1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 11:30:55 +01:00

Remove the "PhabricatorRepositoryVCSPassword" class and table

Summary:
Ref T13043. After D18898, this has been migrated to new, more modern storage and no longer has any readers or writers.

One migration from long ago (early 2014) is affected. Since this is ancient and the cost of dropping this is small (see inline), I just dropped it.

I'll note this in the changelog.

Test Plan: Ran migrations, got a clean bill of health from `storage status`. Grepped for removed symbol.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18899
This commit is contained in:
epriestley 2018-01-21 08:09:53 -08:00
parent dd8f588ac5
commit 753c4c5ff1
4 changed files with 10 additions and 85 deletions

View file

@ -1,27 +1,13 @@
<?php
$table = new PhabricatorRepositoryVCSPassword();
$conn_w = $table->establishConnection('w');
// This migration once upgraded VCS password hashing, but the table was
// later removed in 2018 (see T13043).
echo pht('Upgrading password hashing for VCS passwords.')."\n";
// Since almost four years have passed since this migration, the cost of
// losing this data is very small (users just need to reset their passwords),
// and a version of this migration against the modern schema isn't easy to
// implement or test, just skip the migration.
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
foreach (new LiskMigrationIterator($table) as $password) {
$id = $password->getID();
echo pht('Migrating VCS password %d...', $id)."\n";
$input_hash = $password->getPasswordHash();
$input_envelope = new PhutilOpaqueEnvelope($input_hash);
$storage_hash = $best_hasher->getPasswordHashForStorage($input_envelope);
queryfx(
$conn_w,
'UPDATE %T SET passwordHash = %s WHERE id = %d',
$table->getTableName(),
$storage_hash->openEnvelope(),
$id);
}
echo pht('Done.')."\n";
// This means that installs which upgrade from a version of Phabricator
// released prior to Feb 2014 to a version of Phabricator relased after
// Jan 2018 will need to have users reset VCS passwords.

View file

@ -0,0 +1 @@
DROP TABLE {$NAMESPACE}_repository.repository_vcspassword;

View file

@ -3944,7 +3944,6 @@ phutil_register_library_map(array(
'PhabricatorRepositoryURITestCase' => 'applications/repository/storage/__tests__/PhabricatorRepositoryURITestCase.php',
'PhabricatorRepositoryURITransaction' => 'applications/repository/storage/PhabricatorRepositoryURITransaction.php',
'PhabricatorRepositoryURITransactionQuery' => 'applications/repository/query/PhabricatorRepositoryURITransactionQuery.php',
'PhabricatorRepositoryVCSPassword' => 'applications/repository/storage/PhabricatorRepositoryVCSPassword.php',
'PhabricatorRepositoryWorkingCopyVersion' => 'applications/repository/storage/PhabricatorRepositoryWorkingCopyVersion.php',
'PhabricatorRequestExceptionHandler' => 'aphront/handler/PhabricatorRequestExceptionHandler.php',
'PhabricatorResourceSite' => 'aphront/site/PhabricatorResourceSite.php',
@ -9593,7 +9592,6 @@ phutil_register_library_map(array(
'PhabricatorRepositoryURITestCase' => 'PhabricatorTestCase',
'PhabricatorRepositoryURITransaction' => 'PhabricatorApplicationTransaction',
'PhabricatorRepositoryURITransactionQuery' => 'PhabricatorApplicationTransactionQuery',
'PhabricatorRepositoryVCSPassword' => 'PhabricatorRepositoryDAO',
'PhabricatorRepositoryWorkingCopyVersion' => 'PhabricatorRepositoryDAO',
'PhabricatorRequestExceptionHandler' => 'AphrontRequestExceptionHandler',
'PhabricatorResourceSite' => 'PhabricatorSite',

View file

@ -1,60 +0,0 @@
<?php
final class PhabricatorRepositoryVCSPassword extends PhabricatorRepositoryDAO {
protected $id;
protected $userPHID;
protected $passwordHash;
protected function getConfiguration() {
return array(
self::CONFIG_COLUMN_SCHEMA => array(
'passwordHash' => 'text128',
),
self::CONFIG_KEY_SCHEMA => array(
'key_phid' => array(
'columns' => array('userPHID'),
'unique' => true,
),
),
) + parent::getConfiguration();
}
public function setPassword(
PhutilOpaqueEnvelope $password,
PhabricatorUser $user) {
$hash_envelope = $this->hashPassword($password, $user);
return $this->setPasswordHash($hash_envelope->openEnvelope());
}
public function comparePassword(
PhutilOpaqueEnvelope $password,
PhabricatorUser $user) {
return PhabricatorPasswordHasher::comparePassword(
$this->getPasswordHashInput($password, $user),
new PhutilOpaqueEnvelope($this->getPasswordHash()));
}
private function getPasswordHashInput(
PhutilOpaqueEnvelope $password,
PhabricatorUser $user) {
if ($user->getPHID() != $this->getUserPHID()) {
throw new Exception(pht('User does not match password user PHID!'));
}
$raw_input = PhabricatorHash::digestPassword($password, $user->getPHID());
return new PhutilOpaqueEnvelope($raw_input);
}
private function hashPassword(
PhutilOpaqueEnvelope $password,
PhabricatorUser $user) {
$input_envelope = $this->getPasswordHashInput($password, $user);
$best_hasher = PhabricatorPasswordHasher::getBestHasher();
return $best_hasher->getPasswordHashForStorage($input_envelope);
}
}