1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 08:12:40 +01:00

Remove "set password" from bin/accountadmin and let bin/auth recover recover anyone

Summary:
Ref T13043. This cleans some things up to prepare for moving account passwords to shared infrastructure.

Currently, the (very old, fairly unusual) `bin/accountadmin` tool can set account passwords. This is a bit weird, generally not great, and makes upgrading to shared infrastructure more difficult. Just get rid of this to simplify things. Many installs don't have passwords and this is pointless and unhelpful in those cases.

Instead, let `bin/auth recover` recover any account, not just administrator accounts. This was a guardrail against administrative abuse, but it has always seemed especially flimsy (since anyone who can run the tool can easily comment out the checks) and I use this tool in cluster support with some frequency, occasionally just commenting out the checks. This is generally a better solution than actually setting a password on accounts anyway. Just get rid of the check and give users enough rope to shoot themselves in the foot with if they truly desire.

Test Plan:
  - Ran `bin/accountadmin`, didn't get prompted to swap passwords anymore.
  - Ran `bin/auth recover` to recover a non-admin account.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18901
This commit is contained in:
epriestley 2018-01-21 16:03:10 -08:00
parent 5a8a56f414
commit aa3b582c7b
2 changed files with 4 additions and 51 deletions

View file

@ -112,17 +112,6 @@ if ($is_new) {
$create_email = $email; $create_email = $email;
} }
$changed_pass = false;
// This disables local echo, so the user's password is not shown as they type
// it.
phutil_passthru('stty -echo');
$password = phutil_console_prompt(
pht('Enter a password for this user [blank to leave unchanged]:'));
phutil_passthru('stty echo');
if (strlen($password)) {
$changed_pass = $password;
}
$is_system_agent = $user->getIsSystemAgent(); $is_system_agent = $user->getIsSystemAgent();
$set_system_agent = phutil_console_confirm( $set_system_agent = phutil_console_confirm(
pht('Is this user a bot?'), pht('Is this user a bot?'),
@ -158,10 +147,6 @@ printf($tpl, pht('Real Name'), $original->getRealName(), $user->getRealName());
if ($is_new) { if ($is_new) {
printf($tpl, pht('Email'), '', $create_email); printf($tpl, pht('Email'), '', $create_email);
} }
printf($tpl, pht('Password'), null,
($changed_pass !== false)
? pht('Updated')
: pht('Unchanged'));
printf( printf(
$tpl, $tpl,
@ -218,11 +203,6 @@ $user->openTransaction();
$editor->makeAdminUser($user, $set_admin); $editor->makeAdminUser($user, $set_admin);
$editor->makeSystemAgentUser($user, $set_system_agent); $editor->makeSystemAgentUser($user, $set_system_agent);
if ($changed_pass !== false) {
$envelope = new PhutilOpaqueEnvelope($changed_pass);
$editor->changePassword($user, $envelope);
}
$user->saveTransaction(); $user->saveTransaction();
echo pht('Saved changes.')."\n"; echo pht('Saved changes.')."\n";

View file

@ -9,8 +9,8 @@ final class PhabricatorAuthManagementRecoverWorkflow
->setExamples('**recover** __username__') ->setExamples('**recover** __username__')
->setSynopsis( ->setSynopsis(
pht( pht(
'Recover access to an administrative account if you have locked '. 'Recover access to an account if you have locked yourself out '.
'yourself out of Phabricator.')) 'of Phabricator.'))
->setArguments( ->setArguments(
array( array(
'username' => array( 'username' => array(
@ -21,23 +21,6 @@ final class PhabricatorAuthManagementRecoverWorkflow
} }
public function execute(PhutilArgumentParser $args) { public function execute(PhutilArgumentParser $args) {
$can_recover = id(new PhabricatorPeopleQuery())
->setViewer($this->getViewer())
->withIsAdmin(true)
->execute();
if (!$can_recover) {
throw new PhutilArgumentUsageException(
pht(
'This Phabricator installation has no recoverable administrator '.
'accounts. You can use `%s` to create a new administrator '.
'account or make an existing user an administrator.',
'bin/accountadmin'));
}
$can_recover = mpull($can_recover, 'getUsername');
sort($can_recover);
$can_recover = implode(', ', $can_recover);
$usernames = $args->getArg('username'); $usernames = $args->getArg('username');
if (!$usernames) { if (!$usernames) {
throw new PhutilArgumentUsageException( throw new PhutilArgumentUsageException(
@ -57,18 +40,8 @@ final class PhabricatorAuthManagementRecoverWorkflow
if (!$user) { if (!$user) {
throw new PhutilArgumentUsageException( throw new PhutilArgumentUsageException(
pht( pht(
'No such user "%s". Recoverable administrator accounts are: %s.', 'No such user "%s" to recover.',
$username, $username));
$can_recover));
}
if (!$user->getIsAdmin()) {
throw new PhutilArgumentUsageException(
pht(
'You can only recover administrator accounts, but %s is not an '.
'administrator. Recoverable administrator accounts are: %s.',
$username,
$can_recover));
} }
if (!$user->canEstablishWebSessions()) { if (!$user->canEstablishWebSessions()) {