HomePhabricator
Diffusion Phabricator 26081594e2f3

Fix two very, very minor correctness issues in Slowvote
26081594e2f3
Actions

Description

Fix two very, very minor correctness issues in Slowvote

Summary:
See https://hackerone.com/reports/492525 and https://hackerone.com/reports/489531. I previously awarded a bounty for https://hackerone.com/reports/434116 so Slowvote is getting "researched" a lot.

  • Prevent users from undoing their vote by submitting the form with nothing selected.
  • Prevent users from racing between the delete() and save() to vote for multiple options in a plurality poll.

Test Plan:

  • Clicked the vote button with nothing selected in plurality and approval polls, got an error now.
  • Added a sleep(5) between delete() and save(). Submitted different plurality votes in different windows. Before: votes raced, invalid end state. After: votes waited on the lock, arrived in a valid end state.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20125

Details

Provenance
epriestleyAuthored on Feb 7 2019, 5:26 PM
epriestleyPushed on Feb 7 2019, 8:45 PM
Reviewer
amckinley
Differential Revision
D20125: Fix two very, very minor correctness issues in Slowvote
Parents
rPf2236eb061a6: Autofocus form control for adding TOTP codes
Branches
Unknown
Tags
Unknown
Build Status
Buildable 21888
Build 29883: Run Core Tests

Changes (1)

PathSize
src/
applications/
slowvote/
controller/

rP26081594e2f3

View Options

src/applications/slowvote/controller/PhabricatorSlowvoteVoteController.php

Loading...
Phabricator ยท Built by Phacility