chipx86

647: Error return value of _prepare_draft unused in webapi/json.py

chipx86
chipx86
 chipx86
Sept. 16, 2009 
The return value of _prepare_draft is assumed to be a ReviewRequestDraft,
when it could be an error. This can lead to problems if some other user
attempts to call such an API function. A draft won't be manipulated, but an
HTTP 500 will be generated, since we'll attempt to call functions on an error.

_prepare_draft doesn't even seem to be smart about returning an existing
draft for a review request, which confuses me, but really this logic should
either go into the create method in a Manager for the draft or we should
provide a create_draft() function on ReviewRequest. In either case, an
exception should be raised if the user doesn't have the right permissions.
We should then catch it and return the proper webapi error.
chipx86
#1 chipx86 
Silly me, I was thinking we were calling ReviewRequestDraft.objects.create, but we're
instead calling the static ReviewRequestDraft.create.

Still, this is wrong. It should really be a manager method.
david
#2 david
  • +New
  • +-**@gmai***** (Google Code)
david
#3 david
  • -New
    +Confirmed
chipx86
#4 chipx86 
This can wait.
  • -Milestone-Release1.0
    +Milestone-Release1.5
chipx86
#5 chipx86 
The core problem was fixed.
  • -Confirmed
    +Fixed
  • -Milestone-Release1.5
    +Milestone-Release1.0.x
  • --**@gmai***** (Google Code)
    +chipx86