-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revert with error message when release validation fails #37
Conversation
Pull Request Test Coverage Report for Build 105
💛 - Coveralls |
contracts/ReleaseValidator.sol
Outdated
if (!validateAuthorization(packageDb, callerAddress, name)) { | ||
if (address(packageDb) == 0x0){ | ||
// packageDb address is null | ||
return 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These error numbers seem like they should be an Enum
. That would make reading this code a lot easier.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yes nice! 🙂
contracts/PackageIndex.sol
Outdated
return false; | ||
// Run release validator. This method returns a non-zero integer code | ||
// if the release cannot proceed. | ||
uint8 code = releaseValidator.validateRelease( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe instead of returning the code, the revert should just be thrown from within the releaseValidator
? That way you don't have to juggle a return code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pipermerriam Agree - that's a more elegant solution and works perfectly for the case where you're attempting a release and have an error.
There's a small tradeoff - if you call
validateRelease on its own - say as a pre-flight check - the errors don't propagate because it's a view
function. It can be structured to correctly return true/false for that case though.
Your suggestion is simpler/cleaner (probably lighter) ... on reflection definitely prefer.
@gnidan WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So right now the benefit is that errors propagate easily via eth_call
...
To continue to get errors to propagate, we could just leave it as a client concern (say, sendTransaction to the view function on a forked network). But this is messy and heavy-handed in implementation...
It does make it a lot simpler in Solidity, to revert with errors inside ReleaseValidator. To get a pre-flight check we'd need another method, though, one that doesn't error opaquely.
I'm not sure. I don't feel strongly either way, but I guess my vote is that pre-flight checks are valuable enough to warrant providing that capability in some form, even if it means a bit of ugly code somewhere. But I'll abstain from voting on where the ugly code to support this should live.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TLDR: Do what you think is best.
Lately I've structured my APIs to look something like this:
is_valid_thing() # returns `true/false`
validate_thing() # throws error
I find I almost always want both of these and it is easy to make one a wrapper around the other. In this case it isn't trivial because we don't have good error handling so you might need a 3rd internal method which returns a status code which can then be converted to either a boolean, or an exception.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pipermerriam Yes, makes sense. For now opting to revert from the validator per suggestion because its cleaner/less weird. Will possibly add a second is_valid_thing
-like method that returns error string or "ok" for pre-flight checks in a later PR. After the revisions in 61e356a the behavior is:
- reverts with error message on
send
- returns true/false on
call
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apart from my mostly-useless thoughts on how to error, this looks good to me.
contracts/PackageIndex.sol
Outdated
return false; | ||
// Run release validator. This method returns a non-zero integer code | ||
// if the release cannot proceed. | ||
uint8 code = releaseValidator.validateRelease( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So right now the benefit is that errors propagate easily via eth_call
...
To continue to get errors to propagate, we could just leave it as a client concern (say, sendTransaction to the view function on a forked network). But this is messy and heavy-handed in implementation...
It does make it a lot simpler in Solidity, to revert with errors inside ReleaseValidator. To get a pre-flight check we'd need another method, though, one that doesn't error opaquely.
I'm not sure. I don't feel strongly either way, but I guess my vote is that pre-flight checks are valuable enough to warrant providing that capability in some form, even if it means a bit of ugly code somewhere. But I'll abstain from voting on where the ugly code to support this should live.
#13, #15.
ReleaseValidator
contract to return an integer error code if validation fails (current behavior is to return boolean)integer code -> human readable message
mapping in the validator contract.PackageIndex
to revert with error message when release validation fails (current behavior is to silently succeed without executing the release.)This PR targets the
allow-backfilling
branch because they touch the same code / code has been removed in that PR.NB: it might be cheaper to have the validator just return the strings? Not sure this implemented optimally at all. . .