Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable SSH key deletion of externally managed Keys #13985

Merged
merged 7 commits into from
Dec 26, 2020
Merged

Disable SSH key deletion of externally managed Keys #13985

merged 7 commits into from
Dec 26, 2020

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Dec 14, 2020
edited
Loading

When a user has a login source which has SSH key management
deletion of keys from that source using the UI should be disabled.

Fix #13983

Signed-off-by: Andrew Thornton art27@cantab.net

@zeripath zeripath added the type/feature Completely new functionality. Can only be merged if feature freeze is not active. label Dec 14, 2020
@zeripath zeripath added this to the 1.14.0 milestone Dec 14, 2020
@zeripath
Disable SSH key addition and deletion when externally managed
4ca803f 
When a user has a login source which has SSH key management
key addition and deletion using the UI should be disabled.

Fix go-gitea#13983

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath force-pushed the fix-13983-disable-ssh-editing-if-ldap branch from 5ed49e9 to 4ca803f Compare December 14, 2020 21:53
@silverwind
Copy link
Member

silverwind commented Dec 15, 2020
edited
Loading

Is it breaking? What happens to existing gitea-local keys that were previously added? Do they become unremovable?

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 15, 2020
@zeripath
Copy link
Contributor Author

Oh crap I've just realised that I missed something - the keys do actually have a login_source.

@codecov-io
Copy link

codecov-io commented Dec 15, 2020
edited
Loading

Codecov Report

Merging #13985 (a6b2543) into master (e0c753e) will decrease coverage by 0.13%.
The diff coverage is 39.43%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #13985      +/-   ##
==========================================
- Coverage   42.37%   42.24%   -0.14%     
==========================================
  Files         726      726              
  Lines       77839    77908      +69     
==========================================
- Hits        32982    32909      -73     
- Misses      39447    39579     +132     
- Partials     5410     5420      +10
Impacted Files Coverage Δ
routers/user/setting/keys.go 11.11% <13.33%> (+0.31%) ⬆️
routers/api/v1/user/key.go 53.39% <28.57%> (-1.25%) ⬇️
models/ssh_key.go 46.52% <48.97%> (+0.16%) ⬆️
modules/log/stack.go 0.00% <0.00%> (-81.82%) ⬇️
modules/log/conn.go 3.50% <0.00%> (-78.95%) ⬇️
modules/log/logger.go 0.00% <0.00%> (-10.53%) ⬇️
modules/log/event.go 50.00% <0.00%> (-9.91%) ⬇️
modules/git/tree_entry_nogogit.go 87.50% <0.00%> (-6.25%) ⬇️
modules/repofiles/tree.go 76.27% <0.00%> (-5.09%) ⬇️
modules/queue/manager.go 62.13% <0.00%> (-2.96%) ⬇️
... and 9 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e0c753e...a6b2543. Read the comment docs.

@zeripath
Make only externally managed keys disabled
1c88349 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath
Copy link
Contributor Author

Lets try again - this time the buttons are disabled if the key is an externally managed key

@zeripath zeripath changed the title Disable SSH key addition and deletion when externally managed Disable SSH key deletion of externally managed Keys Dec 15, 2020
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Dec 19, 2020
@strk
Copy link
Member

strk commented Dec 22, 2020

LGTM (not tested). I think for our goal we'll just drop all buttons and replace with a single button to direct users to the LDAP user management external url, which would still require a custom template, but it's good that there's no risk of some commandline tool removing externally managed keys

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 22, 2020
@techknowlogick
Copy link
Member

🚀

@techknowlogick techknowlogick merged commit ad1164f into go-gitea:master Dec 26, 2020
@zeripath zeripath deleted the fix-13983-disable-ssh-editing-if-ldap branch December 26, 2020 18:21
@go-gitea go-gitea locked and limited conversation to collaborators Feb 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lunny lunny lunny approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/feature Completely new functionality. Can only be merged if feature freeze is not active.
Projects
None yet
Milestone
1.14.0
Development

Successfully merging this pull request may close these issues.

SSH keys should not be allowed to be deleted when coming from LDAP
7 participants
@zeripath @silverwind @codecov-io @strk @techknowlogick @lunny @GiteaBot