Page MenuHomePhabricator
Differential D15755 Diff 37974 scripts/ssh/ssh-exec.php

Changeset View

Standalone View

View Options

scripts/ssh/ssh-exec.php

Show First 20 LinesShow All 147 Lines▼ Show 20 Linestry {
} else { } else {
$original_command = getenv('SSH_ORIGINAL_COMMAND'); $original_command = getenv('SSH_ORIGINAL_COMMAND');
} }
$original_argv = id(new PhutilShellLexer()) $original_argv = id(new PhutilShellLexer())
->splitArguments($original_command); ->splitArguments($original_command);
if ($device) { if ($device) {
// If we're authenticating as a device, the first argument may be a
// "@username" argument to act as a particular user.
$first_argument = head($original_argv);
if (preg_match('/^@/', $first_argument)) {
$act_as_name = array_shift($original_argv); $act_as_name = array_shift($original_argv);
if (!preg_match('/^@/', $act_as_name)) {
throw new Exception(
pht(
'Commands executed by devices must identify an acting user in the '.
'first command argument. This request was not constructed '.
'properly.'));
}
$act_as_name = substr($act_as_name, 1); $act_as_name = substr($act_as_name, 1);
$user = id(new PhabricatorPeopleQuery()) $user = id(new PhabricatorPeopleQuery())
->setViewer(PhabricatorUser::getOmnipotentUser()) ->setViewer(PhabricatorUser::getOmnipotentUser())
->withUsernames(array($act_as_name)) ->withUsernames(array($act_as_name))
->executeOne(); ->executeOne();
if (!$user) { if (!$user) {
throw new Exception( throw new Exception(
pht( pht(
'Device request identifies an acting user with an invalid '. 'Device request identifies an acting user with an invalid '.
'username ("%s"). There is no user with this username.', 'username ("%s"). There is no user with this username.',
$act_as_name)); $act_as_name));
} }
} else {
$user = PhabricatorUser::getOmnipotentUser();
}
}
if ($user->isOmnipotent()) {
$user_name = 'device/'.$device->getName();
} else {
$user_name = $user->getUsername();
} }
$ssh_log->setData( $ssh_log->setData(
array( array(
'u' => $user->getUsername(), 'u' => $user_name,
'P' => $user->getPHID(), 'P' => $user->getPHID(),
)); ));
if (!$user->canEstablishSSHSessions()) { if (!$user->canEstablishSSHSessions()) {
throw new Exception( throw new Exception(
pht( pht(
'Your account ("%s") does not have permission to establish SSH '. 'Your account ("%s") does not have permission to establish SSH '.
'sessions. Visit the web interface for more information.', 'sessions. Visit the web interface for more information.',
$user->getUsername())); $user_name));
} }
$workflows = id(new PhutilClassMapQuery()) $workflows = id(new PhutilClassMapQuery())
->setAncestorClass('PhabricatorSSHWorkflow') ->setAncestorClass('PhabricatorSSHWorkflow')
->setUniqueMethod('getName') ->setUniqueMethod('getName')
->execute(); ->execute();
if (!$original_argv) { if (!$original_argv) {
throw new Exception( throw new Exception(
pht( pht(
"Welcome to Phabricator.\n\n". "Welcome to Phabricator.\n\n".
"You are logged in as %s.\n\n". "You are logged in as %s.\n\n".
"You haven't specified a command to run. This means you're requesting ". "You haven't specified a command to run. This means you're requesting ".
"an interactive shell, but Phabricator does not provide an ". "an interactive shell, but Phabricator does not provide an ".
"interactive shell over SSH.\n\n". "interactive shell over SSH.\n\n".
"Usually, you should run a command like `%s` or `%s` ". "Usually, you should run a command like `%s` or `%s` ".
"rather than connecting directly with SSH.\n\n". "rather than connecting directly with SSH.\n\n".
"Supported commands are: %s.", "Supported commands are: %s.",
$user->getUsername(), $user_name,
'git clone', 'git clone',
'hg push', 'hg push',
implode(', ', array_keys($workflows)))); implode(', ', array_keys($workflows))));
} }
$log_argv = implode(' ', $original_argv); $log_argv = implode(' ', $original_argv);
$log_argv = id(new PhutilUTF8StringTruncator()) $log_argv = id(new PhutilUTF8StringTruncator())
->setMaximumCodepoints(128) ->setMaximumCodepoints(128)
▲ Show 20 LinesShow All 79 LinesShow Last 20 Lines
Phabricator · Built by Phacility