Page MenuHomePhabricator

Don't attempt to test capabilities on incomplete handles
ClosedPublic

Authored by epriestley on Apr 7 2021, 9:53 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 23, 5:26 AM
Unknown Object (File)
Sun, Dec 22, 7:52 PM
Unknown Object (File)
Sun, Dec 22, 7:19 AM
Unknown Object (File)
Sun, Dec 22, 7:19 AM
Unknown Object (File)
Sun, Dec 22, 7:19 AM
Unknown Object (File)
Mon, Dec 16, 5:07 PM
Unknown Object (File)
Tue, Dec 10, 8:11 AM
Unknown Object (File)
Dec 9 2024, 9:35 PM
Subscribers
None

Details

Summary

As backstory: I accidentally added the subscriber PHID-USER-abcd to T1 on this install by calling maniphest.edit. I intended to edit T1 on my local install.

This edit is permitted for messy technical reasons, described in T13429. It's not valid, but it's hard to prevent.

The state we reach is also possible even if the edit is rejected (i.e., someone can go manually update the database).

Regardless of how we get into this state, the state (a non-user subscriber) breaks the UI on the task page when it attempts to test if the subscriber can see the task.

To prevent this, only claim that a Handle can have capabilities if the handle is complete. If the handle is incomplete (an invalid or restricted object), it either can't be meaningfully tested for capabilities or the viewer isn't allowed to know them.

Test Plan

Viewed T1 on this install, saw a fatal. Applied the same edit to T1 locally, got the same fatal. Applied patch, no more fatal. Now saw "Unknown Object (User)" in subscriber curtain.

Specifically, the fatal is:

Attempting to test capability "view" for handle of type "USER", but this capability has not been attached.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This revision was not accepted when it landed; it landed in state Needs Review.Apr 7 2021, 9:54 PM
epriestley requested review of this revision.
This revision was automatically updated to reflect the committed changes.