1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 00:42:41 +01:00

Dirty the SSH key cache when usernames change

Summary:
Fixes T12554. The SSH key cache contains usernames, but is not currently dirtied on username changes.

An alternative solution would be to use user PHIDs instead of usernames in the file, which would make this unnecessary, but that would make debugging a bit harder. For now, I think this small added complexity is worth the easier debugging, but we could look at this again if cache management gets harder in the future.

Test Plan:
  - Added a key as `ducksey`, ran `bin/ssh-auth`, saw key immediately.
  - Renamed `ducksey` to `ducker`, ran `bin/ssh-auth`, saw username change immediately.
  - Added another key as `ducker`, ran `bin/ssh-auth`, saw key immediately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12554

Differential Revision: https://secure.phabricator.com/D17687
This commit is contained in:
epriestley 2017-04-14 05:06:20 -07:00
parent 980d6cb70b
commit 69053a40f9
3 changed files with 11 additions and 3 deletions

View file

@ -197,9 +197,7 @@ final class PhabricatorAuthSSHKeyEditor
// After making any change to an SSH key, drop the authfile cache so it // After making any change to an SSH key, drop the authfile cache so it
// is regenerated the next time anyone authenticates. // is regenerated the next time anyone authenticates.
$cache = PhabricatorCaches::getMutableCache(); PhabricatorAuthSSHKeyQuery::deleteSSHKeyCache();
$authfile_key = PhabricatorAuthSSHKeyQuery::AUTHFILE_CACHEKEY;
$cache->deleteKey($authfile_key);
return $xactions; return $xactions;
} }

View file

@ -11,6 +11,12 @@ final class PhabricatorAuthSSHKeyQuery
private $keys; private $keys;
private $isActive; private $isActive;
public static function deleteSSHKeyCache() {
$cache = PhabricatorCaches::getMutableCache();
$authfile_key = self::AUTHFILE_CACHEKEY;
$cache->deleteKey($authfile_key);
}
public function withIDs(array $ids) { public function withIDs(array $ids) {
$this->ids = $ids; $this->ids = $ids;
return $this; return $this;

View file

@ -195,6 +195,10 @@ final class PhabricatorUserEditor extends PhabricatorEditor {
$user->saveTransaction(); $user->saveTransaction();
// The SSH key cache currently includes usernames, so dirty it. See T12554
// for discussion.
PhabricatorAuthSSHKeyQuery::deleteSSHKeyCache();
$user->sendUsernameChangeEmail($actor, $old_username); $user->sendUsernameChangeEmail($actor, $old_username);
} }