revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-16 11:52:40 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/search/field/PhabricatorPHIDsSearchField.php
epriestley 07082d2867 Don't allow empty list constraints in Conduit calls 
Summary:
Ref T11473. If you write a method like `get_stuff(ids)` and then call it with an empty list of IDs, you can end up passing an empty constraint to Conduit.

If you run a `*.search` method with such a constraint, like this one:

```
{
  "ids": []
}
```

...we have three possible beahviors:

  # Treat it like the user passed no constraint (basically, ignore the constraint).
  # Respect the constraint (return no results).
  # Error.

Currently, we do (1). However, this is pretty confusing and I think clearly the worst option, since it means `get_stuff(array())` in client code will often tend to return a ton of results.

We could do (2) instead, but this is also sort of confusing (it may not be obvious why nothing matched, even though it's an application bug) and I think most reasonable client code should be doing an `if ($ids)` test: this test makes clients a little more complicated, but they can save a network call, and I think they often need to do this test anyway (for example, to show the user a different message).

This implements (3), and just considers these to be errors: this is the least tricky behavior, it's consistent with what we do in PHP, makes fairly good sense, and the only cost for this is that client code may need to be slightly more complex, but this slightly more complex code is usually better code.

Test Plan: Ran Conduit `*.search` queries with `"ids":[]` and `"phids":[]`, got sensible errors instead of runaway result sets.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11473

Differential Revision: https://secure.phabricator.com/D16396
2016-08-14 08:31:13 -07:00

31 lines
681 B
PHP
Raw Blame History

<?php
final class PhabricatorPHIDsSearchField
extends PhabricatorSearchField {
protected function getDefaultValue() {
return array();
}
protected function getValueFromRequest(AphrontRequest $request, $key) {
return $request->getStrList($key);
}
protected function newControl() {
if (strlen($this->getValueForControl())) {
return new AphrontFormTextControl();
} else {
return null;
}
}
protected function getValueForControl() {
return implode(', ', parent::getValueForControl());
}
protected function newConduitParameterType() {
return id(new ConduitPHIDListParameterType())
->setAllowEmptyList(false);
}
}
View git blame Copy permalink