Changeset View
Changeset View
Standalone View
Standalone View
src/applications/diffusion/ssh/DiffusionSSHWorkflow.php
| Show All 20 Lines | abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow { | ||||
| } | } | ||||
| public function getArgs() { | public function getArgs() { | ||||
| return $this->args; | return $this->args; | ||||
| } | } | ||||
| public function getEnvironment() { | public function getEnvironment() { | ||||
| $env = array( | $env = array( | ||||
| DiffusionCommitHookEngine::ENV_USER => $this->getUser()->getUsername(), | DiffusionCommitHookEngine::ENV_USER => $this->getSSHUser()->getUsername(), | ||||
| DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh', | DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh', | ||||
| ); | ); | ||||
| $remote_address = $this->getSSHRemoteAddress(); | $remote_address = $this->getSSHRemoteAddress(); | ||||
| if ($remote_address !== null) { | if ($remote_address !== null) { | ||||
| $env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address; | $env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address; | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 79 Lines • ▼ Show 20 Lines | protected function getProxyCommand() { | ||||
| return csprintf( | return csprintf( | ||||
| 'ssh %Ls -l %s -i %s -p %s %s -- %s %Ls', | 'ssh %Ls -l %s -i %s -p %s %s -- %s %Ls', | ||||
| $options, | $options, | ||||
| $username, | $username, | ||||
| $key_path, | $key_path, | ||||
| $port, | $port, | ||||
| $host, | $host, | ||||
| '@'.$this->getUser()->getUsername(), | '@'.$this->getSSHUser()->getUsername(), | ||||
| $this->getOriginalArguments()); | $this->getOriginalArguments()); | ||||
| } | } | ||||
| final public function execute(PhutilArgumentParser $args) { | final public function execute(PhutilArgumentParser $args) { | ||||
| $this->args = $args; | $this->args = $args; | ||||
| $viewer = $this->getUser(); | $viewer = $this->getSSHUser(); | ||||
| $have_diffusion = PhabricatorApplication::isClassInstalledForViewer( | $have_diffusion = PhabricatorApplication::isClassInstalledForViewer( | ||||
| 'PhabricatorDiffusionApplication', | 'PhabricatorDiffusionApplication', | ||||
| $viewer); | $viewer); | ||||
| if (!$have_diffusion) { | if (!$have_diffusion) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| 'You do not have permission to access the Diffusion application, '. | 'You do not have permission to access the Diffusion application, '. | ||||
| 'so you can not interact with repositories over SSH.')); | 'so you can not interact with repositories over SSH.')); | ||||
| Show All 18 Lines | try { | ||||
| return $this->executeRepositoryOperations(); | return $this->executeRepositoryOperations(); | ||||
| } catch (Exception $ex) { | } catch (Exception $ex) { | ||||
| $this->writeError(get_class($ex).': '.$ex->getMessage()); | $this->writeError(get_class($ex).': '.$ex->getMessage()); | ||||
| return 1; | return 1; | ||||
| } | } | ||||
| } | } | ||||
| protected function loadRepositoryWithPath($path, $vcs) { | protected function loadRepositoryWithPath($path, $vcs) { | ||||
| $viewer = $this->getUser(); | $viewer = $this->getSSHUser(); | ||||
| $info = PhabricatorRepository::parseRepositoryServicePath($path, $vcs); | $info = PhabricatorRepository::parseRepositoryServicePath($path, $vcs); | ||||
| if ($info === null) { | if ($info === null) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| 'Unrecognized repository path "%s". Expected a path like "%s", '. | 'Unrecognized repository path "%s". Expected a path like "%s", '. | ||||
| '"%s", or "%s".', | '"%s", or "%s".', | ||||
| $path, | $path, | ||||
| Show All 33 Lines | abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow { | ||||
| } | } | ||||
| protected function requireWriteAccess($protocol_command = null) { | protected function requireWriteAccess($protocol_command = null) { | ||||
| if ($this->hasWriteAccess === true) { | if ($this->hasWriteAccess === true) { | ||||
| return; | return; | ||||
| } | } | ||||
| $repository = $this->getRepository(); | $repository = $this->getRepository(); | ||||
| $viewer = $this->getUser(); | $viewer = $this->getSSHUser(); | ||||
| if ($viewer->isOmnipotent()) { | if ($viewer->isOmnipotent()) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| 'This request is authenticated as a cluster device, but is '. | 'This request is authenticated as a cluster device, but is '. | ||||
| 'performing a write. Writes must be performed with a real '. | 'performing a write. Writes must be performed with a real '. | ||||
| 'user account.')); | 'user account.')); | ||||
| } | } | ||||
| Show All 21 Lines | if ($repository->canServeProtocol($protocol, true)) { | ||||
| } | } | ||||
| } | } | ||||
| $this->hasWriteAccess = true; | $this->hasWriteAccess = true; | ||||
| return $this->hasWriteAccess; | return $this->hasWriteAccess; | ||||
| } | } | ||||
| protected function shouldSkipReadSynchronization() { | protected function shouldSkipReadSynchronization() { | ||||
| $viewer = $this->getUser(); | $viewer = $this->getSSHUser(); | ||||
| // Currently, the only case where devices interact over SSH without | // Currently, the only case where devices interact over SSH without | ||||
| // assuming user credentials is when synchronizing before a read. These | // assuming user credentials is when synchronizing before a read. These | ||||
| // synchronizing reads do not themselves need to be synchronized. | // synchronizing reads do not themselves need to be synchronized. | ||||
| if ($viewer->isOmnipotent()) { | if ($viewer->isOmnipotent()) { | ||||
| return true; | return true; | ||||
| } | } | ||||
| return false; | return false; | ||||
| } | } | ||||
| protected function newPullEvent() { | protected function newPullEvent() { | ||||
| $viewer = $this->getViewer(); | $viewer = $this->getSSHUser(); | ||||
epriestley: This is the actual bugfix. | |||||
| $repository = $this->getRepository(); | $repository = $this->getRepository(); | ||||
| $remote_address = $this->getSSHRemoteAddress(); | $remote_address = $this->getSSHRemoteAddress(); | ||||
| return id(new PhabricatorRepositoryPullEvent()) | return id(new PhabricatorRepositoryPullEvent()) | ||||
| ->setEpoch(PhabricatorTime::getNow()) | ->setEpoch(PhabricatorTime::getNow()) | ||||
| ->setRemoteAddress($remote_address) | ->setRemoteAddress($remote_address) | ||||
| ->setRemoteProtocol('ssh') | ->setRemoteProtocol('ssh') | ||||
| ->setPullerPHID($viewer->getPHID()) | ->setPullerPHID($viewer->getPHID()) | ||||
| ->setRepositoryPHID($repository->getPHID()); | ->setRepositoryPHID($repository->getPHID()); | ||||
| } | } | ||||
| } | } | ||||
This is the actual bugfix.