Page MenuHomePhabricator

`differential.querydiffs` returns array instead of object when lacking permissions
Closed, DuplicatePublic

Description

In debugging https://github.com/uber/phabricator-jenkins-plugin/issues/30#issuecomment-110588285, we noticed that the response type was [] instead of {}, additionally no error message was provided.

repro steps. using a conduit token with a user who doesn't have permission to a repo:

echo '{"ids": [6]}' | arc call-conduit differential.querydiffs --conduit-token=api-... | python -mjson.tool
{
  "error": null,
  "errorMessage": null,
  "response": []
}

In the meantime, i will add extra logic to check the object type in our jenkins plugin, but i assume this is unintended behavior.

Event Timeline

sectioneight raised the priority of this task from to Needs Triage.
sectioneight updated the task description. (Show Details)
sectioneight added a project: Conduit.
sectioneight added a subscriber: sectioneight.

This is an artifact of the PHP json_encode() method's rules for guessing whether a PHP array is an JSON object or a JSON list.

I don't anticipate addressing this explicitly prior to T7715, which (with T5873) will modernize, standardize, and break everything.

I'm just going to merge this there.

I'm also not sure how well arc patch handoff has been working for you, but T8090 has some discussion of some more reliable approaches we're evaluating and moving toward.

thanks for the quick replies! internally to uber, arc patch has served us well. we git reset --hard to the base revision, then patch --nocommit --nobranch. it wasn't until we open sourced our jenkins plugin and got this bug report that we even noticed this behavior. i'll follow the task you mentioned and update the jenkins plugin when a more robust solution is available.

Ah, interesting. I'm glad to hear it's been working out (although I'm a little surprised!).