Closed
Bug 364177
Opened 18 years ago
Closed 17 years ago
On attachment and bug creation, if *one* requestee cannot see the bug, *all* requests are cancelled
Categories
(Bugzilla :: Attachments & Requests, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.0
People
(Reporter: LpSolit, Assigned: LpSolit)
References
Details
Attachments
(1 file, 3 obsolete files)
6.24 KB,
patch
|
mkanat
:
review+
|
Details | Diff | Splinter Review |
The bug summary says it all: on attachment and bug creation, if *one* requestee cannot see the bug, *all* requests are cancelled, including those being perfectly valid. This is because Flag::validate() dies and all remaining validations are skipped and no flag is created. If a requestee cannot see the bug, then the requestee should be dropped but the request itself (as well as all other valid requests) should stay. This is going to make developers crazy if we don't fix it.
Assignee | ||
Comment 1•18 years ago
|
||
Thanks Selenium for finding this bug. :)
Status: NEW → ASSIGNED
Flags: blocking3.0?
Updated•18 years ago
|
Flags: blocking3.0? → blocking3.0+
Assignee | ||
Comment 2•18 years ago
|
||
ERROR_MODE_WARN is an intermediate state between ERROR_MODE_WEBPAGE and ERROR_MODE_DIE. Throw*Error(), when called, stores error messages in Bugzilla->error_queue and returns, so that you can still process further. This is useful for minor notifications which you want to display later, such as requestees who cannot see the bug or the attachment. I keep ERROR_MODE_DIE before calling Bugzilla::Flag::validate(), because all other errors must be fatal, i.e. something really unexpected happened and the safest is to ignore all changes made to flags.
Attachment #248952 -
Flags: review?(bugzilla-mozilla)
Assignee | ||
Comment 3•18 years ago
|
||
Comment on attachment 248952 [details] [diff] [review] patch, v1 I think we should have two reviews on this one to be sure we do things correctly and cleanly.
Attachment #248952 -
Flags: review?(mkanat)
Comment 4•18 years ago
|
||
Comment on attachment 248952 [details] [diff] [review] patch, v1 Instead of error_queue, please use the code I wrote in bug 350105.
Attachment #248952 -
Flags: review?(mkanat) → review-
Assignee | ||
Comment 5•18 years ago
|
||
I will commit bug 364216 first, which is more critical than this one. The dependency is because they conflict.
Depends on: 364216
Assignee | ||
Comment 6•18 years ago
|
||
I updated Bugzilla->errors so that it can easily be called by the not yet existing Error::rethrow_error() method.
Attachment #248952 -
Attachment is obsolete: true
Attachment #249460 -
Flags: review?(mkanat)
Attachment #248952 -
Flags: review?(bugzilla-mozilla)
Assignee | ||
Updated•18 years ago
|
Attachment #249460 -
Flags: review?(justdave)
Comment 7•18 years ago
|
||
Comment on attachment 249460 [details] [diff] [review] patch, v2 >+ # If we want to throw the error later, we have to keep these information. >+ Bugzilla->errors->{'type'} = ($name =~ /code/i) ? 'ThrowCodeError' : 'ThrowUserError'; >+ Bugzilla->errors->{'name'} = $error; >+ Bugzilla->errors->{'vars'} = $vars; If this really is an error queue, then these should be stored as part of a hash inside errors, which should be returning an array, yes? See, what I'm thinking is that Bugzilla->errors should always be an array, and it should just contain a lot of "error objects", which represent details. In fact, we could make Bugzilla::Error into a real object, and just push those into the array. I think that'd be even better. Then we could call ->throw or ->message or whatever, on those objects. I think that would handle all the rest of my comments on this code, too. >+sub errors { > [snip] >+ if ($message) { >+ push(@{$errors->{queue}}, $message); >+ } You never made queue into an arrayref there, so that will die.
Attachment #249460 -
Flags: review?(mkanat)
Attachment #249460 -
Flags: review?(justdave)
Attachment #249460 -
Flags: review-
Assignee | ||
Comment 8•18 years ago
|
||
I know use a real array for the error queue.
Attachment #249460 -
Attachment is obsolete: true
Attachment #252374 -
Flags: review?(mkanat)
Comment 9•18 years ago
|
||
Comment on attachment 252374 [details] [diff] [review] patch, v3 Now that I've actually tested the code, I think that this is too much code to solve a problem that isn't really that bad. That is, this only triggers when one requestee isn't in the *group* that can see the bug. We could eventually fix this by doing requestee validation as part of Bugzilla::Bug->create, which is where it should be done anyhow. Or we could do the validation before filing the bug. But all of this code just to work around a problem that won't happen that often...I don't think we should do that. I also don't really think this is a blocker anymore. Here are the comments that I had on the patch in general: >+sub errors { >+ foreach my $error (@error_queue) { >+ # Some unexpected system errors such as "No such file or directory" >+ # may appear when checking the existence of a file. That's definitely >+ # something we don't want to display. So keeping Perl errors for now. In that case should we even queue system errors? >+ my $msg; >+ if (Bugzilla->usage_mode == USAGE_MODE_BROWSER && scalar(@msgs)) { >+ $msg = '<ul><li>' . join('</li><li>', @msgs) . '</li></ul>'; >+ } I really think that we should always return the array and we should format the output in TT, but if you really think this is the best way to go, then OK.
Comment 10•18 years ago
|
||
As I said above, I no longer think this is a blocker. We haven't had anybody actually run into this badly on bmo, and I don't think that it will badly affect most, if any, installations. I think that we should live with it in 3.0, and fix it in a decent way on the trunk for 3.2. We could possibly check in this fix on the 3.0 *branch* when we have that, but I don't want it on the trunk.
Severity: major → normal
Flags: blocking3.0+ → blocking3.0-
Assignee | ||
Comment 11•18 years ago
|
||
I still want it fixed in 3.0. A minimal fix would be to silently skip unauthorized requestees, which would be non-invasive.
Comment 12•18 years ago
|
||
Okay, let's do that, then, for now. We can do a better fix with more architecture, later.
Assignee | ||
Comment 13•17 years ago
|
||
Silently skip unauthorized requestees.
Attachment #252374 -
Attachment is obsolete: true
Attachment #253944 -
Flags: review?(mkanat)
Attachment #252374 -
Flags: review?(mkanat)
Comment 14•17 years ago
|
||
Comment on attachment 253944 [details] [diff] [review] patch, v4 Okay, I trust that this works.
Attachment #253944 -
Flags: review?(mkanat) → review+
Updated•17 years ago
|
Flags: approval+
Assignee | ||
Comment 15•17 years ago
|
||
Checking in post_bug.cgi; /cvsroot/mozilla/webtools/bugzilla/post_bug.cgi,v <-- post_bug.cgi new revision: 1.183; previous revision: 1.182 done Checking in Bugzilla/Attachment.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Attachment.pm,v <-- Attachment.pm new revision: 1.45; previous revision: 1.44 done Checking in Bugzilla/Flag.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Flag.pm,v <-- Flag.pm new revision: 1.81; previous revision: 1.80 done
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•