gitlab-org--gitlab-foss/app/models/key.rb

require 'digest/md5'

class Key < ActiveRecord::Base
  include Gitlab::CurrentSettings
  include Sortable

  LAST_USED_AT_REFRESH_TIME = 1.day.to_i

  belongs_to :user

  before_validation :generate_fingerprint

  validates :title,
    presence: true,
    length: { maximum: 255 }

  validates :key,
    presence: true,
    length: { maximum: 5000 },
    format: { with: /\A(ssh|ecdsa)-.*\Z/ }

  validates :fingerprint,
    uniqueness: true,
    presence: { message: 'cannot be generated' }

  validate :key_meets_restrictions

  delegate :name, :email, to: :user, prefix: true

  after_commit :add_to_shell, on: :create
  after_commit :notify_user, on: :create
  after_create :post_create_hook
  after_commit :remove_from_shell, on: :destroy
  after_destroy :post_destroy_hook

  def key=(value)
    value&.delete!("\n\r")
    value.strip! unless value.blank?
    write_attribute(:key, value)
  end

  def publishable_key
    # Strip out the keys comment so we don't leak email addresses
    # Replace with simple ident of user_name (hostname)
    self.key.split[0..1].push("#{self.user_name} (#{Gitlab.config.gitlab.host})").join(' ')
  end

  # projects that has this key
  def projects
    user.authorized_projects
  end

  def shell_id
    "key-#{id}"
  end

  def update_last_used_at
    lease = Gitlab::ExclusiveLease.new("key_update_last_used_at:#{id}", timeout: LAST_USED_AT_REFRESH_TIME)
    return unless lease.try_obtain

    UseKeyWorker.perform_async(id)
  end

  def add_to_shell
    GitlabShellWorker.perform_async(
      :add_key,
      shell_id,
      key
    )
  end

  def post_create_hook
    SystemHooksService.new.execute_hooks_for(self, :create)
  end

  def remove_from_shell
    GitlabShellWorker.perform_async(
      :remove_key,
      shell_id,
      key
    )
  end

  def post_destroy_hook
    SystemHooksService.new.execute_hooks_for(self, :destroy)
  end

  def public_key
    @public_key ||= Gitlab::SSHPublicKey.new(key)
  end

  private

  def generate_fingerprint
    self.fingerprint = nil

    return unless self.key.present?

    self.fingerprint = public_key.fingerprint
  end

  def key_meets_restrictions
    restriction = current_application_settings.key_restriction_for(public_key.type)

    if restriction == ApplicationSetting::FORBIDDEN_KEY_VALUE
      errors.add(:key, forbidden_key_type_message)
    elsif public_key.bits < restriction
      errors.add(:key, "must be at least #{restriction} bits")
    end
  end

  def forbidden_key_type_message
    allowed_types =
      current_application_settings
        .allowed_key_types
        .map(&:upcase)
        .to_sentence(last_word_connector: ', or ', two_words_connector: ' or ')

    "type is forbidden. Must be #{allowed_types}"
  end

  def notify_user
    NotificationService.new.new_key(self)
  end
end
Allow non-unique deploy keys 2012-02-07 16:56:53 -05:00			`require 'digest/md5'`

init commit 2011-10-08 17:36:38 -04:00			`class Key < ActiveRecord::Base`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00			`include Gitlab::CurrentSettings`
Explicitly define ordering in models using default_scope 2015-02-05 17:20:55 -05:00			`include Sortable`
store and display public key fingerprint 2013-06-24 13:07:21 -04:00
Record used SSH keys only once per day Use Gitlab::ExclusiveLease to make sure that we enqueue Sidekiq job at most once per day for given key. 2017-01-20 05:42:46 -05:00			`LAST_USED_AT_REFRESH_TIME = 1.day.to_i`

