2013-11-20 09:13:35 -08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
final class PassphraseCredentialEditController extends PassphraseController {
|
|
|
|
|
|
|
|
|
|
private $id;
|
|
|
|
|
|
|
|
|
|
public function willProcessRequest(array $data) {
|
|
|
|
|
$this->id = idx($data, 'id');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function processRequest() {
|
|
|
|
|
$request = $this->getRequest();
|
|
|
|
|
$viewer = $request->getUser();
|
|
|
|
|
|
|
|
|
|
if ($this->id) {
|
|
|
|
|
$credential = id(new PassphraseCredentialQuery())
|
|
|
|
|
->setViewer($viewer)
|
|
|
|
|
->withIDs(array($this->id))
|
|
|
|
|
->requireCapabilities(
|
|
|
|
|
array(
|
|
|
|
|
PhabricatorPolicyCapability::CAN_VIEW,
|
|
|
|
|
PhabricatorPolicyCapability::CAN_EDIT,
|
|
|
|
|
))
|
|
|
|
|
->executeOne();
|
|
|
|
|
if (!$credential) {
|
|
|
|
|
return new Aphront404Response();
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-26 05:46:26 -07:00
|
|
|
$type = $this->getCredentialType($credential->getCredentialType());
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
$is_new = false;
|
|
|
|
|
} else {
|
|
|
|
|
$type_const = $request->getStr('type');
|
2014-05-26 05:46:26 -07:00
|
|
|
$type = $this->getCredentialType($type_const);
|
|
|
|
|
|
|
|
|
|
if (!$type->isCreateable()) {
|
|
|
|
|
throw new Exception(
|
|
|
|
|
pht(
|
|
|
|
|
'Credential has noncreateable type "%s"!',
|
|
|
|
|
$credential->getCredentialType()));
|
2013-11-20 09:13:35 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$credential = PassphraseCredential::initializeNewCredential($viewer)
|
|
|
|
|
->setCredentialType($type->getCredentialType())
|
|
|
|
|
->setProvidesType($type->getProvidesType());
|
|
|
|
|
|
|
|
|
|
$is_new = true;
|
2013-11-22 14:35:35 -08:00
|
|
|
|
|
|
|
|
// Prefill username if provided.
|
2015-06-16 13:44:51 -07:00
|
|
|
$credential->setUsername((string)$request->getStr('username'));
|
2014-03-12 18:58:25 -07:00
|
|
|
|
|
|
|
|
if (!$request->getStr('isInitialized')) {
|
|
|
|
|
$type->didInitializeNewCredential($viewer, $credential);
|
|
|
|
|
}
|
2013-11-20 09:13:35 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$errors = array();
|
|
|
|
|
|
|
|
|
|
$v_name = $credential->getName();
|
|
|
|
|
$e_name = true;
|
|
|
|
|
|
|
|
|
|
$v_desc = $credential->getDescription();
|
2015-06-22 11:28:54 -07:00
|
|
|
$v_space = $credential->getSpacePHID();
|
2013-11-20 09:13:35 -08:00
|
|
|
|
|
|
|
|
$v_username = $credential->getUsername();
|
|
|
|
|
$e_username = true;
|
|
|
|
|
|
2014-05-04 05:00:14 -07:00
|
|
|
$v_is_locked = false;
|
|
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
$bullet = "\xE2\x80\xA2";
|
|
|
|
|
|
|
|
|
|
$v_secret = $credential->getSecretID() ? str_repeat($bullet, 32) : null;
|
2014-03-12 18:58:25 -07:00
|
|
|
if ($is_new && ($v_secret === null)) {
|
|
|
|
|
// If we're creating a new credential, the credential type may have
|
|
|
|
|
// populated the secret for us (for example, generated an SSH key). In
|
|
|
|
|
// this case,
|
|
|
|
|
try {
|
|
|
|
|
$v_secret = $credential->getSecret()->openEnvelope();
|
|
|
|
|
} catch (Exception $ex) {
|
|
|
|
|
// Ignore this.
