public function addComment(PhabricatorAuditComment $comment)
 {
     $commit = $this->commit;
     $user = $this->user;
     $other_comments = id(new PhabricatorAuditComment())->loadAllWhere('targetPHID = %s', $commit->getPHID());
     $inline_comments = array();
     if ($this->attachInlineComments) {
         $inline_comments = id(new PhabricatorAuditInlineComment())->loadAllWhere('authorPHID = %s AND commitPHID = %s
       AND auditCommentID IS NULL', $user->getPHID(), $commit->getPHID());
     }
     $comment->setActorPHID($user->getPHID())->setTargetPHID($commit->getPHID())->save();
     $content_blocks = array($comment->getContent());
     if ($inline_comments) {
         foreach ($inline_comments as $inline) {
             $inline->setAuditCommentID($comment->getID());
             $inline->save();
             $content_blocks[] = $inline->getContent();
         }
     }
     $ccs = $this->ccs;
     $auditors = $this->auditors;
     $metadata = $comment->getMetadata();
     $metacc = array();
     // Find any "@mentions" in the content blocks.
     $mention_ccs = PhabricatorMarkupEngine::extractPHIDsFromMentions($content_blocks);
     if ($mention_ccs) {
         $metacc = idx($metadata, PhabricatorAuditComment::METADATA_ADDED_CCS, array());
         foreach ($mention_ccs as $cc_phid) {
             $metacc[] = $cc_phid;
         }
     }
     if ($metacc) {
         $ccs = array_merge($ccs, $metacc);
     }
     // When a user submits an audit comment, we update all the audit requests
     // they have authority over to reflect the most recent status. The general
     // idea here is that if audit has triggered for, e.g., several packages, but
     // a user owns all of them, they can clear the audit requirement in one go
     // without auditing the commit for each trigger.
     $audit_phids = self::loadAuditPHIDsForUser($this->user);
     $audit_phids = array_fill_keys($audit_phids, true);
     $requests = id(new PhabricatorRepositoryAuditRequest())->loadAllWhere('commitPHID = %s', $commit->getPHID());
     $action = $comment->getAction();
     // TODO: We should validate the action, currently we allow anyone to, e.g.,
     // close an audit if they muck with form parameters. I'll followup with this
     // and handle the no-effect cases (e.g., closing and already-closed audit).
     $user_is_author = $user->getPHID() == $commit->getAuthorPHID();
     if ($action == PhabricatorAuditActionConstants::CLOSE) {
         // "Close" means wipe out all the concerns.
         $concerned_status = PhabricatorAuditStatusConstants::CONCERNED;
         foreach ($requests as $request) {
             if ($request->getAuditStatus() == $concerned_status) {
                 $request->setAuditStatus(PhabricatorAuditStatusConstants::CLOSED);
                 $request->save();
             }
         }
     } else {
         if ($action == PhabricatorAuditActionConstants::RESIGN) {
             // "Resign" has unusual rules for writing user rows, only affects the
             // user row (never package/project rows), and always affects the user
             // row (other actions don't, if they were able to affect a package/project
             // row).
             $user_request = null;
             foreach ($requests as $request) {
                 if ($request->getAuditorPHID() == $user->getPHID()) {
                     $user_request = $request;
                     break;
                 }
             }
             if (!$user_request) {
                 $user_request = id(new PhabricatorRepositoryAuditRequest())->setCommitPHID($commit->getPHID())->setAuditorPHID($user->getPHID())->setAuditReasons(array("Resigned"));
             }
             $user_request->setAuditStatus(PhabricatorAuditStatusConstants::RESIGNED)->save();
             $requests[] = $user_request;
         } else {
             $have_any_requests = false;
             foreach ($requests as $request) {
                 if (empty($audit_phids[$request->getAuditorPHID()])) {
                     continue;
                 }
                 $request_is_for_user = $request->getAuditorPHID() == $user->getPHID();
                 $have_any_requests = true;
                 $new_status = null;
                 switch ($action) {
                     case PhabricatorAuditActionConstants::COMMENT:
                     case PhabricatorAuditActionConstants::ADD_CCS:
                     case PhabricatorAuditActionConstants::ADD_AUDITORS:
                         // Commenting or adding cc's/auditors doesn't change status.
