src/applications/auth/storage/PhabricatorAuthSSHKey.php at recaptime-dev/main

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

phorge / src / applications / auth / storage / PhabricatorAuthSSHKey.php

at recaptime-dev/main 166 lines 4.2 kB view raw

wrap content

epriestley Remove "getApplicationTransactionObject()" from ApplicationTransactionInterface 7y ago

11cf8f05

  1<?php
  2
  3final class PhabricatorAuthSSHKey
  4  extends PhabricatorAuthDAO
  5  implements
  6    PhabricatorPolicyInterface,
  7    PhabricatorDestructibleInterface,
  8    PhabricatorApplicationTransactionInterface {
  9
 10  protected $objectPHID;
 11  protected $name;
 12  protected $keyType;
 13  protected $keyIndex;
 14  protected $keyBody;
 15  protected $keyComment = '';
 16  protected $isTrusted = 0;
 17  protected $isActive;
 18
 19  private $object = self::ATTACHABLE;
 20
 21  public static function initializeNewSSHKey(
 22    PhabricatorUser $viewer,
 23    PhabricatorSSHPublicKeyInterface $object) {
 24
 25    // You must be able to edit an object to create a new key on it.
 26    PhabricatorPolicyFilter::requireCapability(
 27      $viewer,
 28      $object,
 29      PhabricatorPolicyCapability::CAN_EDIT);
 30
 31    $object_phid = $object->getPHID();
 32
 33    return id(new self())
 34      ->setIsActive(1)
 35      ->setObjectPHID($object_phid)
 36      ->attachObject($object);
 37  }
 38
 39  protected function getConfiguration() {
 40    return array(
 41      self::CONFIG_AUX_PHID => true,
 42      self::CONFIG_COLUMN_SCHEMA => array(
 43        'name' => 'text255',
 44        'keyType' => 'text255',
 45        'keyIndex' => 'bytes12',
 46        'keyBody' => 'text',
 47        'keyComment' => 'text255',
 48        'isTrusted' => 'bool',
 49        'isActive' => 'bool?',
 50      ),
 51      self::CONFIG_KEY_SCHEMA => array(
 52        'key_object' => array(
 53          'columns' => array('objectPHID'),
 54        ),
 55        'key_active' => array(
 56          'columns' => array('isActive', 'objectPHID'),
 57        ),
 58        // NOTE: This unique key includes a nullable column, effectively
 59        // constraining uniqueness on active keys only.
 60        'key_activeunique' => array(
 61          'columns' => array('keyIndex', 'isActive'),
 62          'unique' => true,
 63        ),
 64      ),
 65    ) + parent::getConfiguration();
 66  }
 67
 68  public function save() {
 69    $this->setKeyIndex($this->toPublicKey()->getHash());
 70    return parent::save();
 71  }
 72
 73  public function toPublicKey() {
 74    return PhabricatorAuthSSHPublicKey::newFromStoredKey($this);
 75  }
 76
 77  public function getEntireKey() {
 78    $parts = array(
 79      $this->getKeyType(),
 80      $this->getKeyBody(),
 81      $this->getKeyComment(),
 82    );
 83    return trim(implode(' ', $parts));
 84  }
 85
 86  public function getObject() {
 87    return $this->assertAttached($this->object);
 88  }
 89
 90  public function attachObject(PhabricatorSSHPublicKeyInterface $object) {
 91    $this->object = $object;
 92    return $this;
 93  }
 94
 95  public function generatePHID() {
 96    return PhabricatorPHID::generateNewPHID(
 97      PhabricatorAuthSSHKeyPHIDType::TYPECONST);
 98  }
 99
100  public function getURI() {
101    $id = $this->getID();
102    return "/auth/sshkey/view/{$id}/";
103  }
104
105/* -(  PhabricatorPolicyInterface  )----------------------------------------- */
106
107
108  public function getCapabilities() {
109    return array(
110      PhabricatorPolicyCapability::CAN_VIEW,
111      PhabricatorPolicyCapability::CAN_EDIT,
112    );
113  }
114
115  public function getPolicy($capability) {
116    if (!$this->getIsActive()) {
117      if ($capability == PhabricatorPolicyCapability::CAN_EDIT) {
118        return PhabricatorPolicies::POLICY_NOONE;
119      }
120    }
121
122    return $this->getObject()->getPolicy($capability);
123  }
124
125  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
126    if (!$this->getIsActive()) {
127      return false;
128    }
129
130    return $this->getObject()->hasAutomaticCapability($capability, $viewer);
131  }
132
133  public function describeAutomaticCapability($capability) {
134    if (!$this->getIsACtive()) {
135      return pht(
136        'Revoked SSH keys can not be edited or reinstated.');
137    }
138
139    return pht(
140      'SSH keys inherit the policies of the user or object they authenticate.');
141  }
142
143/* -(  PhabricatorDestructibleInterface  )----------------------------------- */
144
145
146  public function destroyObjectPermanently(
147    PhabricatorDestructionEngine $engine) {
148
149    $this->openTransaction();
150    $this->delete();
151    $this->saveTransaction();
152  }
153
154
155/* -(  PhabricatorApplicationTransactionInterface  )------------------------- */
156
157
158  public function getApplicationTransactionEditor() {
159    return new PhabricatorAuthSSHKeyEditor();
160  }
161
162  public function getApplicationTransactionTemplate() {
163    return new PhabricatorAuthSSHKeyTransaction();
164  }
165
166}

Configure Feed

Configure Feed