mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-03 20:22:46 +01:00
6f0d3b0796
Summary: Ref T5833. Currently, SSH keys are associated only with users, and are a bit un-modern. I want to let Almanac Devices have SSH keys so devices in a cluster can identify to one another. For example, with hosted installs, initialization will go something like this: - A request comes in for `company.phacility.com`. - A SiteSource (from D10787) makes a Conduit call to Almanac on the master install to check if `company` is a valid install and pull config if it is. - This call can be signed with an SSH key which identifies a trusted Almanac Device. In the cluster case, a web host can make an authenticated call to a repository host with similar key signing. To move toward this, put a proper Query class on top of SSH key access (this diff). In following diffs, I'll: - Rename `userPHID` to `objectPHID`. - Move this to the `auth` database. - Provide UI for device/key association. An alternative approach would be to build some kind of special token layer in Conduit, but I think that would be a lot harder to manage in the hosting case. This gives us a more direct attack on trusting requests from machines and recognizing machines as first (well, sort of second-class) actors without needing things like fake user accounts. Test Plan: - Added and removed SSH keys. - Added and removed SSH keys from a bot account. - Tried to edit an unonwned SSH key (denied). - Ran `bin/ssh-auth`, got sensible output. - Ran `bin/ssh-auth-key`, got sensible output. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T5833 Differential Revision: https://secure.phabricator.com/D10790
86 lines
2 KiB
PHP
86 lines
2 KiB
PHP
<?php
|
|
|
|
final class PhabricatorUserSSHKey
|
|
extends PhabricatorUserDAO
|
|
implements PhabricatorPolicyInterface {
|
|
|
|
protected $userPHID;
|
|
protected $name;
|
|
protected $keyType;
|
|
protected $keyBody;
|
|
protected $keyHash;
|
|
protected $keyComment;
|
|
|
|
private $object = self::ATTACHABLE;
|
|
|
|
public function getObjectPHID() {
|
|
return $this->getUserPHID();
|
|
}
|
|
|
|
public function getConfiguration() {
|
|
return array(
|
|
self::CONFIG_COLUMN_SCHEMA => array(
|
|
'keyHash' => 'bytes32',
|
|
'keyComment' => 'text255?',
|
|
|
|
// T6203/NULLABILITY
|
|
// These seem like they should not be nullable.
|
|
'name' => 'text255?',
|
|
'keyType' => 'text255?',
|
|
'keyBody' => 'text?',
|
|
),
|
|
self::CONFIG_KEY_SCHEMA => array(
|
|
'userPHID' => array(
|
|
'columns' => array('userPHID'),
|
|
),
|
|
'keyHash' => array(
|
|
'columns' => array('keyHash'),
|
|
'unique' => true,
|
|
),
|
|
),
|
|
) + parent::getConfiguration();
|
|
}
|
|
|
|
public function getEntireKey() {
|
|
$parts = array(
|
|
$this->getKeyType(),
|
|
$this->getKeyBody(),
|
|
$this->getKeyComment(),
|
|
);
|
|
return trim(implode(' ', $parts));
|
|
}
|
|
|
|
public function getObject() {
|
|
return $this->assertAttached($this->object);
|
|
}
|
|
|
|
public function attachObject($object) {
|
|
$this->object = $object;
|
|
return $this;
|
|
}
|
|
|
|
|
|
/* -( PhabricatorPolicyInterface )----------------------------------------- */
|
|
|
|
|
|
public function getCapabilities() {
|
|
return array(
|
|
PhabricatorPolicyCapability::CAN_VIEW,
|
|
PhabricatorPolicyCapability::CAN_EDIT,
|
|
);
|
|
}
|
|
|
|
public function getPolicy($capability) {
|
|
return $this->getObject()->getPolicy($capability);
|
|
}
|
|
|
|
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
|
|
return $this->getObject()->hasAutomaticCapability($capability, $viewer);
|
|
}
|
|
|
|
public function describeAutomaticCapability($capability) {
|
|
return pht(
|
|
'SSH keys inherit the policies of the user or object they authenticate.');
|
|
}
|
|
|
|
}
|