refactor/submit-form: reduce possibility of race conditions in submission flow #1045
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 7 commits
January 25, 2021 21:41
…ssibility of disparity
…ion into the Form class
mantariksh
approved these changes
Jan 26, 2021
| @@ -1,3 +1,6 @@ | |||
| const _ = require('lodash') | |||
| const formsg = require('@opengovsg/formsg-sdk')() | |||
There was a problem hiding this comment.
we are initialising the SDK in production mode here, even if the code is running in dev/staging. this works fine for now because the SDK's crypto.encrypt function does not depend on FormSG's public key, but may lead to unexpected behaviour in future if this class has to call other SDK methods.
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
Addresses #1044
Solution
I did not manage to reproduce the bug in question. This is not a surprise as concurrency bugs are indeterministic by definition. However, based on the symptom and rarity of the bug, it is possible that the behavior is a result of edge cases caused by poor integration with AngularJS. Multiple code paths were thoroughly examined, and the appropriate refactor performed to improve code clarity and reduce the likelihood of bugs.
The
controllerStatevariable is used to store the cloned form object in thesavedFormproperty before fields were locked/disabled. It was previously not attached to the directive scope, but simply as aconstwhich makes it a possible candidate to resolve the concurrency bug as AngularJS would not be tracking changes to this variable during the digest cycle.The need to clone the form object before calling this function was removed by refactoring to avoid assigning to the
form.attachmentproperty (it is a very bad practice to mutate function arguments). This not only removed the need for an expensive clone operation, but also guarantees that there can be no divergence between the form object in the controller scope vs the one used in thesubmitFormfunction, since the call tosubmitForm(scope.form)is a reference to the same form object.Almost all the logic necessary to generate the POST body has also been moved into the
Formclass as instance methods, with the exception of captcha. Internal methods have also been prefixed with an underscore to discourage external use.Improvements:
Bug Fixes:
Tests
Manually tested with storage mode submissions with and without attachment fields. As this is sensitive code with low test coverage, the reviewer is invited to step through the commits to verify that the new implementation is sound.