3 final class PhabricatorAuthSSHRevoker
4 extends PhabricatorAuthRevoker
{
6 const REVOKERKEY
= 'ssh';
8 public function getRevokerName() {
9 return pht('SSH Keys');
12 public function getRevokerDescription() {
14 "Revokes all SSH public keys.\n\n".
15 "SSH public keys are revoked, not just removed. Users will need to ".
16 "generate and upload new, unique keys before they can access ".
17 "repositories or other services over SSH.");
20 public function revokeAllCredentials() {
21 $query = new PhabricatorAuthSSHKeyQuery();
22 return $this->revokeWithQuery($query);
25 public function revokeCredentialsFrom($object) {
26 $query = id(new PhabricatorAuthSSHKeyQuery())
27 ->withObjectPHIDs(array($object->getPHID()));
29 return $this->revokeWithQuery($query);
32 private function revokeWithQuery(PhabricatorAuthSSHKeyQuery
$query) {
33 $viewer = $this->getViewer();
35 // We're only going to revoke keys which have not already been revoked.
42 $content_source = PhabricatorContentSource
::newForSource(
43 PhabricatorDaemonContentSource
::SOURCECONST
);
45 $auth_phid = id(new PhabricatorAuthApplication())->getPHID();
46 foreach ($ssh_keys as $ssh_key) {
48 $xactions[] = $ssh_key->getApplicationTransactionTemplate()
49 ->setTransactionType(PhabricatorAuthSSHKeyTransaction
::TYPE_DEACTIVATE
)
52 $editor = $ssh_key->getApplicationTransactionEditor()
54 ->setActingAsPHID($auth_phid)
55 ->setContinueOnNoEffect(true)
56 ->setContinueOnMissingFields(true)
57 ->setContentSource($content_source)
58 ->setIsAdministrativeEdit(true)
59 ->applyTransactions($ssh_key, $xactions);
62 return count($ssh_keys);
