Path: blob/master/src/applications/auth/revoker/PhabricatorAuthSSHRevoker.php
12256 views
<?php12final class PhabricatorAuthSSHRevoker3extends PhabricatorAuthRevoker {45const REVOKERKEY = 'ssh';67public function getRevokerName() {8return pht('SSH Keys');9}1011public function getRevokerDescription() {12return pht(13"Revokes all SSH public keys.\n\n".14"SSH public keys are revoked, not just removed. Users will need to ".15"generate and upload new, unique keys before they can access ".16"repositories or other services over SSH.");17}1819public function revokeAllCredentials() {20$query = new PhabricatorAuthSSHKeyQuery();21return $this->revokeWithQuery($query);22}2324public function revokeCredentialsFrom($object) {25$query = id(new PhabricatorAuthSSHKeyQuery())26->withObjectPHIDs(array($object->getPHID()));2728return $this->revokeWithQuery($query);29}3031private function revokeWithQuery(PhabricatorAuthSSHKeyQuery $query) {32$viewer = $this->getViewer();3334// We're only going to revoke keys which have not already been revoked.3536$ssh_keys = $query37->setViewer($viewer)38->withIsActive(true)39->execute();4041$content_source = PhabricatorContentSource::newForSource(42PhabricatorDaemonContentSource::SOURCECONST);4344$auth_phid = id(new PhabricatorAuthApplication())->getPHID();45foreach ($ssh_keys as $ssh_key) {46$xactions = array();47$xactions[] = $ssh_key->getApplicationTransactionTemplate()48->setTransactionType(PhabricatorAuthSSHKeyTransaction::TYPE_DEACTIVATE)49->setNewValue(1);5051$editor = $ssh_key->getApplicationTransactionEditor()52->setActor($viewer)53->setActingAsPHID($auth_phid)54->setContinueOnNoEffect(true)55->setContinueOnMissingFields(true)56->setContentSource($content_source)57->setIsAdministrativeEdit(true)58->applyTransactions($ssh_key, $xactions);59}6061return count($ssh_keys);62}6364}656667