mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 14:00:56 +01:00
When administrators revoke SSH keys, don't include a "security warning" in the mail
Summary: Depends on D18906. Ref T13043. When SSH keys are edited, we normally include a warning that if you don't recognize the activity you might have problems in the mail body. Currently, this warning is also shown for revocations with `bin/auth revoke --type ssh`. However, these revocations are safe (revocations are generally not dangerous anyway) and almost certainly legitimate and administrative, so don't warn users about them. Test Plan: - Created and revoked a key. - Creation mail still had warning; revocation mail no longer did. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13043 Differential Revision: https://secure.phabricator.com/D18907
This commit is contained in:
parent
026ec11b9d
commit
13ef5c6f23
2 changed files with 32 additions and 5 deletions
|
@ -3,6 +3,17 @@
|
|||
final class PhabricatorAuthSSHKeyEditor
|
||||
extends PhabricatorApplicationTransactionEditor {
|
||||
|
||||
private $isAdministrativeEdit;
|
||||
|
||||
public function setIsAdministrativeEdit($is_administrative_edit) {
|
||||
$this->isAdministrativeEdit = $is_administrative_edit;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getIsAdministrativeEdit() {
|
||||
return $this->isAdministrativeEdit;
|
||||
}
|
||||
|
||||
public function getEditorApplicationClass() {
|
||||
return 'PhabricatorAuthApplication';
|
||||
}
|
||||
|
@ -239,11 +250,13 @@ final class PhabricatorAuthSSHKeyEditor
|
|||
|
||||
$body = parent::buildMailBody($object, $xactions);
|
||||
|
||||
$body->addTextSection(
|
||||
pht('SECURITY WARNING'),
|
||||
pht(
|
||||
'If you do not recognize this change, it may indicate your account '.
|
||||
'has been compromised.'));
|
||||
if (!$this->getIsAdministrativeEdit()) {
|
||||
$body->addTextSection(
|
||||
pht('SECURITY WARNING'),
|
||||
pht(
|
||||
'If you do not recognize this change, it may indicate your account '.
|
||||
'has been compromised.'));
|
||||
}
|
||||
|
||||
$detail_uri = $object->getURI();
|
||||
$detail_uri = PhabricatorEnv::getProductionURI($detail_uri);
|
||||
|
@ -253,4 +266,17 @@ final class PhabricatorAuthSSHKeyEditor
|
|||
return $body;
|
||||
}
|
||||
|
||||
|
||||
protected function getCustomWorkerState() {
|
||||
return array(
|
||||
'isAdministrativeEdit' => $this->isAdministrativeEdit,
|
||||
);
|
||||
}
|
||||
|
||||
protected function loadCustomWorkerState(array $state) {
|
||||
$this->isAdministrativeEdit = idx($state, 'isAdministrativeEdit');
|
||||
return $this;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -43,6 +43,7 @@ final class PhabricatorAuthSSHRevoker
|
|||
->setContinueOnNoEffect(true)
|
||||
->setContinueOnMissingFields(true)
|
||||
->setContentSource($content_source)
|
||||
->setIsAdministrativeEdit(true)
|
||||
->applyTransactions($ssh_key, $xactions);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue