Provide a more straightforward way to revoke SSH keys by finding and destroying the objects
Summary: Ref T9967 Test Plan: Ran migrations. Verified database populated properly with PHIDs (SELECT * FROM auth_sshkey;). Ran auth.querypublickeys conduit method to see phids show up Ran bin/remove destroy <phid>. Viewed the test key was gone. Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: Korvin Maniphest Tasks: T9967 Differential Revision: https://secure.phabricator.com/D14823
This commit is contained in:
Nick Zheng
@@ -4,6 +4,7 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
extends PhabricatorCursorPagedPolicyAwareQuery {
|
||||
|
||||
private $ids;
|
||||
private $phids;
|
||||
private $objectPHIDs;
|
||||
private $keys;
|
||||
|
||||
@@ -12,6 +13,11 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function withPHIDs(array $phids) {
|
||||
$this->phids = $phids;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function withObjectPHIDs(array $object_phids) {
|
||||
$this->objectPHIDs = $object_phids;
|
||||
return $this;
|
||||
@@ -23,19 +29,12 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function newResultObject() {
|
||||
return new PhabricatorAuthSSHKey();
|
||||
}
|
||||
|
||||
protected function loadPage() {
|
||||
$table = new PhabricatorAuthSSHKey();
|
||||
$conn_r = $table->establishConnection('r');
|
||||
|
||||
$data = queryfx_all(
|
||||
$conn_r,
|
||||
'SELECT * FROM %T %Q %Q %Q',
|
||||
$table->getTableName(),
|
||||
$this->buildWhereClause($conn_r),
|
||||
$this->buildOrderClause($conn_r),
|
||||
$this->buildLimitClause($conn_r));
|
||||
|
||||
return $table->loadAllFromArray($data);
|
||||
return $this->loadStandardPage($this->newResultObject());
|
||||
}
|
||||
|
||||
protected function willFilterPage(array $keys) {
|
||||
@@ -54,6 +53,7 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
// We must have an object, and that object must be a valid object for
|
||||
// SSH keys.
|
||||
if (!$object || !($object instanceof PhabricatorSSHPublicKeyInterface)) {
|
||||
$this->didRejectResult($ssh_key);
|
||||
unset($keys[$key]);
|
||||
continue;
|
||||
}
|
||||
@@ -64,19 +64,26 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
return $keys;
|
||||
}
|
||||
|
||||
protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {
|
||||
$where = array();
|
||||
protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
|
||||
$where = parent::buildWhereClauseParts($conn);
|
||||
|
||||
if ($this->ids !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'id IN (%Ld)',
|
||||
$this->ids);
|
||||
}
|
||||
|
||||
if ($this->phids !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn,
|
||||
'phid IN (%Ls)',
|
||||
$this->phids);
|
||||
}
|
||||
|
||||
if ($this->objectPHIDs !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'objectPHID IN (%Ls)',
|
||||
$this->objectPHIDs);
|
||||
}
|
||||
@@ -85,7 +92,7 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
$sql = array();
|
||||
foreach ($this->keys as $key) {
|
||||
$sql[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'(keyType = %s AND keyIndex = %s)',
|
||||
$key->getType(),
|
||||
$key->getHash());
|
||||
@@ -93,9 +100,8 @@ final class PhabricatorAuthSSHKeyQuery
|
||||
$where[] = implode(' OR ', $sql);
|
||||
}
|
||||
|
||||
$where[] = $this->buildPagingClause($conn_r);
|
||||
return $where;
|
||||
|
||||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
|
||||
Reference in New Issue
Block a user