Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/editor/PhabricatorAuthSSHKeyEditor.php
| Show First 20 Lines • Show All 98 Lines • ▼ Show 20 Lines | final class PhabricatorAuthSSHKeyEditor | ||||
| } | } | ||||
| protected function validateTransaction( | protected function validateTransaction( | ||||
| PhabricatorLiskDAO $object, | PhabricatorLiskDAO $object, | ||||
| $type, | $type, | ||||
| array $xactions) { | array $xactions) { | ||||
| $errors = parent::validateTransaction($object, $type, $xactions); | $errors = parent::validateTransaction($object, $type, $xactions); | ||||
| $viewer = $this->requireActor(); | |||||
| switch ($type) { | switch ($type) { | ||||
| case PhabricatorAuthSSHKeyTransaction::TYPE_NAME: | case PhabricatorAuthSSHKeyTransaction::TYPE_NAME: | ||||
| $missing = $this->validateIsEmptyTextField( | $missing = $this->validateIsEmptyTextField( | ||||
| $object->getName(), | $object->getName(), | ||||
| $xactions); | $xactions); | ||||
| if ($missing) { | if ($missing) { | ||||
| Show All 29 Lines | switch ($type) { | ||||
| try { | try { | ||||
| $public_key = PhabricatorAuthSSHPublicKey::newFromRawKey($new); | $public_key = PhabricatorAuthSSHPublicKey::newFromRawKey($new); | ||||
| } catch (Exception $ex) { | } catch (Exception $ex) { | ||||
| $errors[] = new PhabricatorApplicationTransactionValidationError( | $errors[] = new PhabricatorApplicationTransactionValidationError( | ||||
| $type, | $type, | ||||
| pht('Invalid'), | pht('Invalid'), | ||||
| $ex->getMessage(), | $ex->getMessage(), | ||||
| $xaction); | $xaction); | ||||
| continue; | |||||
| } | |||||
| // The database does not have a unique key on just the <keyBody> | |||||
| // column because we allow multiple accounts to revoke the same | |||||
| // key, so we can't rely on database constraints to prevent users | |||||
| // from adding keys that are on the revocation list back to their | |||||
| // accounts. Explicitly check for a revoked copy of the key. | |||||
| $revoked_keys = id(new PhabricatorAuthSSHKeyQuery()) | |||||
| ->setViewer($viewer) | |||||
| ->withObjectPHIDs(array($object->getObjectPHID())) | |||||
| ->withIsActive(0) | |||||
| ->withKeys(array($public_key)) | |||||
| ->execute(); | |||||
| if ($revoked_keys) { | |||||
| $errors[] = new PhabricatorApplicationTransactionValidationError( | |||||
| $type, | |||||
| pht('Revoked'), | |||||
| pht( | |||||
| 'This key has been revoked. Choose or generate a new, '. | |||||
| 'unique key.'), | |||||
| $xaction); | |||||
| continue; | |||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| break; | break; | ||||
| case PhabricatorAuthSSHKeyTransaction::TYPE_DEACTIVATE: | case PhabricatorAuthSSHKeyTransaction::TYPE_DEACTIVATE: | ||||
| foreach ($xactions as $xaction) { | foreach ($xactions as $xaction) { | ||||
| if (!$xaction->getNewValue()) { | if (!$xaction->getNewValue()) { | ||||
| ▲ Show 20 Lines • Show All 123 Lines • Show Last 20 Lines | |||||