[QA] [Ops] Delete button on gerrit
Chad Horohoe
chorohoe at wikimedia.org
Tue Mar 6 00:36:09 UTC 2018
On Mon, Mar 5, 2018 at 12:01 PM Jaime Crespo <jcrespo at wikimedia.org> wrote:
> I just been told there is now a delete button, DON'T USE IT- I just
> pressed it by mistake after entering in edit mode thinking it was a
> "discard patch started on web interface" (but it is very easy to pres it by
> mistake), and apparently it removes the entire CR. I was told by Paladox
> this is a new feature on gerrit, and I do not like it already. I managed to
> delete the work of a workmate. :-(
>
> I could restore everthing from the database backups, but as it also
> deletes the git files content, it doesn't work without it -it cannot be
> reverted- only text can be recover from the database in not the nicest
> formatting.
>
> Apologies for the damages caused. Should I file a ticket to propose to
> disable such a button from the UI?
>
Sooooo, this is supposed to be "Delete Own Changes" but I suppose if you
took control of a change (via adding your patch set to the CR) it would
result in you deleting others' changes. That's a *horrible* privilege
escalation!
No need for a ticket, I've disabled this.
-Chad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.wikimedia.org/pipermail/qa/attachments/20180306/e1bedef5/attachment.html>
More information about the QA
mailing list