mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 14:52:41 +01:00
Dirty the SSH key cache when usernames change
Summary: Fixes T12554. The SSH key cache contains usernames, but is not currently dirtied on username changes. An alternative solution would be to use user PHIDs instead of usernames in the file, which would make this unnecessary, but that would make debugging a bit harder. For now, I think this small added complexity is worth the easier debugging, but we could look at this again if cache management gets harder in the future. Test Plan: - Added a key as `ducksey`, ran `bin/ssh-auth`, saw key immediately. - Renamed `ducksey` to `ducker`, ran `bin/ssh-auth`, saw username change immediately. - Added another key as `ducker`, ran `bin/ssh-auth`, saw key immediately. Reviewers: chad Reviewed By: chad Maniphest Tasks: T12554 Differential Revision: https://secure.phabricator.com/D17687
This commit is contained in:
parent
980d6cb70b
commit
69053a40f9
3 changed files with 11 additions and 3 deletions
|
@ -197,9 +197,7 @@ final class PhabricatorAuthSSHKeyEditor
|
|||
|
||||
// After making any change to an SSH key, drop the authfile cache so it
|
||||
// is regenerated the next time anyone authenticates.
|
||||
$cache = PhabricatorCaches::getMutableCache();
|
||||
$authfile_key = PhabricatorAuthSSHKeyQuery::AUTHFILE_CACHEKEY;
|
||||
$cache->deleteKey($authfile_key);
|
||||
PhabricatorAuthSSHKeyQuery::deleteSSHKeyCache();
|
||||
|
||||
return $xactions;
|
||||
}
|
||||
|
|
|
@ -11,6 +11,12 @@ final class PhabricatorAuthSSHKeyQuery
|
|||
private $keys;
|
||||
private $isActive;
|
||||
|
||||
public static function deleteSSHKeyCache() {
|
||||
$cache = PhabricatorCaches::getMutableCache();
|
||||
$authfile_key = self::AUTHFILE_CACHEKEY;
|
||||
$cache->deleteKey($authfile_key);
|
||||
}
|
||||
|
||||
public function withIDs(array $ids) {
|
||||
$this->ids = $ids;
|
||||
return $this;
|
||||
|
|
|
@ -195,6 +195,10 @@ final class PhabricatorUserEditor extends PhabricatorEditor {
|
|||
|
||||
$user->saveTransaction();
|
||||
|
||||
// The SSH key cache currently includes usernames, so dirty it. See T12554
|
||||
// for discussion.
|
||||
PhabricatorAuthSSHKeyQuery::deleteSSHKeyCache();
|
||||
|
||||
$user->sendUsernameChangeEmail($actor, $old_username);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue