From 9e82ef979e8148c43b9b8439025d505b1219e213 Mon Sep 17 00:00:00 2001 From: Josh Cox Date: Thu, 25 Aug 2016 11:30:01 -0400 Subject: [PATCH] Added a warning prompt if the user tries to use an API cert instead of a CLI cert MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Summary: Fixes T9692. Instead of disallowing API tokens entirely, we're going to just warn the user that they might not want to do that. After that, they can proceed if they want to. Test Plan: Run arc install-certificate. Manually go to `Settings → Conduit API Tokens` in the web UI. Generate an API token explicitly, which should have the form api-******. Paste that into the prompt on the CLI. It will give you a warning prompt then ask if you'd like to proceed anyway (defaults to No). Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley, #blessed_reviewers Subscribers: Korvin, epriestley Maniphest Tasks: T9692 Differential Revision: https://secure.phabricator.com/D16448 --- src/workflow/ArcanistInstallCertificateWorkflow.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/workflow/ArcanistInstallCertificateWorkflow.php b/src/workflow/ArcanistInstallCertificateWorkflow.php index b437697b..a352b21d 100644 --- a/src/workflow/ArcanistInstallCertificateWorkflow.php +++ b/src/workflow/ArcanistInstallCertificateWorkflow.php @@ -118,7 +118,15 @@ EOTEXT $token)); } - if (strncmp($token, 'cli-', 4) !== 0) { + if (strncmp($token, 'api-', 4) == 0) { + echo pht( + 'You are installing a standard API token, but a CLI API token '. + 'was expected. If you\'re writing a script, consider passing the '. + 'token at runtime with --conduit-token instead of installing it.'); + if (!phutil_console_confirm(pht('Install this token anyway?'))) { + throw new ArcanistUsageException(pht('Not installing API token.')); + } + } else if (strncmp($token, 'cli-', 4) !== 0) { throw new ArcanistUsageException( pht( 'The token "%s" is not formatted correctly. Valid API tokens '.