Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15423811
D14823.id35847.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
8 KB
Referenced Files
None
Subscribers
None
D14823.id35847.diff
View Options
diff --git a/resources/sql/autopatches/20151218.key.1.keyphid.sql b/resources/sql/autopatches/20151218.key.1.keyphid.sql
new file mode 100644
--- /dev/null
+++ b/resources/sql/autopatches/20151218.key.1.keyphid.sql
@@ -0,0 +1,2 @@
+ALTER TABLE {$NAMESPACE}_auth.auth_sshkey
+ ADD phid VARBINARY(64) NOT NULL AFTER id;
diff --git a/resources/sql/autopatches/20151218.key.2.keyphid.php b/resources/sql/autopatches/20151218.key.2.keyphid.php
new file mode 100644
--- /dev/null
+++ b/resources/sql/autopatches/20151218.key.2.keyphid.php
@@ -0,0 +1,17 @@
+<?php
+
+$table = new PhabricatorAuthSSHKey();
+$conn_w = $table->establishConnection('w');
+
+foreach (new LiskMigrationIterator($table) as $cursor) {
+ if (strlen($cursor->getPHID())) {
+ continue;
+ }
+
+ queryfx(
+ $conn_w,
+ 'UPDATE %T SET phid = %s WHERE id = %d',
+ $table->getTableName(),
+ $table->generatePHID(),
+ $cursor->getID());
+}
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1684,6 +1684,7 @@
'PhabricatorAuthApplication' => 'applications/auth/application/PhabricatorAuthApplication.php',
'PhabricatorAuthAuthFactorPHIDType' => 'applications/auth/phid/PhabricatorAuthAuthFactorPHIDType.php',
'PhabricatorAuthAuthProviderPHIDType' => 'applications/auth/phid/PhabricatorAuthAuthProviderPHIDType.php',
+ 'PhabricatorAuthSSHKeyPHIDType' => 'applications/auth/phid/PhabricatorAuthSSHKeyPHIDType.php',
'PhabricatorAuthConduitAPIMethod' => 'applications/auth/conduit/PhabricatorAuthConduitAPIMethod.php',
'PhabricatorAuthConfirmLinkController' => 'applications/auth/controller/PhabricatorAuthConfirmLinkController.php',
'PhabricatorAuthController' => 'applications/auth/controller/PhabricatorAuthController.php',
@@ -5833,6 +5834,7 @@
'PhabricatorAuthSSHKey' => array(
'PhabricatorAuthDAO',
'PhabricatorPolicyInterface',
+ 'PhabricatorDestructibleInterface',
),
'PhabricatorAuthSSHKeyController' => 'PhabricatorAuthController',
'PhabricatorAuthSSHKeyDeleteController' => 'PhabricatorAuthSSHKeyController',
@@ -5840,6 +5842,7 @@
'PhabricatorAuthSSHKeyGenerateController' => 'PhabricatorAuthSSHKeyController',
'PhabricatorAuthSSHKeyQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorAuthSSHKeyTableView' => 'AphrontView',
+ 'PhabricatorAuthSSHKeyPHIDType' => 'PhabricatorPHIDType',
'PhabricatorAuthSSHPublicKey' => 'Phobject',
'PhabricatorAuthSession' => array(
'PhabricatorAuthDAO',
diff --git a/src/applications/auth/conduit/PhabricatorAuthQueryPublicKeysConduitAPIMethod.php b/src/applications/auth/conduit/PhabricatorAuthQueryPublicKeysConduitAPIMethod.php
--- a/src/applications/auth/conduit/PhabricatorAuthQueryPublicKeysConduitAPIMethod.php
+++ b/src/applications/auth/conduit/PhabricatorAuthQueryPublicKeysConduitAPIMethod.php
@@ -14,6 +14,7 @@
protected function defineParamTypes() {
return array(
'ids' => 'optional list<id>',
+ 'phids' => 'optional list<phid>',
'objectPHIDs' => 'optional list<phid>',
'keys' => 'optional list<string>',
) + self::getPagerParamTypes();
@@ -34,6 +35,11 @@
$query->withIDs($ids);
}
+ $phids = $request->getValue('phids');
+ if ($phids !== null) {
+ $query->withPHIDs($phids);
+ }
+
$object_phids = $request->getValue('objectPHIDs');
if ($object_phids !== null) {
$query->withObjectPHIDs($object_phids);
@@ -57,6 +63,7 @@
$data[] = array(
'id' => $public_key->getID(),
'name' => $public_key->getName(),
+ 'phid' => $public_key->getPHID(),
'objectPHID' => $public_key->getObjectPHID(),
'isTrusted' => (bool)$public_key->getIsTrusted(),
'key' => $public_key->getEntireKey(),
diff --git a/src/applications/auth/phid/PhabricatorAuthSSHKeyPHIDType.php b/src/applications/auth/phid/PhabricatorAuthSSHKeyPHIDType.php
new file mode 100644
--- /dev/null
+++ b/src/applications/auth/phid/PhabricatorAuthSSHKeyPHIDType.php
@@ -0,0 +1,38 @@
+<?php
+
+final class PhabricatorAuthSSHKeyPHIDType
+ extends PhabricatorPHIDType {
+
+ const TYPECONST = 'AKEY';
+
+ public function getTypeName() {
+ return pht('Public SSH Key');
+ }
+
+ public function newObject() {
+ return new PhabricatorAuthSSHKey();
+ }
+
+ public function getPHIDTypeApplicationClass() {
+ return 'PhabricatorAuthApplication';
+ }
+
+ protected function buildQueryForObjects(
+ PhabricatorObjectQuery $query,
