1 files changed, 15 insertions, 38 deletions

diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index 499fb20a9..553bb2436 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -325,7 +325,10 @@ public
     # copying an email, and that doesn't matter)
     def InfoRequest.find_by_incoming_email(incoming_email)
         id, hash = InfoRequest._extract_id_hash_from_email(incoming_email)
-        return self.find_by_magic_email(id, hash)
+        if hash_from_id(id) == hash
+            # Not using find(id) because we don't exception raised if nothing found
+            find_by_id(id)
+        end
     end
 
     # Return list of info requests which *might* be right given email address
@@ -452,6 +455,17 @@ public
         incoming_message = IncomingMessage.new
 
         ActiveRecord::Base.transaction do
+
+            # To avoid a deadlock when simultaneously dealing with two
+            # incoming emails that refer to the same InfoRequest, we
+            # lock the row for update.  In Rails 3.2.0 and later this
+            # can be done with info_request.with_lock or
+            # info_request.lock!, but upgrading to that version of
+            # Rails creates many other problems at the moment.  In the
+            # interim, just use raw SQL to do the SELECT ... FOR UPDATE
+            raw_sql = "SELECT * FROM info_requests WHERE id = #{self.id} LIMIT 1 FOR UPDATE"
+            ActiveRecord::Base.connection.execute(raw_sql)
+
             raw_email = RawEmail.new
             incoming_message.raw_email = raw_email
             incoming_message.info_request = self
@@ -876,24 +890,6 @@ public
         return Digest::SHA1.hexdigest(id.to_s + AlaveteliConfiguration::incoming_email_secret)[0,8]
     end
 
-    # Called by find_by_incoming_email - and used to be called by separate
-    # function for envelope from address, until we abandoned it.
-    def InfoRequest.find_by_magic_email(id, hash)
-        expected_hash = InfoRequest.hash_from_id(id)
-        #print "expected: " + expected_hash + "\nhash: " + hash + "\n"
-        if hash != expected_hash
-            return nil
-        else
-            begin
-                return self.find(id)
-            rescue ActiveRecord::RecordNotFound
-                # so error email is sent to admin, rather than the exception sending weird
-                # error to the public body.
-                return nil
-            end
-        end
-    end
-
     # Used to find when event last changed
     def InfoRequest.last_event_time_clause(event_type=nil)
         event_type_clause = ''
@@ -1044,25 +1040,6 @@ public
         InfoRequest.update_all "allow_new_responses_from = 'nobody' where updated_at < (now() - interval '1 year') and allow_new_responses_from in ('anybody', 'authority_only') and url_title <> 'holding_pen'"
     end
 
-    # Returns a random FOI request
-    def InfoRequest.random
-        max_id = InfoRequest.connection.select_value('select max(id) as a from info_requests').to_i
-        info_request = nil
-        count = 0
-        while info_request.nil?
-            if count > 100
-                return nil
-            end
-            id = rand(max_id) + 1
-            begin
-                count += 1
-                info_request = find(id, :conditions => ["prominence = 'normal'"])
-            rescue ActiveRecord::RecordNotFound
-            end
-        end
-        return info_request
-    end
-
     def json_for_api(deep)
         ret = {
             :id => self.id,