Allow device-to-device SSH to establish SSH sessions

Summary: In D16167 I required users to be logged in to be "activated", but this logic doesn't account for that properly when the user is an Almanac device (a cluster host connecting to another cluster host). Don't do this check for device connections, they can always establish sessions. Test Plan: Will push. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D16170
2024-11-25 16:22:43 +01:00 · 2016-06-22 13:36:16 -07:00 · 2016-06-22 13:36:16 -07:00 · 72588d2eaa
commit 72588d2eaa
parent a75eea7637
1 changed files with 8 additions and 6 deletions
--- a/scripts/ssh/ssh-exec.php
+++ b/scripts/ssh/ssh-exec.php
@ -190,12 +190,14 @@ try {
      'P' => $user->getPHID(),
    ));

-  if (!$user->canEstablishSSHSessions()) {
-    throw new Exception(
-      pht(
-        'Your account ("%s") does not have permission to establish SSH '.
-        'sessions. Visit the web interface for more information.',
-        $user_name));
+  if (!$device) {
+    if (!$user->canEstablishSSHSessions()) {
+      throw new Exception(
+        pht(
+          'Your account ("%s") does not have permission to establish SSH '.
+          'sessions. Visit the web interface for more information.',
+          $user_name));
+    }
  }

  $workflows = id(new PhutilClassMapQuery())