+ array $phids) {
+
+ return id(new PhabricatorAuthSSHKeyQuery())
+ ->withPHIDs($phids);
+ }
+
+ public function loadHandles(
+ PhabricatorHandleQuery $query,
+ array $handles,
+ array $objects) {
+ foreach ($handles as $phid => $handle) {
+ $key = $objects[$phid];
+ $handle->setName(pht('SSH Key %d', $key->getID()));
+ }
+ }
+
+}
diff --git a/src/applications/auth/query/PhabricatorAuthSSHKeyQuery.php b/src/applications/auth/query/PhabricatorAuthSSHKeyQuery.php
--- a/src/applications/auth/query/PhabricatorAuthSSHKeyQuery.php
+++ b/src/applications/auth/query/PhabricatorAuthSSHKeyQuery.php
@@ -4,6 +4,7 @@
extends PhabricatorCursorPagedPolicyAwareQuery {
private $ids;
+ private $phids;
private $objectPHIDs;
private $keys;
@@ -12,6 +13,11 @@
return $this;
}
+ public function withPHIDs(array $phids) {
+ $this->phids = $phids;
+ return $this;
+ }
+
public function withObjectPHIDs(array $object_phids) {
$this->objectPHIDs = $object_phids;
return $this;
@@ -23,19 +29,12 @@
return $this;
}
+ public function newResultObject() {
+ return new PhabricatorAuthSSHKey();
+ }
+
protected function loadPage() {
- $table = new PhabricatorAuthSSHKey();
- $conn_r = $table->establishConnection('r');
-
- $data = queryfx_all(
- $conn_r,
- 'SELECT * FROM %T %Q %Q %Q',
- $table->getTableName(),
- $this->buildWhereClause($conn_r),
- $this->buildOrderClause($conn_r),
- $this->buildLimitClause($conn_r));
-
- return $table->loadAllFromArray($data);
+ return $this->loadStandardPage($this->newResultObject());
}
protected function willFilterPage(array $keys) {
@@ -54,6 +53,7 @@
// We must have an object, and that object must be a valid object for
// SSH keys.
if (!$object || !($object instanceof PhabricatorSSHPublicKeyInterface)) {
+ $this->didRejectResult($ssh_key);
unset($keys[$key]);
continue;
}
@@ -64,19 +64,26 @@
return $keys;
}
- protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {
- $where = array();
+ protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
+ $where = parent::buildWhereClauseParts($conn);
if ($this->ids !== null) {
$where[] = qsprintf(
- $conn_r,
+ $conn,
'id IN (%Ld)',
$this->ids);
}
+ if ($this->phids !== null) {
+ $where[] = qsprintf(
+ $conn,
+ 'phid IN (%Ls)',
+ $this->phids);
+ }
+
if ($this->objectPHIDs !== null) {
$where[] = qsprintf(
- $conn_r,
+ $conn,
'objectPHID IN (%Ls)',
$this->objectPHIDs);
}
@@ -85,7 +92,7 @@
$sql = array();
foreach ($this->keys as $key) {
$sql[] = qsprintf(
- $conn_r,
+ $conn,
'(keyType = %s AND keyIndex = %s)',
$key->getType(),
$key->getHash());
@@ -93,9 +100,8 @@
$where[] = implode(' OR ', $sql);
}
- $where[] = $this->buildPagingClause($conn_r);
+ return $where;
- return $this->formatWhereClause($where);
}
public function getQueryApplicationClass() {
diff --git a/src/applications/auth/storage/PhabricatorAuthSSHKey.php b/src/applications/auth/storage/PhabricatorAuthSSHKey.php
--- a/src/applications/auth/storage/PhabricatorAuthSSHKey.php
+++ b/src/applications/auth/storage/PhabricatorAuthSSHKey.php
@@ -2,7 +2,9 @@
final class PhabricatorAuthSSHKey
extends PhabricatorAuthDAO
- implements PhabricatorPolicyInterface {
+ implements
+ PhabricatorPolicyInterface,
+ PhabricatorDestructibleInterface {
protected $objectPHID;
protected $name;
@@ -16,6 +18,7 @@
protected function getConfiguration() {
return array(
+ self::CONFIG_AUX_PHID => true,
self::CONFIG_COLUMN_SCHEMA => array(
'name' => 'text255',
'keyType' => 'text255',
@@ -63,8 +66,10 @@
return $this;
}
-
-
+ public function generatePHID() {
+ return PhabricatorPHID::generateNewPHID(
+ PhabricatorAuthSSHKeyPHIDType::TYPECONST);
+ }
/* -( PhabricatorPolicyInterface )----------------------------------------- */
@@ -89,4 +94,15 @@
'SSH keys inherit the policies of the user or object they authenticate.');
}
+/* -( PhabricatorDestructibleInterface )----------------------------------- */
+
+
+ public function destroyObjectPermanently(
+ PhabricatorDestructionEngine $engine) {
+
+ $this->openTransaction();
+ $this->delete();
+ $this->saveTransaction();
+ }
+
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Mar 23, 6:32 PM (4 d, 20 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7365481
Default Alt Text
D14823.id35847.diff (8 KB)
Attached To
Mode
D14823: Provide a more straightforward way to revoke SSH keys by finding and destroying the objects
Attached
Detach File
Event Timeline
Log In to Comment