init commit 2011-10-08 17:36:38 -04:00			`belongs_to :user`

Use setter for key instead AR callback ref: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6763 2016-11-15 14:16:45 -05:00			`before_validation :generate_fingerprint`
simple refactoring 2012-10-08 20:10:04 -04:00
Use :maximum instead of :within for length validators with a 0..N range Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-12-02 07:54:57 -05:00			`validates :title,`
			`presence: true,`
			`length: { maximum: 255 }`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00
Use :maximum instead of :within for length validators with a 0..N range Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-12-02 07:54:57 -05:00			`validates :key,`
			`presence: true,`
			`length: { maximum: 5000 },`
			`format: { with: /\A(ssh\|ecdsa)-.*\Z/ }`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00
Use :maximum instead of :within for length validators with a 0..N range Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-12-02 07:54:57 -05:00			`validates :fingerprint,`
			`uniqueness: true,`
			`presence: { message: 'cannot be generated' }`
init commit 2011-10-08 17:36:38 -04:00
Rework the permissions model for SSH key restrictions `allowed_key_types` is removed and the `minimum_<type>_bits` fields are renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies that the key type is disabled. This also feeds through to the UI - checkboxes per key type are out, inline selection of "forbidden" and "allowed" (i.e., no restrictions) are in. As with the previous model, unknown key types are disallowed, even if the underlying ssh daemon happens to support them. The defaults have also been changed from the lowest known bit size to "no restriction". So if someone does happen to have a 768-bit RSA key, it will continue to work on upgrade, at least until the administrator restricts them. 2017-08-25 09:08:48 -04:00			`validate :key_meets_restrictions`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-10 18:07:50 -04:00			`delegate :name, :email, to: :user, prefix: true`
Allow non-unique deploy keys 2012-02-07 16:56:53 -05:00
Don’t schedule workers from inside transactions 2017-06-01 17:36:04 -04:00			`after_commit :add_to_shell, on: :create`
			`after_commit :notify_user, on: :create`
Add system hook for ssh key changes Add system hook for ssh key create and destroy Update and fix documentation Update tests 2014-08-18 10:46:46 -04:00			`after_create :post_create_hook`
Don’t schedule workers from inside transactions 2017-06-01 17:36:04 -04:00			`after_commit :remove_from_shell, on: :destroy`
Add system hook for ssh key changes Add system hook for ssh key create and destroy Update and fix documentation Update tests 2014-08-18 10:46:46 -04:00			`after_destroy :post_destroy_hook`
Remove KeysObserver Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-04-02 14:13:05 -04:00
Use setter for key instead AR callback ref: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6763 2016-11-15 14:16:45 -05:00			`def key=(value)`
fix #35133 strip new lines from ssh keys 2017-08-03 12:39:10 -04:00			`value&.delete!("\n\r")`
Use setter for key instead AR callback ref: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6763 2016-11-15 14:16:45 -05:00			`value.strip! unless value.blank?`
			`write_attribute(:key, value)`
Improved validation. Strip key. 2012-02-07 17:32:20 -05:00			`end`

Only publish ssh key-type and key 2015-06-19 13:17:34 -04:00			`def publishable_key`
Add simple identifier to public SSH keys 2016-08-02 01:56:23 -04:00			`# Strip out the keys comment so we don't leak email addresses`
			`# Replace with simple ident of user_name (hostname)`
			`self.key.split[0..1].push("#{self.user_name} (#{Gitlab.config.gitlab.host})").join(' ')`
Only publish ssh key-type and key 2015-06-19 13:17:34 -04:00			`end`

Models Refactoring: Move methods to roles 2012-06-07 08:44:57 -04:00			`# projects that has this key`
init commit 2011-10-08 17:36:38 -04:00			`def projects`
Create DeployKey & DeployKeysProject models. Bulding many to many relation between deploy keys and projects 2013-05-06 05:26:36 -04:00			`user.authorized_projects`
init commit 2011-10-08 17:36:38 -04:00			`end`
Use similar interface to access gitolite Simplified gitolite handle logic Stubn over monkeypatch Stub only specific methods in Gitlab:Gitolite Moved grach auth to lib added specs for keys observer removes SshKey role 2012-08-28 17:04:06 -04:00
add remove keys from gitlab-shell by id 2013-02-05 04:12:15 -05:00			`def shell_id`
Create DeployKey & DeployKeysProject models. Bulding many to many relation between deploy keys and projects 2013-05-06 05:26:36 -04:00			`"key-#{id}"`
Make gitlab works with gitlab-shell 2013-02-04 08:07:56 -05:00			`end`
store and display public key fingerprint 2013-06-24 13:07:21 -04:00
Record and show last used date of SSH Keys Addresses: Issue #13810 1. Adds a last_used_at attribute to the Key table/model 2. Update a key's last_used_at whenever it gets used 3. Display how long ago an ssh key was last used 2016-12-21 09:59:54 -05:00			`def update_last_used_at`
Record used SSH keys only once per day Use Gitlab::ExclusiveLease to make sure that we enqueue Sidekiq job at most once per day for given key. 2017-01-20 05:42:46 -05:00			`lease = Gitlab::ExclusiveLease.new("key_update_last_used_at:#{id}", timeout: LAST_USED_AT_REFRESH_TIME)`
			`return unless lease.try_obtain`

			`UseKeyWorker.perform_async(id)`
Record and show last used date of SSH Keys Addresses: Issue #13810 1. Adds a last_used_at attribute to the Key table/model 2. Update a key's last_used_at whenever it gets used 3. Display how long ago an ssh key was last used 2016-12-21 09:59:54 -05:00			`end`

Remove KeysObserver Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-04-02 14:13:05 -04:00			`def add_to_shell`
			`GitlabShellWorker.perform_async(`
			`:add_key,`
			`shell_id,`
			`key`
			`)`
			`end`

Add system hook for ssh key changes Add system hook for ssh key create and destroy Update and fix documentation Update tests 2014-08-18 10:46:46 -04:00			`def post_create_hook`
			`SystemHooksService.new.execute_hooks_for(self, :create)`
			`end`

