getting user keys publically through http without any authentication, the...

getting user keys publically through http without any authentication, the github way. E.g: http://github.com/devaroop.keys

app/controllers/profiles/keys_controller.rb

 class Profiles::KeysController < ApplicationController
   layout "profile"
+  skip_before_filter :authenticate_user!, only: [:get_keys]
 
   def index
     @keys = current_user.keys.order('id DESC').all
@@ -32,4 +33,21 @@ class Profiles::KeysController < ApplicationController
       format.js { render nothing: true }
     end
   end
+
+  #get all keys of a user(params[:username]) in a text format
+  #helpful for sysadmins to put in respective servers
+  def get_keys
+    if params[:username].present?
+      begin
+        user = User.find_by_username(params[:username])
+        user.present? ? (render :text => user.all_ssh_keys) :
+          (render_404 and return)
+      rescue => e
+        render text: e.message
+      end
+    else
+      render_404 and return
+    end
+  end
+
 end

app/models/user.rb

@@ -391,4 +391,8 @@ class User < ActiveRecord::Base
 
     self
   end
+
+  def all_ssh_keys
+    keys.collect{|x| x.key}.join("\n")
+  end
 end

config/routes.rb

@@ -11,6 +11,9 @@ Gitlab::Application.routes.draw do
   API::API.logger Rails.logger
   mount API::API => '/api'
 
+  #get all keys of user
+  get ':username.keys' => 'profiles/keys#get_keys' , constraints: { username: /.*/ }
+
   constraint = lambda { |request| request.env["warden"].authenticate? and request.env['warden'].user.admin? }
   constraints constraint do
     mount Sidekiq::Web, at: "/admin/sidekiq", as: :sidekiq