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-11-20 09:13:35 -08:00
|
|
|
|
|
|
|
|
$validation_exception = null;
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$errors = array();
|
|
|
|
|
$e_password = null;
|
2013-11-20 09:13:35 -08:00
|
|
|
if ($request->isFormPost()) {
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
$v_name = $request->getStr('name');
|
|
|
|
|
$v_desc = $request->getStr('description');
|
|
|
|
|
$v_username = $request->getStr('username');
|
|
|
|
|
$v_view_policy = $request->getStr('viewPolicy');
|
|
|
|
|
$v_edit_policy = $request->getStr('editPolicy');
|
2014-05-02 18:05:19 -07:00
|
|
|
$v_is_locked = $request->getStr('lock');
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$v_secret = $request->getStr('secret');
|
2015-06-22 11:28:54 -07:00
|
|
|
$v_space = $request->getStr('spacePHID');
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$v_password = $request->getStr('password');
|
|
|
|
|
$v_decrypt = $v_secret;
|
|
|
|
|
|
|
|
|
|
$env_secret = new PhutilOpaqueEnvelope($v_secret);
|
|
|
|
|
$env_password = new PhutilOpaqueEnvelope($v_password);
|
|
|
|
|
|
|
|
|
|
if ($type->requiresPassword($env_secret)) {
|
|
|
|
|
if (strlen($v_password)) {
|
|
|
|
|
$v_decrypt = $type->decryptSecret($env_secret, $env_password);
|
|
|
|
|
if ($v_decrypt === null) {
|
|
|
|
|
$e_password = pht('Incorrect');
|
|
|
|
|
$errors[] = pht(
|
|
|
|
|
'This key requires a password, but the password you provided '.
|
|
|
|
|
'is incorrect.');
|
|
|
|
|
} else {
|
|
|
|
|
$v_decrypt = $v_decrypt->openEnvelope();
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$e_password = pht('Required');
|
|
|
|
|
$errors[] = pht(
|
|
|
|
|
'This key requires a password. You must provide the password '.
|
|
|
|
|
'for the key.');
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
if (!$errors) {
|
|
|
|
|
$type_name = PassphraseCredentialTransaction::TYPE_NAME;
|
|
|
|
|
$type_desc = PassphraseCredentialTransaction::TYPE_DESCRIPTION;
|
|
|
|
|
$type_username = PassphraseCredentialTransaction::TYPE_USERNAME;
|
|
|
|
|
$type_destroy = PassphraseCredentialTransaction::TYPE_DESTROY;
|
|
|
|
|
$type_secret_id = PassphraseCredentialTransaction::TYPE_SECRET_ID;
|
2014-05-02 18:05:19 -07:00
|
|
|
$type_is_locked = PassphraseCredentialTransaction::TYPE_LOCK;
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$type_view_policy = PhabricatorTransactions::TYPE_VIEW_POLICY;
|
|
|
|
|
$type_edit_policy = PhabricatorTransactions::TYPE_EDIT_POLICY;
|
2015-06-22 11:28:54 -07:00
|
|
|
$type_space = PhabricatorTransactions::TYPE_SPACE;
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$xactions = array();
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_name)
|
|
|
|
|
->setNewValue($v_name);
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_desc)
|
|
|
|
|
->setNewValue($v_desc);
|
2013-11-20 09:13:35 -08:00
|
|
|
|
|
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
->setTransactionType($type_view_policy)
|
|
|
|
|
->setNewValue($v_view_policy);
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_edit_policy)
|
|
|
|
|
->setNewValue($v_edit_policy);
|
|
|
|
|
|
2015-06-22 11:28:54 -07:00
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_space)
|
|
|
|
|
->setNewValue($v_space);
|
|
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
// Open a transaction in case we're writing a new secret; this limits
|
|
|
|
|
// the amount of code which handles secret plaintexts.
|
|
|
|
|
$credential->openTransaction();
|
|
|
|
|
|
2014-05-02 18:05:19 -07:00
|
|
|
if (!$credential->getIsLocked()) {
|
2015-06-16 13:44:51 -07:00
|
|
|
if ($type->shouldRequireUsername()) {
|
|
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
2014-05-02 18:05:19 -07:00
|
|
|
->setTransactionType($type_username)
|
|
|
|
|
->setNewValue($v_username);
|
2015-06-16 13:44:51 -07:00
|
|
|
}
|
2014-09-04 12:48:05 -07:00
|
|
|
// If some value other than a sequence of bullets was provided for
|
|
|
|
|
// the credential, update it. In particular, note that we are
|
|
|
|
|
// explicitly allowing empty secrets: one use case is HTTP auth where
|
|
|
|
|
// the username is a secret token which covers both identity and
|
|
|
|
|
// authentication.
