recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

When administrators revoke SSH keys, don't include a "security warning" in the mail

Summary:
Depends on D18906. Ref T13043. When SSH keys are edited, we normally include a warning that if you don't recognize the activity you might have problems in the mail body.

Currently, this warning is also shown for revocations with `bin/auth revoke --type ssh`. However, these revocations are safe (revocations are generally not dangerous anyway) and almost certainly legitimate and administrative, so don't warn users about them.

Test Plan:
- Created and revoked a key.
- Creation mail still had warning; revocation mail no longer did.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18907

epriestley 13ef5c6f 026ec11b

+32 -5
+31 -5
src/applications/auth/editor/PhabricatorAuthSSHKeyEditor.php
··· 3 3 final class PhabricatorAuthSSHKeyEditor 4 4 extends PhabricatorApplicationTransactionEditor { 5 5 6 + private $isAdministrativeEdit; 7 + 8 + public function setIsAdministrativeEdit($is_administrative_edit) { 9 + $this->isAdministrativeEdit = $is_administrative_edit; 10 + return $this; 11 + } 12 + 13 + public function getIsAdministrativeEdit() { 14 + return $this->isAdministrativeEdit; 15 + } 16 + 6 17 public function getEditorApplicationClass() { 7 18 return 'PhabricatorAuthApplication'; 8 19 } ··· 239 250 240 251 $body = parent::buildMailBody($object, $xactions); 241 252 242 - $body->addTextSection( 243 - pht('SECURITY WARNING'), 244 - pht( 245 - 'If you do not recognize this change, it may indicate your account '. 246 - 'has been compromised.')); 253 + if (!$this->getIsAdministrativeEdit()) { 254 + $body->addTextSection( 255 + pht('SECURITY WARNING'), 256 + pht( 257 + 'If you do not recognize this change, it may indicate your account '. 258 + 'has been compromised.')); 259 + } 247 260 248 261 $detail_uri = $object->getURI(); 249 262 $detail_uri = PhabricatorEnv::getProductionURI($detail_uri); ··· 252 265 253 266 return $body; 254 267 } 268 + 269 + 270 + protected function getCustomWorkerState() { 271 + return array( 272 + 'isAdministrativeEdit' => $this->isAdministrativeEdit, 273 + ); 274 + } 275 + 276 + protected function loadCustomWorkerState(array $state) { 277 + $this->isAdministrativeEdit = idx($state, 'isAdministrativeEdit'); 278 + return $this; 279 + } 280 + 255 281 256 282 }
+1
src/applications/auth/revoker/PhabricatorAuthSSHRevoker.php
··· 43 43 ->setContinueOnNoEffect(true) 44 44 ->setContinueOnMissingFields(true) 45 45 ->setContentSource($content_source) 46 + ->setIsAdministrativeEdit(true) 46 47 ->applyTransactions($ssh_key, $xactions); 47 48 } 48 49