recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Prevent users from removing task titles with "Bulk Edit"

Summary:
See downstream <https://phabricator.wikimedia.org/T209449>.

The "Bulk Edit" flow works with `setContinueOnMissingFields(true)`, so `newRequiredError()` errors are ignored. This allows you to apply a transaction which changes the title to `""` (the empty string) without actually hitting any errors which the workflow respects.

(Normally, `setContinueOnMissingFields(...)` workflows only edit properties that can't be missing, like the status of an object, so this is an unusual flow.)

Instead, validate more narrowly:

- Transactions which would remove the title get an "invalid" error, which is respected even under "setContinueOnMissingFields()".
- Then, we try to raise a "missing/required" error if everything otherwise looks okay.

Test Plan:
- Edited a task title normally.
- Edited a task to remove the title (got an error).
- Created a task with no title (disallowed: got an error).
- Bulk edited a task to remove its title.
- Before change: allowed.
- After change: disallowed.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20339

epriestley e69b349b 6bb9d3ac

+21 -3
+21 -3
src/applications/maniphest/xaction/ManiphestTaskTitleTransaction.php
··· 64 64 public function validateTransactions($object, array $xactions) { 65 65 $errors = array(); 66 66 67 - if ($this->isEmptyTextTransaction($object->getTitle(), $xactions)) { 68 - $errors[] = $this->newRequiredError( 69 - pht('Tasks must have a title.')); 67 + // If the user is acting via "Bulk Edit" or another workflow which 68 + // continues on missing fields, they may be applying a transaction which 69 + // removes the task title. Mark these transactions as invalid first, 70 + // then flag the missing field error if we don't find any more specific 71 + // problems. 72 + 73 + foreach ($xactions as $xaction) { 74 + $new = $xaction->getNewValue(); 75 + if (!strlen($new)) { 76 + $errors[] = $this->newInvalidError( 77 + pht('Tasks must have a title.'), 78 + $xaction); 79 + continue; 80 + } 81 + } 82 + 83 + if (!$errors) { 84 + if ($this->isEmptyTextTransaction($object->getTitle(), $xactions)) { 85 + $errors[] = $this->newRequiredError( 86 + pht('Tasks must have a title.')); 87 + } 70 88 } 71 89 72 90 return $errors;