Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/phabricator
 Path: blob/master/src/applications/auth/storage/PhabricatorAuthSSHKey.php
12256 views
1
<?php

2


3
final class PhabricatorAuthSSHKey

4
  extends PhabricatorAuthDAO

5
  implements

6
    PhabricatorPolicyInterface,

7
    PhabricatorDestructibleInterface,

8
    PhabricatorApplicationTransactionInterface {

9


10
  protected $objectPHID;

11
  protected $name;

12
  protected $keyType;

13
  protected $keyIndex;

14
  protected $keyBody;

15
  protected $keyComment = '';

16
  protected $isTrusted = 0;

17
  protected $isActive;

18


19
  private $object = self::ATTACHABLE;

20


21
  public static function initializeNewSSHKey(

22
    PhabricatorUser $viewer,

23
    PhabricatorSSHPublicKeyInterface $object) {

24


25
    // You must be able to edit an object to create a new key on it.

26
    PhabricatorPolicyFilter::requireCapability(

27
      $viewer,

28
      $object,

29
      PhabricatorPolicyCapability::CAN_EDIT);

30


31
    $object_phid = $object->getPHID();

32


33
    return id(new self())

34
      ->setIsActive(1)

35
      ->setObjectPHID($object_phid)

36
      ->attachObject($object);

37
  }

38


39
  protected function getConfiguration() {

40
    return array(

41
      self::CONFIG_AUX_PHID => true,

42
      self::CONFIG_COLUMN_SCHEMA => array(

43
        'name' => 'text255',

44
        'keyType' => 'text255',

45
        'keyIndex' => 'bytes12',

46
        'keyBody' => 'text',

47
        'keyComment' => 'text255',

48
        'isTrusted' => 'bool',

49
        'isActive' => 'bool?',

50
      ),

51
      self::CONFIG_KEY_SCHEMA => array(

52
        'key_object' => array(

53
          'columns' => array('objectPHID'),

54
        ),

55
        'key_active' => array(

56
          'columns' => array('isActive', 'objectPHID'),

57
        ),

58
        // NOTE: This unique key includes a nullable column, effectively

59
        // constraining uniqueness on active keys only.

60
        'key_activeunique' => array(

61
          'columns' => array('keyIndex', 'isActive'),

62
          'unique' => true,

63
        ),

64
      ),

65
    ) + parent::getConfiguration();

66
  }

67


68
  public function save() {

69
    $this->setKeyIndex($this->toPublicKey()->getHash());

70
    return parent::save();

71
  }

72


73
  public function toPublicKey() {

74
    return PhabricatorAuthSSHPublicKey::newFromStoredKey($this);

75
  }

76


77
  public function getEntireKey() {

78
    $parts = array(

79
      $this->getKeyType(),

80
      $this->getKeyBody(),

81
      $this->getKeyComment(),

82
    );

83
    return trim(implode(' ', $parts));

84
  }

85


86
  public function getObject() {

87
    return $this->assertAttached($this->object);

88
  }

89


90
  public function attachObject(PhabricatorSSHPublicKeyInterface $object) {

91
    $this->object = $object;

92
    return $this;

93
  }

94


95
  public function generatePHID() {

96
    return PhabricatorPHID::generateNewPHID(

97
      PhabricatorAuthSSHKeyPHIDType::TYPECONST);

98
  }

99


100
  public function getURI() {

101
    $id = $this->getID();

102
    return "/auth/sshkey/view/{$id}/";

103
  }

104


105
/* -(  PhabricatorPolicyInterface  )----------------------------------------- */

106


107


108
  public function getCapabilities() {

109
    return array(

110
      PhabricatorPolicyCapability::CAN_VIEW,

111
      PhabricatorPolicyCapability::CAN_EDIT,

112
    );

113
  }

114


115
  public function getPolicy($capability) {

116
    if (!$this->getIsActive()) {

117
      if ($capability == PhabricatorPolicyCapability::CAN_EDIT) {

118
        return PhabricatorPolicies::POLICY_NOONE;

119
      }

120
    }

121


122
    return $this->getObject()->getPolicy($capability);

123
  }

124


125
  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {

126
    if (!$this->getIsActive()) {

127
      return false;

128
    }

129


130
    return $this->getObject()->hasAutomaticCapability($capability, $viewer);

131
  }

132


133
  public function describeAutomaticCapability($capability) {

134
    if (!$this->getIsACtive()) {

135
      return pht(

136
        'Revoked SSH keys can not be edited or reinstated.');

137
    }

138


139
    return pht(

140
      'SSH keys inherit the policies of the user or object they authenticate.');

141
  }

142


143
/* -(  PhabricatorDestructibleInterface  )----------------------------------- */

144


145


146
  public function destroyObjectPermanently(

147
    PhabricatorDestructionEngine $engine) {

148


149
    $this->openTransaction();

150
    $this->delete();

151
    $this->saveTransaction();

152
  }

153


154


155
/* -(  PhabricatorApplicationTransactionInterface  )------------------------- */

156


157


158
  public function getApplicationTransactionEditor() {

159
    return new PhabricatorAuthSSHKeyEditor();

160
  }

161


162
  public function getApplicationTransactionTemplate() {

163
    return new PhabricatorAuthSSHKeyTransaction();

164
  }

165


166
}

167


168