[Bug]: An unlisted version reported for add-on policies is not flagged for HR in rev tools on AMO dev

ioanarusiczki commented 2 days ago

What happened?

I've reported an add-on unlisted (version approved) without it being installed

I've noticed a different behavior on dev compared to stage when reporting it for add-on policies https://addons-dev.allizom.org/en-US/firefox/feedback/addon/%7Bc36983ef-ebf2-40ba-a7d9-bdcbdcdd31fa%7D/ for various reports I've seen it available in Cinder https://stage.cinder.nonprod.webservices.mozgcp.net/job/87de7c87-9b5e-4936-91d9-6074e0f52edb

but when reported for add-on policies it does not show up in the Manual Review queue

stage right now: sent reports with https://addons.allizom.org/en-US/firefox/feedback/addon/%7B8503550e-affb-4531-8dcc-950a3315c992%7D/ when reported for add-on policies https://reviewers.addons.allizom.org/en-US/reviewers/review-unlisted/1237013 when reported for other policies https://stage.cinder.nonprod.webservices.mozgcp.net/job/ea3fe681-7749-43cc-9eda-f4a1814742cb

What did you expect to happen?

Unlisted reported without a version (not installed or reported from other browsers) should behave like listed versions

Is there an existing issue for this?

[X] I have searched the existing issues

┆Issue is synchronized with this Jira Task

eviljeff commented 2 days ago

Pretty sure this is Sentry Issue: ADDONS-SERVER-DEV-TQ

AttributeError: 'NoneType' object has no attribute 'id'
(2 additional frame(s) were not displayed)
...
  File "olympia/abuse/tasks.py", line 80, in report_to_cinder
    CinderJob.report(abuse_report)
  File "olympia/abuse/models.py", line 231, in report
    entity_helper.post_report(job=cinder_job)
  File "olympia/abuse/cinder.py", line 573, in post_report
    self.flag_for_human_review(
  File "olympia/abuse/cinder.py", line 541, in flag_for_human_review
    version_objs = sorted(version_objs, key=lambda v: v.id)
  File "olympia/abuse/cinder.py", line 541, in <lambda>
    version_objs = sorted(version_objs, key=lambda v: v.id)

eviljeff commented 2 days ago

Actually, unrelated to the Sentry traceback - at least as far as I can tell (the guids in the tracebacks don't match)

So, what's happening is kind of expected - since https://github.com/mozilla/addons/issues/1763 unlisted versions haven't been regarded as individually actionable, so aren't sent to Cinder (or the Reviewer Tools). If the unlisted version was installed at the time the report wouldn't have gone to Cinder, etc on dev or stage. Because its not installed the version string isn't passed by Firefox so it's just a guid, and the current logic says a guid that exists, with no specified version, gets sent to Cinder, etc.

What has changed recently is https://github.com/mozilla/addons-server/pull/22857 stops flagging unlisted versions at all. Which opens this edge case. We allow reports on purely unlisted add-ons without a version to be sent to Cinder; but we do not flag unlisted versions in the reviewer tools.

Needs Product/Operations guidance on which way the fix should go:

stop reporting all unlisted add-ons entirely when no version is specified, or
start flagging unlisted versions again for review (i.e. partially revert mozilla/addons-server#22857)

mozilla / addons