Revert with error message when release validation fails #37
Conversation
Pull Request Test Coverage Report for Build 105
💛 - Coveralls |
contracts/ReleaseValidator.sol
Outdated
| if (!validateAuthorization(packageDb, callerAddress, name)) { | ||
| if (address(packageDb) == 0x0){ | ||
| // packageDb address is null | ||
| return 1; |
There was a problem hiding this comment.
These error numbers seem like they should be an Enum. That would make reading this code a lot easier.
contracts/PackageIndex.sol
Outdated
| return false; | ||
| // Run release validator. This method returns a non-zero integer code | ||
| // if the release cannot proceed. | ||
| uint8 code = releaseValidator.validateRelease( |
There was a problem hiding this comment.
Maybe instead of returning the code, the revert should just be thrown from within the releaseValidator? That way you don't have to juggle a return code.
There was a problem hiding this comment.
@pipermerriam Agree - that's a more elegant solution and works perfectly for the case where you're attempting a release and have an error.
There's a small tradeoff - if you call validateRelease on its own - say as a pre-flight check - the errors don't propagate because it's a view function. It can be structured to correctly return true/false for that case though.
Your suggestion is simpler/cleaner (probably lighter) ... on reflection definitely prefer.
@gnidan WDYT?
There was a problem hiding this comment.
So right now the benefit is that errors propagate easily via eth_call...
To continue to get errors to propagate, we could just leave it as a client concern (say, sendTransaction to the view function on a forked network). But this is messy and heavy-handed in implementation...
It does make it a lot simpler in Solidity, to revert with errors inside ReleaseValidator. To get a pre-flight check we'd need another method, though, one that doesn't error opaquely.
I'm not sure. I don't feel strongly either way, but I guess my vote is that pre-flight checks are valuable enough to warrant providing that capability in some form, even if it means a bit of ugly code somewhere. But I'll abstain from voting on where the ugly code to support this should live.
There was a problem hiding this comment.
TLDR: Do what you think is best.
Lately I've structured my APIs to look something like this:
is_valid_thing() # returns `true/false`
validate_thing() # throws error
I find I almost always want both of these and it is easy to make one a wrapper around the other. In this case it isn't trivial because we don't have good error handling so you might need a 3rd internal method which returns a status code which can then be converted to either a boolean, or an exception.
There was a problem hiding this comment.
@pipermerriam Yes, makes sense. For now opting to revert from the validator per suggestion because its cleaner/less weird. Will possibly add a second is_valid_thing -like method that returns error string or "ok" for pre-flight checks in a later PR. After the revisions in 61e356a the behavior is:
- reverts with error message on
send - returns true/false on
call
contracts/PackageIndex.sol
Outdated
| return false; | ||
| // Run release validator. This method returns a non-zero integer code | ||
| // if the release cannot proceed. | ||
| uint8 code = releaseValidator.validateRelease( |
There was a problem hiding this comment.
So right now the benefit is that errors propagate easily via eth_call...
To continue to get errors to propagate, we could just leave it as a client concern (say, sendTransaction to the view function on a forked network). But this is messy and heavy-handed in implementation...
It does make it a lot simpler in Solidity, to revert with errors inside ReleaseValidator. To get a pre-flight check we'd need another method, though, one that doesn't error opaquely.
I'm not sure. I don't feel strongly either way, but I guess my vote is that pre-flight checks are valuable enough to warrant providing that capability in some form, even if it means a bit of ugly code somewhere. But I'll abstain from voting on where the ugly code to support this should live.
#13, #15.
ReleaseValidatorcontract to return an integer error code if validation fails (current behavior is to return boolean)integer code -> human readable messagemapping in the validator contract.PackageIndexto revert with error message when release validation fails (current behavior is to silently succeed without executing the release.)This PR targets the
allow-backfillingbranch because they touch the same code / code has been removed in that PR.NB: it might be cheaper to have the validator just return the strings? Not sure this implemented optimally at all. . .