|
|
|
|
|
|
|
|
|
|
if (!preg_match('/^('.$bullet.')+$/', trim($v_decrypt))) {
|
2014-05-02 18:05:19 -07:00
|
|
|
// If the credential was previously destroyed, restore it when it is
|
|
|
|
|
// edited if a secret is provided.
|
|
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_destroy)
|
|
|
|
|
->setNewValue(0);
|
|
|
|
|
|
|
|
|
|
$new_secret = id(new PassphraseSecret())
|
|
|
|
|
->setSecretData($v_decrypt)
|
|
|
|
|
->save();
|
|
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
|
|
|
|
->setTransactionType($type_secret_id)
|
|
|
|
|
->setNewValue($new_secret->getID());
|
|
|
|
|
}
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
|
|
|
|
|
$xactions[] = id(new PassphraseCredentialTransaction())
|
2014-05-02 18:05:19 -07:00
|
|
|
->setTransactionType($type_is_locked)
|
|
|
|
|
->setNewValue($v_is_locked);
|
2013-11-21 12:35:36 -08:00
|
|
|
}
|
2013-11-20 09:13:35 -08:00
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
try {
|
|
|
|
|
$editor = id(new PassphraseCredentialTransactionEditor())
|
|
|
|
|
->setActor($viewer)
|
|
|
|
|
->setContinueOnNoEffect(true)
|
|
|
|
|
->setContentSourceFromRequest($request)
|
|
|
|
|
->applyTransactions($credential, $xactions);
|
|
|
|
|
|
|
|
|
|
$credential->saveTransaction();
|
|
|
|
|
|
|
|
|
|
if ($request->isAjax()) {
|
|
|
|
|
return id(new AphrontAjaxResponse())->setContent(
|
|
|
|
|
array(
|
|
|
|
|
'phid' => $credential->getPHID(),
|
|
|
|
|
'name' => 'K'.$credential->getID().' '.$credential->getName(),
|
|
|
|
|
));
|
|
|
|
|
} else {
|
|
|
|
|
return id(new AphrontRedirectResponse())
|
|
|
|
|
->setURI('/K'.$credential->getID());
|
|
|
|
|
}
|
|
|
|
|
} catch (PhabricatorApplicationTransactionValidationException $ex) {
|
|
|
|
|
$credential->killTransaction();
|
|
|
|
|
|
|
|
|
|
$validation_exception = $ex;
|
|
|
|
|
|
|
|
|
|
$e_name = $ex->getShortMessage($type_name);
|
|
|
|
|
$e_username = $ex->getShortMessage($type_username);
|
|
|
|
|
|
|
|
|
|
$credential->setViewPolicy($v_view_policy);
|
|
|
|
|
$credential->setEditPolicy($v_edit_policy);
|
|
|
|
|
}
|
2013-11-20 09:13:35 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$policies = id(new PhabricatorPolicyQuery())
|
|
|
|
|
->setViewer($viewer)
|
|
|
|
|
->setObject($credential)
|
|
|
|
|
->execute();
|
|
|
|
|
|
|
|
|
|
$secret_control = $type->newSecretControl();
|
2014-05-02 18:05:19 -07:00
|
|
|
$credential_is_locked = $credential->getIsLocked();
|
2013-11-20 09:13:35 -08:00
|
|
|
|
2014-03-13 07:31:04 -07:00
|
|
|
$form = id(new AphrontFormView())
|
|
|
|
|
->setUser($viewer)
|
2014-03-12 18:58:25 -07:00
|
|
|
->addHiddenInput('isInitialized', true)
|
2013-11-20 09:13:35 -08:00
|
|
|
->appendChild(
|
|
|
|
|
id(new AphrontFormTextControl())
|
|
|
|
|
->setName('name')
|
|
|
|
|
->setLabel(pht('Name'))
|
|
|
|
|
->setValue($v_name)
|
|
|
|
|
->setError($e_name))
|
|
|
|
|
->appendChild(
|
|
|
|
|
id(new AphrontFormTextAreaControl())
|
|
|
|
|
->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)
|
|
|
|
|
->setName('description')
|
|
|
|
|
->setLabel(pht('Description'))
|
|
|
|
|
->setValue($v_desc))
|
|
|
|
|
->appendChild(
|
|
|
|
|
id(new AphrontFormMarkupControl())
|
|
|
|
|
->setLabel(pht('Credential Type'))
|
|
|
|
|
->setValue($type->getCredentialTypeName()))
|
|
|
|
|
->appendChild(
|
