From c946356cdc026b6d65662075487eb058f5c96c2b Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Sun, 25 Oct 2015 17:30:39 -0400 Subject: [PATCH] forbid atomic transactions on writable, upgradable databases We can't (but currently do) allow upgrades within transactions because upgrades need their own transactions. We don't want to re-use the current transaction because bailing out of an upgrade would mean loosing all previous changes (because our "atomic" transactions don't commit before hand). This gives us two options: 1. Fail at the beginning of upgrade (tell the user to end the transaction, upgrade, and start over). 2. Don't allow the user to start the transaction. I went with the latter because: 1. There is no reason to call `begin_atomic` unless you intend to to write to the database and anyone intending to write to the database should upgrade it first. 2. This means that nothing inside an atomic transaction can ever fail with NOTMUCH_STATUS_UPGRADE_REQUIRED. --- lib/database.cc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/database.cc b/lib/database.cc index 5e86955d..3b342f13 100644 --- a/lib/database.cc +++ b/lib/database.cc @@ -1635,6 +1635,9 @@ notmuch_database_begin_atomic (notmuch_database_t *notmuch) notmuch->atomic_nesting > 0) goto DONE; + if (notmuch_database_needs_upgrade(notmuch)) + return NOTMUCH_STATUS_UPGRADE_REQUIRED; + try { (static_cast (notmuch->xapian_db))->begin_transaction (false); } catch (const Xapian::Error &error) {