@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Remove nonfunctional AJAX embed behavior for Slowvote
Summary:
See <https://hackerone.com/reports/434116>. Slowvote has a piece of Javascript that attempts to let you vote on `{V123}` polls inline.
It does not work: nothing ever triggers it (nothing renders a control with a `slowvote-option` sigil).
At least for now, just remove it. It has a completely separate pathway in the controller and both pathways are buggy, so this makes fixing them easier.
Test Plan: Voted in plurality and approval polls via Slowvote and the embedded widget.
Reviewers: amckinley
Reviewed By: amckinley
Differential Revision: https://secure.phabricator.com/D19773
-95
-8
resources/celerity/map.php
-8
resources/celerity/map.php
···
422
422
'rsrc/js/application/repository/repository-crossreference.js' => '9a860428',
423
423
'rsrc/js/application/search/behavior-reorder-profile-menu-items.js' => 'e2e0a072',
424
424
'rsrc/js/application/search/behavior-reorder-queries.js' => 'e9581f08',
425
-
'rsrc/js/application/slowvote/behavior-slowvote-embed.js' => '887ad43f',
426
425
'rsrc/js/application/transactions/behavior-comment-actions.js' => '038bf27f',
427
426
'rsrc/js/application/transactions/behavior-reorder-configs.js' => 'd7a74243',
428
427
'rsrc/js/application/transactions/behavior-reorder-fields.js' => 'b59e1e96',
···
674
673
'javelin-behavior-select-content' => 'bf5374ef',
675
674
'javelin-behavior-select-on-click' => '4e3e79a6',
676
675
'javelin-behavior-setup-check-https' => '491416b3',
677
-
'javelin-behavior-slowvote-embed' => '887ad43f',
678
676
'javelin-behavior-stripe-payment-form' => 'a6b98425',
679
677
'javelin-behavior-test-payment-form' => 'fc91ab6c',
680
678
'javelin-behavior-time-typeahead' => '522431f7',
···
1549
1547
'javelin-behavior',
1550
1548
'phabricator-keyboard-shortcut',
1551
1549
'javelin-stratcom',
1552
-
),
1553
-
'887ad43f' => array(
1554
-
'javelin-behavior',
1555
-
'javelin-request',
1556
-
'javelin-stratcom',
1557
-
'javelin-dom',
1558
1550
),
1559
1551
'8935deef' => array(
1560
1552
'javelin-install',
-38
src/applications/slowvote/controller/PhabricatorSlowvoteVoteController.php
-38
src/applications/slowvote/controller/PhabricatorSlowvoteVoteController.php
···
25
25
26
26
$old_votes = mpull($viewer_choices, null, 'getOptionID');
27
27
28
-
if ($request->isAjax()) {
29
-
$vote = $request->getInt('vote');
30
-
$votes = array_keys($old_votes);
31
-
$votes = array_fuse($votes);
32
-
33
-
if ($poll->getMethod() == PhabricatorSlowvotePoll::METHOD_PLURALITY) {
34
-
if (idx($votes, $vote, false)) {
35
-
$votes = array();
36
-
} else {
37
-
$votes = array($vote);
38
-
}
39
-
} else {
40
-
if (idx($votes, $vote, false)) {
41
-
unset($votes[$vote]);
42
-
} else {
43
-
$votes[$vote] = $vote;
44
-
}
45
-
}
46
-
47
-
$this->updateVotes($viewer, $poll, $old_votes, $votes);
48
-
49
-
$updated_choices = id(new PhabricatorSlowvoteChoice())->loadAllWhere(
50
-
'pollID = %d AND authorPHID = %s',
51
-
$poll->getID(),
52
-
$viewer->getPHID());
53
-
54
-
$embed = id(new SlowvoteEmbedView())
55
-
->setPoll($poll)
56
-
->setOptions($options)
57
-
->setViewerChoices($updated_choices);
58
-
59
-
return id(new AphrontAjaxResponse())
60
-
->setContent(array(
61
-
'pollID' => $poll->getID(),
62
-
'contentHTML' => $embed->render(),
63
-
));
64
-
}
65
-
66
28
if (!$request->isFormPost()) {
67
29
return id(new Aphront404Response());
68
30
}
-6
src/applications/slowvote/view/SlowvoteEmbedView.php
-6
src/applications/slowvote/view/SlowvoteEmbedView.php
···
39
39
}
40
40
41
41
require_celerity_resource('phabricator-slowvote-css');
42
-
require_celerity_resource('javelin-behavior-slowvote-embed');
43
-
44
-
$config = array(
45
-
'pollID' => $poll->getID(),
46
-
);
47
-
Javelin::initBehavior('slowvote-embed', $config);
48
42
49
43
$user_choices = $poll->getViewerChoices($this->getUser());
50
44
$user_choices = mpull($user_choices, 'getOptionID', 'getOptionID');
-43
webroot/rsrc/js/application/slowvote/behavior-slowvote-embed.js
-43
webroot/rsrc/js/application/slowvote/behavior-slowvote-embed.js
···
1
-
/**
2
-
* @provides javelin-behavior-slowvote-embed
3
-
* @requires javelin-behavior
4
-
* javelin-request
5
-
* javelin-stratcom
6
-
* javelin-dom
7
-
*/
8
-
JX.behavior('slowvote-embed', function() {
9
-
JX.Stratcom.listen(
10
-
['click'],
11
-
'slowvote-option',
12
-
function(e) {
13
-
if (!e.isNormalMouseEvent()) {
14
-
return;
15
-
}
16
-
e.kill();
17
-
18
-
var pollID = e.getNodeData('slowvote-embed').pollID;
19
-
var voteURI = '/vote/' + pollID + '/';
20
-
21
-
var request = new JX.Request(voteURI, function(r) {
22
-
var updated_poll = JX.$H(r.contentHTML);
23
-
var root = JX.$('phabricator-standard-page');
24
-
25
-
var polls = JX.DOM.scry(root, 'div', 'slowvote-embed');
26
-
27
-
for(var i = 0; i < polls.length; i++) {
28
-
var data = JX.Stratcom.getData(polls[i]);
29
-
30
-
if (data.pollID == pollID) {
31
-
JX.DOM.replace(polls[i], updated_poll);
32
-
}
33
-
34
-
}
35
-
36
-
});
37
-
38
-
request.addData({vote: e.getNodeData('slowvote-option').optionID});
39
-
request.send();
40
-
41
-
});
42
-
43
-
});