|
|
|
|
id(new AphrontFormDividerControl()))
|
2015-06-22 11:28:54 -07:00
|
|
|
->appendControl(
|
2013-11-20 09:13:35 -08:00
|
|
|
id(new AphrontFormPolicyControl())
|
|
|
|
|
->setName('viewPolicy')
|
|
|
|
|
->setPolicyObject($credential)
|
|
|
|
|
->setCapability(PhabricatorPolicyCapability::CAN_VIEW)
|
|
|
|
|
->setPolicies($policies))
|
2015-06-22 11:28:54 -07:00
|
|
|
->appendControl(
|
2013-11-20 09:13:35 -08:00
|
|
|
id(new AphrontFormPolicyControl())
|
|
|
|
|
->setName('editPolicy')
|
|
|
|
|
->setPolicyObject($credential)
|
|
|
|
|
->setCapability(PhabricatorPolicyCapability::CAN_EDIT)
|
|
|
|
|
->setPolicies($policies))
|
|
|
|
|
->appendChild(
|
2014-05-02 18:05:19 -07:00
|
|
|
id(new AphrontFormDividerControl()));
|
|
|
|
|
|
|
|
|
|
if ($credential_is_locked) {
|
|
|
|
|
$form->appendRemarkupInstructions(
|
|
|
|
|
pht('This credential is permanently locked and can not be edited.'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-16 13:44:51 -07:00
|
|
|
if ($type->shouldRequireUsername()) {
|
|
|
|
|
$form
|
2013-11-20 09:13:35 -08:00
|
|
|
->appendChild(
|
|
|
|
|
id(new AphrontFormTextControl())
|
|
|
|
|
->setName('username')
|
|
|
|
|
->setLabel(pht('Login/Username'))
|
|
|
|
|
->setValue($v_username)
|
2014-05-02 18:05:19 -07:00
|
|
|
->setDisabled($credential_is_locked)
|
2015-06-16 13:44:51 -07:00
|
|
|
->setError($e_username));
|
|
|
|
|
}
|
|
|
|
|
$form
|
|
|
|
|
->appendChild(
|
2013-11-20 09:13:35 -08:00
|
|
|
$secret_control
|
|
|
|
|
->setName('secret')
|
|
|
|
|
->setLabel($type->getSecretLabel())
|
2014-05-02 18:05:19 -07:00
|
|
|
->setDisabled($credential_is_locked)
|
2013-11-20 09:13:35 -08:00
|
|
|
->setValue($v_secret));
|
|
|
|
|
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
if ($type->shouldShowPasswordField()) {
|
|
|
|
|
$form->appendChild(
|
|
|
|
|
id(new AphrontFormPasswordControl())
|
2014-08-13 10:06:48 -07:00
|
|
|
->setDisableAutocomplete(true)
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
->setName('password')
|
|
|
|
|
->setLabel($type->getPasswordLabel())
|
2014-05-02 18:05:19 -07:00
|
|
|
->setDisabled($credential_is_locked)
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
->setError($e_password));
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-02 18:05:19 -07:00
|
|
|
if ($is_new) {
|
|
|
|
|
$form->appendChild(
|
|
|
|
|
id(new AphrontFormCheckboxControl())
|
|
|
|
|
->addCheckbox(
|
|
|
|
|
'lock',
|
|
|
|
|
1,
|
2014-05-14 09:25:58 -07:00
|
|
|
array(
|
|
|
|
|
phutil_tag('strong', array(), pht('Lock Permanently:')),
|
|
|
|
|
' ',
|
|
|
|
|
pht('Prevent the secret from being revealed or changed.'),
|
|
|
|
|
),
|
2014-05-02 18:05:19 -07:00
|
|
|
$v_is_locked)
|
|
|
|
|
->setDisabled($credential_is_locked));
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
$crumbs = $this->buildApplicationCrumbs();
|
|
|
|
|
|
|
|
|
|
if ($is_new) {
|
|
|
|
|
$title = pht('Create Credential');
|
|
|
|
|
$header = pht('Create New Credential');
|
2013-12-18 17:47:34 -08:00
|
|
|
$crumbs->addTextCrumb(pht('Create'));
|
2014-03-19 19:25:31 -07:00
|
|
|
$cancel_uri = $this->getApplicationURI();
|
2013-11-20 09:13:35 -08:00
|
|
|
} else {
|
|
|
|
|
$title = pht('Edit Credential');
|
|
|
|
|
$header = pht('Edit Credential %s', 'K'.$credential->getID());
|
