Added a warning prompt if the user tries to use an API cert instead of a CLI cert

Summary: Fixes T9692. Instead of disallowing API tokens entirely, we're going to just warn the user that they might not want to do that. After that, they can proceed if they want to. Test Plan: Run arc install-certificate. Manually go to `Settings → Conduit API Tokens` in the web UI. Generate an API token explicitly, which should have the form api-******. Paste that into the prompt on the CLI. It will give you a warning prompt then ask if you'd like to proceed anyway (defaults to No). Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley, #blessed_reviewers Subscribers: Korvin, epriestley Maniphest Tasks: T9692 Differential Revision: https://secure.phabricator.com/D16448
2024-11-25 16:22:42 +01:00 · 2016-08-25 11:30:01 -04:00 · 2016-08-25 11:30:01 -04:00 · 9e82ef979e
commit 9e82ef979e
parent 89e8b48523
1 changed files with 9 additions and 1 deletions
--- a/src/workflow/ArcanistInstallCertificateWorkflow.php
+++ b/src/workflow/ArcanistInstallCertificateWorkflow.php
@ -118,7 +118,15 @@ EOTEXT
            $token));
      }

-      if (strncmp($token, 'cli-', 4) !== 0) {
+      if (strncmp($token, 'api-', 4) == 0) {
+        echo pht(
+          'You are installing a standard API token, but a CLI API token '.
+          'was expected. If you\'re writing a script, consider passing the '.
+          'token at runtime with --conduit-token instead of installing it.');
+        if (!phutil_console_confirm(pht('Install this token anyway?'))) {
+          throw new ArcanistUsageException(pht('Not installing API token.'));
+        }
+      } else if (strncmp($token, 'cli-', 4) !== 0) {
        throw new ArcanistUsageException(
          pht(
            'The token "%s" is not formatted correctly. Valid API tokens '.