Merge branch 'internal_recovery_api' into 'master'

Minor edits to two_factor_recovery_codes API error catching

Minor fixes to the `two_factor_recovery_codes` internal API making the conditionals more sane.  Thanks @DouweM for pointing it out.

See merge request !6000

lib/api/internal.rb

@@ -105,15 +105,19 @@ module API
       post '/two_factor_recovery_codes' do
         status 200
 
-        key = Key.find(params[:key_id])
-        user = key.user
+        key = Key.find_by(id: params[:key_id])
+
+        unless key
+          return { 'success' => false, 'message' => 'Could not find the given key' }
+        end
 
-        # Make sure this isn't a deploy key
-        unless key.type.nil?
+        if key.is_a?(DeployKey)
           return { success: false, message: 'Deploy keys cannot be used to retrieve recovery codes' }
         end
 
-        unless user.present?
+        user = key.user
+
+        unless user
           return { success: false, message: 'Could not find a user for the given key' }
         end
 

spec/requests/api/internal_spec.rb

@@ -44,8 +44,8 @@ describe API::API, api: true  do
            secret_token: secret_token,
            key_id: 12345
 
-      expect(response).to have_http_status(404)
-      expect(json_response['message']).to eq('404 Not found')
+      expect(json_response['success']).to be_falsey
+      expect(json_response['message']).to eq('Could not find the given key')
     end
 
     it 'returns an error message when the key is a deploy key' do