Merge branch 'mgill-user-gpg' into 'master'

Get a specific GPG key for a given user See merge request gitlab-org/gitlab!43693

Merge branch 'mgill-user-gpg' into 'master'
Get a specific GPG key for a given user See merge request gitlab-org/gitlab!43693
5b6975a7 · Douglas Barbosa Alexandre · 2c7a756b · 119b14df · 5b6975a7 · 5b6975a7
Commit 5b6975a7 authored Oct 07, 2020 by Douglas Barbosa Alexandre
4 changed files
--- a/changelogs/unreleased/mgill-user-gpg.yml
+++ b/changelogs/unreleased/mgill-user-gpg.yml
+---
+title: API support for a specific GPG Key for given user
+merge_request: 43693
+author:
+type: added
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -980,7 +980,8 @@ Example response:
 ## Get a specific GPG key for a given user
-Get a specific GPG key for a given user. Available only for admins.
+Get a specific GPG key for a given user. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43693)
+in GitLab 13.5, this endpoint can be accessed without admin authentication.
 ```plaintext
 GET /users/:id/gpg_keys/:key_id

--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -365,6 +365,26 @@ module API
      end
      # rubocop: enable CodeReuse/ActiveRecord
+      desc 'Get a specific GPG key for a given user.' do
+        detail 'This feature was added in GitLab 13.5'
+        success Entities::GpgKey
+      end
+      params do
+        requires :id, type: Integer, desc: 'The ID of the user'
+        requires :key_id, type: Integer, desc: 'The ID of the GPG key'
+      end
+      # rubocop: disable CodeReuse/ActiveRecord
+      get ':id/gpg_keys/:key_id' do
+        user = User.find_by(id: params[:id])
+        not_found!('User') unless user
+        key = user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+        present key, with: Entities::GpgKey
+      end
+      # rubocop: enable CodeReuse/ActiveRecord
      desc 'Delete an existing GPG key from a specified user. Available only for admins.' do
        detail 'This feature was added in GitLab 10.0'
      end

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -1479,6 +1479,31 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
    end
  end
+  describe 'GET /user/:id/gpg_keys/:key_id' do
+    it 'returns 404 for non-existing user' do
+      get api('/users/0/gpg_keys/1')
+      expect(response).to have_gitlab_http_status(:not_found)
+      expect(json_response['message']).to eq('404 User Not Found')
+    end
+    it 'returns 404 for non-existing key' do
+      get api("/users/#{user.id}/gpg_keys/0")
+      expect(response).to have_gitlab_http_status(:not_found)
+      expect(json_response['message']).to eq('404 GPG Key Not Found')
+    end
+    it 'returns a single GPG key' do
+      user.gpg_keys << gpg_key
+      get api("/users/#{user.id}/gpg_keys/#{gpg_key.id}")
+      expect(response).to have_gitlab_http_status(:ok)
+      expect(json_response['key']).to eq(gpg_key.key)
+    end
+  end
  describe 'DELETE /user/:id/gpg_keys/:key_id' do
    context 'when unauthenticated' do
      it 'returns authentication error' do