Commit 3099de5d authored by James Lopez's avatar James Lopez

Merge branch 'unauthaccess-to-public-keys' into 'master'

Allow SSH keys API endpoint to be requested for a given username

Closes #17569

See merge request gitlab-org/gitlab!22899
parents fd74d775 299ee71a
---
title: Allow SSH keys API endpoint to be requested for a given username
merge_request: 22899
author: Rajendra Kadam
type: changed
...@@ -677,12 +677,12 @@ Parameters: ...@@ -677,12 +677,12 @@ Parameters:
Get a list of a specified user's SSH keys. Get a list of a specified user's SSH keys.
``` ```
GET /users/:id/keys GET /users/:id_or_username/keys
``` ```
Parameters: | Attribute | Type | Required | Description |
| ---------------- | ------ | -------- | ----------- |
- `id` (required) - id of specified user | `id_or_username` | string | yes | The id or username of the user to get the SSH keys for. |
## Single SSH key ## Single SSH key
......
...@@ -252,17 +252,15 @@ module API ...@@ -252,17 +252,15 @@ module API
success Entities::SSHKey success Entities::SSHKey
end end
params do params do
requires :id, type: Integer, desc: 'The ID of the user' requires :user_id, type: String, desc: 'The ID or username of the user'
use :pagination use :pagination
end end
# rubocop: disable CodeReuse/ActiveRecord get ':user_id/keys', requirements: API::USER_REQUIREMENTS do
get ':id/keys' do user = find_user(params[:user_id])
user = User.find_by(id: params[:id])
not_found!('User') unless user && can?(current_user, :read_user, user) not_found!('User') unless user && can?(current_user, :read_user, user)
present paginate(user.keys), with: Entities::SSHKey present paginate(user.keys), with: Entities::SSHKey
end end
# rubocop: enable CodeReuse/ActiveRecord
desc 'Delete an existing SSH key from a specified user. Available only for admins.' do desc 'Delete an existing SSH key from a specified user. Available only for admins.' do
success Entities::SSHKey success Entities::SSHKey
......
...@@ -913,6 +913,27 @@ describe API::Users do ...@@ -913,6 +913,27 @@ describe API::Users do
end end
end end
describe 'GET /user/:user_id/keys' do
it 'returns 404 for non-existing user' do
get api("/users/#{not_existing_user_id}/keys")
expect(response).to have_gitlab_http_status(404)
expect(json_response['message']).to eq('404 User Not Found')
end
it 'returns array of ssh keys' do
user.keys << key
user.save
get api("/users/#{user.username}/keys")
expect(response).to have_gitlab_http_status(200)
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.first['title']).to eq(key.title)
end
end
describe 'DELETE /user/:id/keys/:key_id' do describe 'DELETE /user/:id/keys/:key_id' do
before do before do
admin admin
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment