Page MenuHomePhabricator
Differential D20125

Fix two very, very minor correctness issues in Slowvote
ClosedPublic
Actions

Authored by epriestley on Feb 7 2019, 5:29 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 20, 4:49 AM
Unknown Object (File)
Thu, Dec 12, 1:32 AM
Unknown Object (File)
Nov 22 2024, 10:34 PM
Unknown Object (File)
Nov 10 2024, 7:29 PM
Unknown Object (File)
Oct 23 2024, 10:52 AM
Unknown Object (File)
Oct 15 2024, 4:57 AM
Unknown Object (File)
Sep 28 2024, 12:07 PM
Unknown Object (File)
Sep 28 2024, 12:07 PM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Commits
rP26081594e2f3: Fix two very, very minor correctness issues in Slowvote
Summary

See https://hackerone.com/reports/492525 and https://hackerone.com/reports/489531. I previously awarded a bounty for https://hackerone.com/reports/434116 so Slowvote is getting "researched" a lot.

  • Prevent users from undoing their vote by submitting the form with nothing selected.
  • Prevent users from racing between the delete() and save() to vote for multiple options in a plurality poll.
Test Plan
  • Clicked the vote button with nothing selected in plurality and approval polls, got an error now.
  • Added a sleep(5) between delete() and save(). Submitted different plurality votes in different windows. Before: votes raced, invalid end state. After: votes waited on the lock, arrived in a valid end state.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
src/
applications/
slowvote/
controller/
53 lines

Diff 48051

View Options

src/applications/slowvote/controller/PhabricatorSlowvoteVoteController.php

Loading...
Phabricator · Built by Phacility