2013-12-18 17:47:34 -08:00
|
|
|
$crumbs->addTextCrumb(
|
|
|
|
|
'K'.$credential->getID(),
|
|
|
|
|
'/K'.$credential->getID());
|
|
|
|
|
$crumbs->addTextCrumb(pht('Edit'));
|
2014-03-19 19:25:31 -07:00
|
|
|
$cancel_uri = '/K'.$credential->getID();
|
2013-11-20 09:13:35 -08:00
|
|
|
}
|
|
|
|
|
|
2013-11-21 12:35:36 -08:00
|
|
|
if ($request->isAjax()) {
|
2014-03-13 07:31:04 -07:00
|
|
|
if ($errors) {
|
2015-03-01 14:45:56 -08:00
|
|
|
$errors = id(new PHUIInfoView())->setErrors($errors);
|
2014-03-13 07:31:04 -07:00
|
|
|
}
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
|
2013-11-21 12:35:36 -08:00
|
|
|
$dialog = id(new AphrontDialogView())
|
|
|
|
|
->setUser($viewer)
|
|
|
|
|
->setWidth(AphrontDialogView::WIDTH_FORM)
|
|
|
|
|
->setTitle($title)
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
->appendChild($errors)
|
2014-03-13 07:31:04 -07:00
|
|
|
->appendChild($form->buildLayoutView())
|
2013-11-21 12:35:36 -08:00
|
|
|
->addSubmitButton(pht('Create Credential'))
|
2014-03-19 19:25:31 -07:00
|
|
|
->addCancelButton($cancel_uri);
|
2013-11-21 12:35:36 -08:00
|
|
|
|
|
|
|
|
return id(new AphrontDialogResponse())->setDialog($dialog);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$form->appendChild(
|
|
|
|
|
id(new AphrontFormSubmitControl())
|
|
|
|
|
->setValue(pht('Save'))
|
2014-03-19 19:25:31 -07:00
|
|
|
->addCancelButton($cancel_uri));
|
2013-11-21 12:35:36 -08:00
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
$box = id(new PHUIObjectBoxView())
|
|
|
|
|
->setHeaderText($header)
|
Detect and prompt for passwords on SSH private keys, then strip them
Summary:
Fixes T4356. Currently, if users add a passworded private key to the Passphrase application, we never ask for the password and can not use it later. This makes several changes:
- Prompt for the password.
- Detect passworded private keys, and don't accept them until we can decrypt them.
- Try to decrypt passworded private keys, and tell the user if the password is missing or incorrect.
- Stop further creation of path-based private keys, which are really just for compatibility. We can't do anything reasonable about passwords with these, since users can change the files.
Test Plan: Created a private key with a password, was prompted to provide it, tried empty/bad passwords, provided the correct password and had the key decrypted for use.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T4356
Differential Revision: https://secure.phabricator.com/D8102
2014-01-30 11:43:06 -08:00
|
|
|
->setFormErrors($errors)
|
2013-11-20 09:13:35 -08:00
|
|
|
->setValidationException($validation_exception)
|
|
|
|
|
->setForm($form);
|
|
|
|
|
|
|
|
|
|
return $this->buildApplicationPage(
|
|
|
|
|
array(
|
|
|
|
|
$crumbs,
|
|
|
|
|
$box,
|
|
|
|
|
),
|
|
|
|
|
array(
|
|
|
|
|
'title' => $title,
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-26 05:46:26 -07:00
|
|
|
private function getCredentialType($type_const) {
|
|
|
|
|
$type = PassphraseCredentialType::getTypeByConstant($type_const);
|
|
|
|
|
|
|
|
|
|
if (!$type) {
|
|
|
|
|
throw new Exception(
|
|
|
|
|
pht('Credential has invalid type "%s"!', $type_const));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $type;
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-20 09:13:35 -08:00
|
|
|
}
|
