Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Fix CAPTCHA modal not displaying when setting issue non-confidential

Review changes
Download
Patches
Plain diff

Chad Woolley requested to merge 334707-fix-captcha-for-set-confidential into master Jul 07, 2021

Overview 6
Commits 1
Pipelines 3
Changes 1

What does this MR do?

Fixes CAPTCHA modal not displaying when setting issue non-confidential.

This is a case where we were supposed to have spam protection but we didn't (or maybe used to but lost it through refactorings).

This bug was "introduced" by !58603 (diffs) , but only in the sense that the backend is now performing the spam check properly, but not fully handling the CAPTCHA display if spam was detected.

More technical context:

The original bug (that switching to non-confidential didn't perform a spam check like it should) was actually related to the passing of the request to the service layer (or not, in this case).

It was never obvious to most people why the request was needed to be passed to the service layer, or that this was what actually triggered the spam checking, or that that was the only purpose of the request being passed into the service layer.

In this case, I missed adding this extra necessary line during my refactor because I was looking for existing places where the request was passed, but this mutation was never properly passing the request to the service in the first place.

The good news is the recent refactors have now removed this unnecessary and confusing coupling of the HTTP request to the service layer, and now it's very explicit and typesafe. You have to pass spam_params to the service constructors, and if it is nil theres not gonna be any check :)

Does this MR meet the acceptance criteria?

Conformity

I have included changelog trailers, or none are needed. (Does this MR need a changelog?)
I have added/updated documentation, or it's not needed. (Is documentation required?)
I have properly separated EE content from FOSS, or this MR is FOSS only. (Where should EE code go?)
I have added information for database reviewers in the MR description, or it's not needed. (Does this MR have database related changes?)
I have self-reviewed this MR per code review guidelines.
This MR does not harm performance, or I have asked a reviewer to help assess the performance impact. (Merge request performance guidelines)
I have followed the style guides.
This change is backwards compatible across updates, or this does not apply.

Availability and Testing

See the following section of the CAPTCHA epic for notes on how to test CAPTCHA locally: https://gitlab.com/groups/gitlab-org/-/epics/5527#testing-notes

I have added/updated tests following the Testing Guide, or it's not needed. (Consider all test levels. See the Test Planning Process.)
I have tested this MR in all supported browsers, or it's not needed.
I have informed the Infrastructure department of a default or new setting change per definition of done, or it's not needed.

Resolves #334707 (closed)

Edited Jul 07, 2021 by Chad Woolley

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking