1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00

Prevent creation of inline comments with mismatched changesetID / revisionPHID

Summary:
Ref T11092. With Quicksand (or, possibly, some as-yet-unknown non-Quicksand workflow) the client can get stuck with an out-of-date revision PHID.

We then save comments with a `revisionPHID` from one revision and a `changesetID` from a different one.

Detect and prevent this. This stops the workflow immediately when the use first clicks, so it should allow us to detect this issue if it has some other non-Quicksand cause.

Test Plan:
  - Opened revision `D123`.
  - Pressed `\` to enable the sidebar and Quicksand.
  - Clicked a link to revision `D124`.
  - Added inlines.

Previously, these could ghost. The exact UI behavior is difficult to describe, but in the database they end up with a `changesetID` for `D124` but the original `revisionPHID` for `D123`, presumably because state is sticking around from the first page.

After this patch, an exception is thrown immediately. Additionally:

  - Reloaded to clear quicksand state, added comments fine.
  - Disabled sidebar/quicksand, added comments fine.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11092

Differential Revision: https://secure.phabricator.com/D16031
This commit is contained in:
epriestley 2016-06-03 13:33:43 -07:00
parent 03e54afc14
commit a34b769b4f

View file

@ -23,13 +23,34 @@ final class DifferentialInlineCommentEditController
}
protected function createComment() {
// Verify revision and changeset correspond to actual objects.
// Verify revision and changeset correspond to actual objects, and are
// connected to one another.
$changeset_id = $this->getChangesetID();
$viewer = $this->getViewer();
$revision = $this->loadRevision();
if (!id(new DifferentialChangeset())->load($changeset_id)) {
throw new Exception(pht('Invalid changeset ID!'));
$changeset = id(new DifferentialChangesetQuery())
->setViewer($viewer)
->withIDs(array($changeset_id))
->executeOne();
if (!$changeset) {
throw new Exception(
pht(
'Invalid changeset ID "%s"!',
$changeset_id));
}
$diff = $changeset->getDiff();
if ($diff->getRevisionID() != $revision->getID()) {
throw new Exception(
pht(
'Changeset ID "%s" is part of diff ID "%s", but that diff '.
'is attached to reivsion "%s", not revision "%s".',
$changeset_id,
$diff->getID(),
$diff->getRevisionID(),
$revision->getID()));
}
return id(new DifferentialInlineComment())