Page MenuHomePhabricator
Differential D18912 Diff 45373 src/applications/diffusion/ssh/DiffusionSSHWorkflow.php

Changeset View

Standalone View

View Options

src/applications/diffusion/ssh/DiffusionSSHWorkflow.php

Show All 20 Linesabstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
} }
public function getArgs() { public function getArgs() {
return $this->args; return $this->args;
} }
public function getEnvironment() { public function getEnvironment() {
$env = array( $env = array(
DiffusionCommitHookEngine::ENV_USER => $this->getUser()->getUsername(), DiffusionCommitHookEngine::ENV_USER => $this->getSSHUser()->getUsername(),
DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh', DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'ssh',
); );
$remote_address = $this->getSSHRemoteAddress(); $remote_address = $this->getSSHRemoteAddress();
if ($remote_address !== null) { if ($remote_address !== null) {
$env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address; $env[DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS] = $remote_address;
} }
▲ Show 20 LinesShow All 79 Lines▼ Show 20 Lines protected function getProxyCommand() {
return csprintf( return csprintf(
'ssh %Ls -l %s -i %s -p %s %s -- %s %Ls', 'ssh %Ls -l %s -i %s -p %s %s -- %s %Ls',
$options, $options,
$username, $username,
$key_path, $key_path,
$port, $port,
$host, $host,
'@'.$this->getUser()->getUsername(), '@'.$this->getSSHUser()->getUsername(),
$this->getOriginalArguments()); $this->getOriginalArguments());
} }
final public function execute(PhutilArgumentParser $args) { final public function execute(PhutilArgumentParser $args) {
$this->args = $args; $this->args = $args;
$viewer = $this->getUser(); $viewer = $this->getSSHUser();
$have_diffusion = PhabricatorApplication::isClassInstalledForViewer( $have_diffusion = PhabricatorApplication::isClassInstalledForViewer(
'PhabricatorDiffusionApplication', 'PhabricatorDiffusionApplication',
$viewer); $viewer);
if (!$have_diffusion) { if (!$have_diffusion) {
throw new Exception( throw new Exception(
pht( pht(
'You do not have permission to access the Diffusion application, '. 'You do not have permission to access the Diffusion application, '.
'so you can not interact with repositories over SSH.')); 'so you can not interact with repositories over SSH.'));
Show All 18 Lines try {
return $this->executeRepositoryOperations(); return $this->executeRepositoryOperations();
} catch (Exception $ex) { } catch (Exception $ex) {
$this->writeError(get_class($ex).': '.$ex->getMessage()); $this->writeError(get_class($ex).': '.$ex->getMessage());
return 1; return 1;
} }
} }
protected function loadRepositoryWithPath($path, $vcs) { protected function loadRepositoryWithPath($path, $vcs) {
$viewer = $this->getUser(); $viewer = $this->getSSHUser();
$info = PhabricatorRepository::parseRepositoryServicePath($path, $vcs); $info = PhabricatorRepository::parseRepositoryServicePath($path, $vcs);
if ($info === null) { if ($info === null) {
throw new Exception( throw new Exception(
pht( pht(
'Unrecognized repository path "%s". Expected a path like "%s", '. 'Unrecognized repository path "%s". Expected a path like "%s", '.
'"%s", or "%s".', '"%s", or "%s".',
$path, $path,
Show All 33 Linesabstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
} }
protected function requireWriteAccess($protocol_command = null) { protected function requireWriteAccess($protocol_command = null) {
if ($this->hasWriteAccess === true) { if ($this->hasWriteAccess === true) {
return; return;
} }
$repository = $this->getRepository(); $repository = $this->getRepository();
$viewer = $this->getUser(); $viewer = $this->getSSHUser();
if ($viewer->isOmnipotent()) { if ($viewer->isOmnipotent()) {
throw new Exception( throw new Exception(
pht( pht(
'This request is authenticated as a cluster device, but is '. 'This request is authenticated as a cluster device, but is '.
'performing a write. Writes must be performed with a real '. 'performing a write. Writes must be performed with a real '.
'user account.')); 'user account.'));
} }
Show All 21 Lines if ($repository->canServeProtocol($protocol, true)) {
} }
} }
$this->hasWriteAccess = true; $this->hasWriteAccess = true;
return $this->hasWriteAccess; return $this->hasWriteAccess;
} }
protected function shouldSkipReadSynchronization() { protected function shouldSkipReadSynchronization() {
$viewer = $this->getUser(); $viewer = $this->getSSHUser();
// Currently, the only case where devices interact over SSH without // Currently, the only case where devices interact over SSH without
// assuming user credentials is when synchronizing before a read. These // assuming user credentials is when synchronizing before a read. These
// synchronizing reads do not themselves need to be synchronized. // synchronizing reads do not themselves need to be synchronized.
if ($viewer->isOmnipotent()) { if ($viewer->isOmnipotent()) {
return true; return true;
} }
return false; return false;
} }
protected function newPullEvent() { protected function newPullEvent() {
$viewer = $this->getViewer(); $viewer = $this->getSSHUser();
epriestleyAuthorUnsubmitted
Not Done
Inline Actions

This is the actual bugfix.

epriestley: This is the actual bugfix.
$repository = $this->getRepository(); $repository = $this->getRepository();
$remote_address = $this->getSSHRemoteAddress(); $remote_address = $this->getSSHRemoteAddress();
return id(new PhabricatorRepositoryPullEvent()) return id(new PhabricatorRepositoryPullEvent())
->setEpoch(PhabricatorTime::getNow()) ->setEpoch(PhabricatorTime::getNow())
->setRemoteAddress($remote_address) ->setRemoteAddress($remote_address)
->setRemoteProtocol('ssh') ->setRemoteProtocol('ssh')
->setPullerPHID($viewer->getPHID()) ->setPullerPHID($viewer->getPHID())
->setRepositoryPHID($repository->getPHID()); ->setRepositoryPHID($repository->getPHID());
} }
} }
Phabricator · Built by Phacility