavior-time-typeahead' => '522431f7',
|
'javelin-behavior-time-typeahead' => '522431f7',
|
||||||
|
@ -1550,12 +1548,6 @@ return array(
|
||||||
'phabricator-keyboard-shortcut',
|
'phabricator-keyboard-shortcut',
|
||||||
'javelin-stratcom',
|
'javelin-stratcom',
|
||||||
),
|
),
|
||||||
'887ad43f' => array(
|
|
||||||
'javelin-behavior',
|
|
||||||
'javelin-request',
|
|
||||||
'javelin-stratcom',
|
|
||||||
'javelin-dom',
|
|
||||||
),
|
|
||||||
'8935deef' => array(
|
'8935deef' => array(
|
||||||
'javelin-install',
|
'javelin-install',
|
||||||
'javelin-dom',
|
'javelin-dom',
|
||||||
|
|
|
@ -25,44 +25,6 @@ final class PhabricatorSlowvoteVoteController
|
||||||
|
|
||||||
$old_votes = mpull($viewer_choices, null, 'getOptionID');
|
$old_votes = mpull($viewer_choices, null, 'getOptionID');
|
||||||
|
|
||||||
if ($request->isAjax()) {
|
|
||||||
$vote = $request->getInt('vote');
|
|
||||||
$votes = array_keys($old_votes);
|
|
||||||
$votes = array_fuse($votes);
|
|
||||||
|
|
||||||
if ($poll->getMethod() == PhabricatorSlowvotePoll::METHOD_PLURALITY) {
|
|
||||||
if (idx($votes, $vote, false)) {
|
|
||||||
$votes = array();
|
|
||||||
} else {
|
|
||||||
$votes = array($vote);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if (idx($votes, $vote, false)) {
|
|
||||||
unset($votes[$vote]);
|
|
||||||
} else {
|
|
||||||
$votes[$vote] = $vote;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->updateVotes($viewer, $poll, $old_votes, $votes);
|
|
||||||
|
|
||||||
$updated_choices = id(new PhabricatorSlowvoteChoice())->loadAllWhere(
|
|
||||||
'pollID = %d AND authorPHID = %s',
|
|
||||||
$poll->getID(),
|
|
||||||
$viewer->getPHID());
|
|
||||||
|
|
||||||
$embed = id(new SlowvoteEmbedView())
|
|
||||||
->setPoll($poll)
|
|
||||||
->setOptions($options)
|
|
||||||
->setViewerChoices($updated_choices);
|
|
||||||
|
|
||||||
return id(new AphrontAjaxResponse())
|
|
||||||
->setContent(array(
|
|
||||||
'pollID' => $poll->getID(),
|
|
||||||
'contentHTML' => $embed->render(),
|
|
||||||
));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$request->isFormPost()) {
|
if (!$request->isFormPost()) {
|
||||||
return id(new Aphront404Response());
|
return id(new Aphront404Response());
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,12 +39,6 @@ final class SlowvoteEmbedView extends AphrontView {
|
||||||
}
|
}
|
||||||
|
|
||||||
require_celerity_resource('phabricator-slowvote-css');
|
require_celerity_resource('phabricator-slowvote-css');
|
||||||
require_celerity_resource('javelin-behavior-slowvote-embed');
|
|
||||||
|
|
||||||
$config = array(
|
|
||||||
'pollID' => $poll->getID(),
|
|
||||||
);
|
|
||||||
Javelin::initBehavior('slowvote-embed', $config);
|
|
||||||
|
|
||||||
$user_choices = $poll->getViewerChoices($this->getUser());
|
$user_choices = $poll->getViewerChoices($this->getUser());
|
||||||
$user_choices = mpull($user_choices, 'getOptionID', 'getOptionID');
|
$user_choices = mpull($user_choices, 'getOptionID', 'getOptionID');
|
||||||
|
|
|
@ -1,43 +0,0 @@
|
||||||
/**
|
|
||||||
* @provides javelin-behavior-slowvote-embed
|
|
||||||
* @requires javelin-behavior
|
|
||||||
* javelin-request
|
|
||||||
* javelin-stratcom
|
|
||||||
* javelin-dom
|
|
||||||
*/
|
|
||||||
JX.behavior('slowvote-embed', function() {
|
|
||||||
JX.Stratcom.listen(
|
|
||||||
['click'],
|
|
||||||
'slowvote-option',
|
|
||||||
function(e) {
|
|
||||||
if (!e.isNormalMouseEvent()) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
e.kill();
|
|
||||||
|
|
||||||
var pollID = e.getNodeData('slowvote-embed').pollID;
|
|
||||||
var voteURI = '/vote/' + pollID + '/';
|
|
||||||
|
|
||||||
var request = new JX.Request(voteURI, function(r) {
|
|
||||||
var updated_poll = JX.$H(r.contentHTML);
|
|
||||||
var root = JX.$('phabricator-standard-page');
|
|
||||||
|
|
||||||
var polls = JX.DOM.scry(root, 'div', 'slowvote-embed');
|
|
||||||
|
|
||||||
for(var i = 0; i < polls.length; i++) {
|
|
||||||
var data = JX.Stratcom.getData(polls[i]);
|
|
||||||
|
|
||||||
if (data.pollID == pollID) {
|
|
||||||
JX.DOM.replace(polls[i], updated_poll);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
request.addData({vote: e.getNodeData('slowvote-option').optionID});
|
|
||||||
request.send();
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
});
|
|
Loading…
Reference in a new issue