On Fri, Jul 31, 2020 at 05:29:05PM -0400, Taylor Blau wrote: > > > @@ -1029,6 +1040,11 @@ static void die_if_using_banned_filter(struct upload_pack_data *data) > > > > > > strbuf_addf(&buf, "git upload-pack: filter '%s' not supported", > > > list_object_filter_config_name(banned->choice)); > > > + if (banned->choice == LOFC_TREE_DEPTH && > > > + data->tree_filter_max_depth != ULONG_MAX) > > > + strbuf_addf(&buf, _(" (maximum depth: %lu, but got: %lu)"), > > > + data->tree_filter_max_depth, > > > + banned->tree_exclude_depth); > > > > Hmm. So I see now why you wanted to go with the strbuf in the earlier > > patch. This does still feel awkward, though. You check "is it allowed" > > in an earlier function, we get "nope, it's not allowed", and now we have > > to reimplement the check here. That seems like a maintenance burden. > > I'm not sure that I follow. Is the earlier function that you're > referring to 'banned_filter'? If so, the only use of that function is > within 'die_if_using_banned_filter'. 'banned_filter' exists only insofar > as to answer the question "return me the first banned filter, if one > exists, or NULL otherwise". > > Then, dying here is as simple as (1) lookup the banned filter, and (2) > check if it's NULL or not. > > If you're referring to 'allows_filter_choice', I guess I see what you're > getting it, but to be honest I'm not sure if I'm buying it. Yeah, it's allows_filter_choice() that knows "if it's a tree we must check the depth". And now die_if_using_banned_filter() needs to know that, too. The policy is implemented twice. I do appreciate that the way you've written it means that if somebody forgets to update die_if_using_banned_filter() to match the logic in allows_filter_choice(), we'd at least still die, just with a less good error message. But it seems better still not to require the two to match in the first place. > If we were > to combine 'allows_filter_choice', 'banned_filter', and > 'die_if_using_banned_filter' into one function that traversed the filter > tree and 'die()'d as soon as it got to a banned one, that function would > have to know how to: > > 1. Recurse through the tree when it hits a LOFC_COMBINE node. > > 2. At each node, translate the filter->choice into the appropriate key > name, look it up, and then figure out how to interpret its allowed > status (including falling back to the default if unspecified). > > 3. And, it would have to figure out how to format the message at each > step. > > (3) I think is made easier, since we know what message to format based > on whether or not we're in the 'opts->choice == LOFC_TREE_DEPTH' arm or > not. But, there are two more things that we now have to cram into that > same function. You can still split those things into functions; see the patch I posted. > Maybe I'm being too strict an adherent to having simpler functions, but > I'm failing to see how to combine these in a way that's cleaner than > what's written here. To me this is less about "clean" and more about "don't ever duplicate policy code". I don't mind duplicating boilerplate, but introducing a place where somebody touching function X must remember to also touch Y (and gets no compiler support to remind them) is a bad thing. I guess you can call that "clean", but I'd take longer or more functions as a tradeoff to avoid that. My suggested patch does introduce more side effects. I think that's OK because there really is only a single caller here. But if you wanted it cleaner, then I think having allows_filter_choice() fill out an error strbuf would eliminate my concern without drastically altering the flow of your code. -Peff