protected function applyFinalEffects(PhabricatorLiskDAO $object, array $xactions)
 {
     // After making any change to an SSH key, drop the authfile cache so it
     // is regenerated the next time anyone authenticates.
     $cache = PhabricatorCaches::getMutableCache();
     $authfile_key = PhabricatorAuthSSHKeyQuery::AUTHFILE_CACHEKEY;
     $cache->deleteKey($authfile_key);
     return $xactions;
 }
Exemplo n.º 2
0
#!/usr/bin/env php
<?php 
$root = dirname(dirname(dirname(__FILE__)));
require_once $root . '/scripts/__init_script__.php';
$cache = PhabricatorCaches::getMutableCache();
$authfile_key = PhabricatorAuthSSHKeyQuery::AUTHFILE_CACHEKEY;
$authfile = $cache->getKey($authfile_key);
if ($authfile === null) {
    $keys = id(new PhabricatorAuthSSHKeyQuery())->setViewer(PhabricatorUser::getOmnipotentUser())->withIsActive(true)->execute();
    if (!$keys) {
        echo pht('No keys found.') . "\n";
        exit(1);
    }
    $bin = $root . '/bin/ssh-exec';
    foreach ($keys as $ssh_key) {
        $key_argv = array();
        $object = $ssh_key->getObject();
        if ($object instanceof PhabricatorUser) {
            $key_argv[] = '--phabricator-ssh-user';
            $key_argv[] = $object->getUsername();
        } else {
            if ($object instanceof AlmanacDevice) {
                if (!$ssh_key->getIsTrusted()) {
                    // If this key is not a trusted device key, don't allow SSH
                    // authentication.
                    continue;
                }
                $key_argv[] = '--phabricator-ssh-device';
                $key_argv[] = $object->getName();
            } else {
                // We don't know what sort of key this is; don't permit SSH auth.