mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-17 12:22:42 +01:00
Remove the "PhabricatorRepositoryVCSPassword" class and table
Summary: Ref T13043. After D18898, this has been migrated to new, more modern storage and no longer has any readers or writers. One migration from long ago (early 2014) is affected. Since this is ancient and the cost of dropping this is small (see inline), I just dropped it. I'll note this in the changelog. Test Plan: Ran migrations, got a clean bill of health from `storage status`. Grepped for removed symbol. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13043 Differential Revision: https://secure.phabricator.com/D18899
This commit is contained in:
parent
dd8f588ac5
commit
753c4c5ff1
4 changed files with 10 additions and 85 deletions
|
@ -1,27 +1,13 @@
|
|||
<?php
|
||||
|
||||
$table = new PhabricatorRepositoryVCSPassword();
|
||||
$conn_w = $table->establishConnection('w');
|
||||
// This migration once upgraded VCS password hashing, but the table was
|
||||
// later removed in 2018 (see T13043).
|
||||
|
||||
echo pht('Upgrading password hashing for VCS passwords.')."\n";
|
||||
// Since almost four years have passed since this migration, the cost of
|
||||
// losing this data is very small (users just need to reset their passwords),
|
||||
// and a version of this migration against the modern schema isn't easy to
|
||||
// implement or test, just skip the migration.
|
||||
|
||||
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
|
||||
foreach (new LiskMigrationIterator($table) as $password) {
|
||||
$id = $password->getID();
|
||||
|
||||
echo pht('Migrating VCS password %d...', $id)."\n";
|
||||
|
||||
$input_hash = $password->getPasswordHash();
|
||||
$input_envelope = new PhutilOpaqueEnvelope($input_hash);
|
||||
|
||||
$storage_hash = $best_hasher->getPasswordHashForStorage($input_envelope);
|
||||
|
||||
queryfx(
|
||||
$conn_w,
|
||||
'UPDATE %T SET passwordHash = %s WHERE id = %d',
|
||||
$table->getTableName(),
|
||||
$storage_hash->openEnvelope(),
|
||||
$id);
|
||||
}
|
||||
|
||||
echo pht('Done.')."\n";
|
||||
// This means that installs which upgrade from a version of Phabricator
|
||||
// released prior to Feb 2014 to a version of Phabricator relased after
|
||||
// Jan 2018 will need to have users reset VCS passwords.
|
||||
|
|
1
resources/sql/autopatches/20180121.auth.01.vcsnuke.sql
Normal file
1
resources/sql/autopatches/20180121.auth.01.vcsnuke.sql
Normal file
|
@ -0,0 +1 @@
|
|||
DROP TABLE {$NAMESPACE}_repository.repository_vcspassword;
|
|
@ -3944,7 +3944,6 @@ phutil_register_library_map(array(
|
|||
'PhabricatorRepositoryURITestCase' => 'applications/repository/storage/__tests__/PhabricatorRepositoryURITestCase.php',
|
||||
'PhabricatorRepositoryURITransaction' => 'applications/repository/storage/PhabricatorRepositoryURITransaction.php',
|
||||
'PhabricatorRepositoryURITransactionQuery' => 'applications/repository/query/PhabricatorRepositoryURITransactionQuery.php',
|
||||
'PhabricatorRepositoryVCSPassword' => 'applications/repository/storage/PhabricatorRepositoryVCSPassword.php',
|
||||
'PhabricatorRepositoryWorkingCopyVersion' => 'applications/repository/storage/PhabricatorRepositoryWorkingCopyVersion.php',
|
||||
'PhabricatorRequestExceptionHandler' => 'aphront/handler/PhabricatorRequestExceptionHandler.php',
|
||||
'PhabricatorResourceSite' => 'aphront/site/PhabricatorResourceSite.php',
|
||||
|
@ -9593,7 +9592,6 @@ phutil_register_library_map(array(
|
|||
'PhabricatorRepositoryURITestCase' => 'PhabricatorTestCase',
|
||||
'PhabricatorRepositoryURITransaction' => 'PhabricatorApplicationTransaction',
|
||||
'PhabricatorRepositoryURITransactionQuery' => 'PhabricatorApplicationTransactionQuery',
|
||||
'PhabricatorRepositoryVCSPassword' => 'PhabricatorRepositoryDAO',
|
||||
'PhabricatorRepositoryWorkingCopyVersion' => 'PhabricatorRepositoryDAO',
|
||||
'PhabricatorRequestExceptionHandler' => 'AphrontRequestExceptionHandler',
|
||||
'PhabricatorResourceSite' => 'PhabricatorSite',
|
||||
|
|
|
@ -1,60 +0,0 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorRepositoryVCSPassword extends PhabricatorRepositoryDAO {
|
||||
|
||||
protected $id;
|
||||
protected $userPHID;
|
||||
protected $passwordHash;
|
||||
|
||||
protected function getConfiguration() {
|
||||
return array(
|
||||
self::CONFIG_COLUMN_SCHEMA => array(
|
||||
'passwordHash' => 'text128',
|
||||
),
|
||||
self::CONFIG_KEY_SCHEMA => array(
|
||||
'key_phid' => array(
|
||||
'columns' => array('userPHID'),
|
||||
'unique' => true,
|
||||
),
|
||||
),
|
||||
) + parent::getConfiguration();
|
||||
}
|
||||
|
||||
public function setPassword(
|
||||
PhutilOpaqueEnvelope $password,
|
||||
PhabricatorUser $user) {
|
||||
$hash_envelope = $this->hashPassword($password, $user);
|
||||
return $this->setPasswordHash($hash_envelope->openEnvelope());
|
||||
}
|
||||
|
||||
public function comparePassword(
|
||||
PhutilOpaqueEnvelope $password,
|
||||
PhabricatorUser $user) {
|
||||
|
||||
return PhabricatorPasswordHasher::comparePassword(
|
||||
$this->getPasswordHashInput($password, $user),
|
||||
new PhutilOpaqueEnvelope($this->getPasswordHash()));
|
||||
}
|
||||
|
||||
private function getPasswordHashInput(
|
||||
PhutilOpaqueEnvelope $password,
|
||||
PhabricatorUser $user) {
|
||||
if ($user->getPHID() != $this->getUserPHID()) {
|
||||
throw new Exception(pht('User does not match password user PHID!'));
|
||||
}
|
||||
|
||||
$raw_input = PhabricatorHash::digestPassword($password, $user->getPHID());
|
||||
return new PhutilOpaqueEnvelope($raw_input);
|
||||
}
|
||||
|
||||
private function hashPassword(
|
||||
PhutilOpaqueEnvelope $password,
|
||||
PhabricatorUser $user) {
|
||||
|
||||
$input_envelope = $this->getPasswordHashInput($password, $user);
|
||||
|
||||
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
|
||||
return $best_hasher->getPasswordHashForStorage($input_envelope);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in a new issue