Validate select/option settings more strictly when reading them

Summary: Ref T4103. If the database has `""` (empty string) for select/option settings, we can let that value be effective in the UI right now. One consequence is that timestamps can vanish from the UI. Instead, be stricter and discard it as an invalid value. Test Plan: - Forced `time-format` setting to `''`. - Saw timestamps vanish before change. - Saw timestamps return to the default value after change. Reviewers: chad Reviewed By: chad Maniphest Tasks: T4103 Differential Revision: https://secure.phabricator.com/D16047
2024-11-10 08:52:39 +01:00 · 2016-06-05 10:23:28 -07:00 · 2016-06-05 10:23:28 -07:00 · c9ef7aeaa3
commit c9ef7aeaa3
parent c4de87a07a
1 changed files with 19 additions and 0 deletions
--- a/src/applications/settings/setting/PhabricatorSelectSetting.php
+++ b/src/applications/settings/setting/PhabricatorSelectSetting.php
@ -27,6 +27,25 @@ abstract class PhabricatorSelectSetting
      ->setOptions($options);
  }

+  public function assertValidValue($value) {
+    // This is a slightly stricter check than the transaction check. It's
+    // OK for empty string to go through transactions because it gets converted
+    // to null later, but we shouldn't be reading the empty string from
+    // storage.
+    if ($value === null) {
+      return;
+    }
+
+    if (!strlen($value)) {
+      throw new Exception(
+        pht(
+          'Empty string is not a valid setting for "%s".',
+          $this->getSettingName()));
+    }
+
+    $this->validateTransactionValue($value);
+  }
+
  final public function validateTransactionValue($value) {
    if (!strlen($value)) {
      return;