                         break;
                     case PhabricatorAuditActionConstants::ACCEPT:
                         if (!$user_is_author || $request_is_for_user) {
                             // When modifying your own commits, you act only on behalf of
                             // yourself, not your packages/projects -- the idea being that
                             // you can't accept your own commits.
                             $new_status = PhabricatorAuditStatusConstants::ACCEPTED;
                         }
                         break;
                     case PhabricatorAuditActionConstants::CONCERN:
                         if (!$user_is_author || $request_is_for_user) {
                             // See above.
                             $new_status = PhabricatorAuditStatusConstants::CONCERNED;
                         }
                         break;
                     default:
                         throw new Exception("Unknown action '{$action}'!");
                 }
                 if ($new_status !== null) {
                     $request->setAuditStatus($new_status);
                     $request->save();
                 }
             }
             // If the user has no current authority over any audit trigger, make a
             // new one to represent their audit state.
             if (!$have_any_requests) {
                 $new_status = null;
                 switch ($action) {
                     case PhabricatorAuditActionConstants::COMMENT:
                     case PhabricatorAuditActionConstants::ADD_CCS:
                     case PhabricatorAuditActionConstants::ADD_AUDITORS:
                         $new_status = PhabricatorAuditStatusConstants::AUDIT_NOT_REQUIRED;
                         break;
                     case PhabricatorAuditActionConstants::ACCEPT:
                         $new_status = PhabricatorAuditStatusConstants::ACCEPTED;
                         break;
                     case PhabricatorAuditActionConstants::CONCERN:
                         $new_status = PhabricatorAuditStatusConstants::CONCERNED;
                         break;
                     case PhabricatorAuditActionConstants::CLOSE:
                         // Impossible to reach this block with 'close'.
                     // Impossible to reach this block with 'close'.
                     default:
                         throw new Exception("Unknown or invalid action '{$action}'!");
                 }
                 $request = id(new PhabricatorRepositoryAuditRequest())->setCommitPHID($commit->getPHID())->setAuditorPHID($user->getPHID())->setAuditStatus($new_status)->setAuditReasons(array("Voluntary Participant"))->save();
                 $requests[] = $request;
             }
         }
     }
     $requests_by_auditor = mpull($requests, null, 'getAuditorPHID');
     $requests_phids = array_keys($requests_by_auditor);
     $ccs = array_diff($ccs, $requests_phids);
     $auditors = array_diff($auditors, $requests_phids);
     if ($action == PhabricatorAuditActionConstants::ADD_CCS) {
         if ($ccs) {
             $metadata[PhabricatorAuditComment::METADATA_ADDED_CCS] = $ccs;
             $comment->setMetaData($metadata);
         } else {
             $comment->setAction(PhabricatorAuditActionConstants::COMMENT);
         }
     }
     if ($action == PhabricatorAuditActionConstants::ADD_AUDITORS) {
         if ($auditors) {
             $metadata[PhabricatorAuditComment::METADATA_ADDED_AUDITORS] = $auditors;
             $comment->setMetaData($metadata);
         } else {
             $comment->setAction(PhabricatorAuditActionConstants::COMMENT);
         }
     }
     $comment->save();
     if ($auditors) {
         foreach ($auditors as $auditor_phid) {
             $audit_requested = PhabricatorAuditStatusConstants::AUDIT_REQUESTED;
             $requests[] = id(new PhabricatorRepositoryAuditRequest())->setCommitPHID($commit->getPHID())->setAuditorPHID($auditor_phid)->setAuditStatus($audit_requested)->setAuditReasons(array('Added by ' . $user->getUsername()))->save();
         }
     }
     if ($ccs) {
         foreach ($ccs as $cc_phid) {
             $audit_cc = PhabricatorAuditStatusConstants::CC;
             $requests[] = id(new PhabricatorRepositoryAuditRequest())->setCommitPHID($commit->getPHID())->setAuditorPHID($cc_phid)->setAuditStatus($audit_cc)->setAuditReasons(array('Added by ' . $user->getUsername()))->save();
         }
     }
     $commit->updateAuditStatus($requests);
     $commit->save();
     $this->publishFeedStory($comment, array_keys($audit_phids));
     PhabricatorSearchCommitIndexer::indexCommit($commit);
     $this->sendMail($comment, $other_comments, $inline_comments, $requests);
 }