Remove KeysObserver Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-04-02 14:13:05 -04:00			`def remove_from_shell`
			`GitlabShellWorker.perform_async(`
			`:remove_key,`
			`shell_id,`
Enable the Style/TrailingCommaInArguments cop Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-05-03 07:27:17 -04:00			`key`
Remove KeysObserver Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-04-02 14:13:05 -04:00			`)`
			`end`

Add system hook for ssh key changes Add system hook for ssh key create and destroy Update and fix documentation Update tests 2014-08-18 10:46:46 -04:00			`def post_destroy_hook`
			`SystemHooksService.new.execute_hooks_for(self, :destroy)`
			`end`

Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00			`def public_key`
			`@public_key \|\|= Gitlab::SSHPublicKey.new(key)`
			`end`

store and display public key fingerprint 2013-06-24 13:07:21 -04:00			`private`

Fix various typos signe-in -> signed-in go_to_gihub_for_permissions -> go_to_github_for_permissions descendand -> descendant behavour -> behaviour recepient_email -> recipient_email generate_fingerpint -> generate_fingerprint dependes -> depends Cant't -> Can't wisit -> visit notifcation -> notification sufficent_scope -> sufficient_scope? levet -> level 2015-01-18 10:29:37 -05:00			`def generate_fingerprint`
Validate fingerprint uniqueness 2013-07-17 09:16:34 -04:00			`self.fingerprint = nil`
Refactor key fingerprint generation. 2015-04-14 06:00:43 -04:00
			`return unless self.key.present?`

Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00			`self.fingerprint = public_key.fingerprint`
			`end`

Rework the permissions model for SSH key restrictions `allowed_key_types` is removed and the `minimum_<type>_bits` fields are renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies that the key type is disabled. This also feeds through to the UI - checkboxes per key type are out, inline selection of "forbidden" and "allowed" (i.e., no restrictions) are in. As with the previous model, unknown key types are disallowed, even if the underlying ssh daemon happens to support them. The defaults have also been changed from the lowest known bit size to "no restriction". So if someone does happen to have a 768-bit RSA key, it will continue to work on upgrade, at least until the administrator restricts them. 2017-08-25 09:08:48 -04:00			`def key_meets_restrictions`
			`restriction = current_application_settings.key_restriction_for(public_key.type)`

			`if restriction == ApplicationSetting::FORBIDDEN_KEY_VALUE`
			`errors.add(:key, forbidden_key_type_message)`
			`elsif public_key.bits < restriction`
			`errors.add(:key, "must be at least #{restriction} bits")`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00			`end`
			`end`

Rework the permissions model for SSH key restrictions `allowed_key_types` is removed and the `minimum_<type>_bits` fields are renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies that the key type is disabled. This also feeds through to the UI - checkboxes per key type are out, inline selection of "forbidden" and "allowed" (i.e., no restrictions) are in. As with the previous model, unknown key types are disallowed, even if the underlying ssh daemon happens to support them. The defaults have also been changed from the lowest known bit size to "no restriction". So if someone does happen to have a 768-bit RSA key, it will continue to work on upgrade, at least until the administrator restricts them. 2017-08-25 09:08:48 -04:00			`def forbidden_key_type_message`
			`allowed_types =`
			`current_application_settings`
Add settings for minimum key strength and allowed key type This is an amalgamation of: * Cory Hinshaw: Initial implementation !5552 * Rémy Coutable: Updates !9350 * Nick Thomas: Resolve conflicts and add ED25519 support !13712 2017-08-21 06:30:03 -04:00			`.allowed_key_types`
			`.map(&:upcase)`
			`.to_sentence(last_word_connector: ', or ', two_words_connector: ' or ')`

Rework the permissions model for SSH key restrictions `allowed_key_types` is removed and the `minimum_<type>_bits` fields are renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies that the key type is disabled. This also feeds through to the UI - checkboxes per key type are out, inline selection of "forbidden" and "allowed" (i.e., no restrictions) are in. As with the previous model, unknown key types are disallowed, even if the underlying ssh daemon happens to support them. The defaults have also been changed from the lowest known bit size to "no restriction". So if someone does happen to have a 768-bit RSA key, it will continue to work on upgrade, at least until the administrator restricts them. 2017-08-25 09:08:48 -04:00			`"type is forbidden. Must be #{allowed_types}"`
store and display public key fingerprint 2013-06-24 13:07:21 -04:00			`end`
Don't notify user for deploy keys, feedback: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7383#note_18517263 2016-11-17 12:23:04 -05:00
			`def notify_user`
Don’t schedule workers from inside transactions 2017-06-01 17:36:04 -04:00			`NotificationService.new.new_key(self)`
Don't notify user for deploy keys, feedback: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7383#note_18517263 2016-11-17 12:23:04 -05:00			`end`
init commit 2011-10-08 17:36:38 -04:00			`end`