Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
97371848
Commit
97371848
authored
7 years ago
by
Robert Schilling
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
API: Add GPG key management for admins
parent
b6957974
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
238 additions
and
0 deletions
+238
-0
lib/api/users.rb
lib/api/users.rb
+80
-0
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+158
-0
No files found.
lib/api/users.rb
View file @
97371848
...
...
@@ -233,6 +233,86 @@ module API
destroy_conditionally!
(
key
)
end
desc
'Add a GPG key to a specified user. Available only for admins.'
do
detail
'This feature was added in GitLab 10.0'
success
Entities
::
GPGKey
end
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
requires
:key
,
type:
String
,
desc:
'The new GPG key'
end
post
':id/gpg_keys'
do
authenticated_as_admin!
user
=
User
.
find_by
(
id:
params
.
delete
(
:id
))
not_found!
(
'User'
)
unless
user
key
=
user
.
gpg_keys
.
new
(
declared_params
(
include_missing:
false
))
if
key
.
save
present
key
,
with:
Entities
::
GPGKey
else
render_validation_error!
(
key
)
end
end
desc
'Get the GPG keys of a specified user. Available only for admins.'
do
detail
'This feature was added in GitLab 10.0'
success
Entities
::
GPGKey
end
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
use
:pagination
end
get
':id/gpg_keys'
do
authenticated_as_admin!
user
=
User
.
find_by
(
id:
params
[
:id
])
not_found!
(
'User'
)
unless
user
present
paginate
(
user
.
gpg_keys
),
with:
Entities
::
GPGKey
end
desc
'Delete an existing GPG key from a specified user. Available only for admins.'
do
detail
'This feature was added in GitLab 10.0'
end
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
requires
:key_id
,
type:
Integer
,
desc:
'The ID of the GPG key'
end
delete
':id/gpg_keys/:key_id'
do
authenticated_as_admin!
user
=
User
.
find_by
(
id:
params
[
:id
])
not_found!
(
'User'
)
unless
user
key
=
user
.
gpg_keys
.
find_by
(
id:
params
[
:key_id
])
not_found!
(
'GPG Key'
)
unless
key
status
204
key
.
destroy
end
desc
'Revokes an existing GPG key from a specified user. Available only for admins.'
do
detail
'This feature was added in GitLab 10.0'
end
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
requires
:key_id
,
type:
Integer
,
desc:
'The ID of the GPG key'
end
post
':id/gpg_keys/:key_id/revoke'
do
authenticated_as_admin!
user
=
User
.
find_by
(
id:
params
[
:id
])
not_found!
(
'User'
)
unless
user
key
=
user
.
gpg_keys
.
find_by
(
id:
params
[
:key_id
])
not_found!
(
'GPG Key'
)
unless
key
key
.
revoke
status
:accepted
end
desc
'Add an email address to a specified user. Available only for admins.'
do
success
Entities
::
Email
end
...
...
This diff is collapsed.
Click to expand it.
spec/requests/api/users_spec.rb
View file @
97371848
...
...
@@ -754,6 +754,164 @@ describe API::Users do
end
end
describe
'POST /users/:id/keys'
do
before
do
admin
end
it
'does not create invalid GPG key'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'error'
]).
to
eq
(
'key is missing'
)
end
it
'creates GPG key'
do
key_attrs
=
attributes_for
:gpg_key
expect
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
),
key_attrs
expect
(
response
).
to
have_http_status
(
201
)
end
.
to
change
{
user
.
gpg_keys
.
count
}.
by
(
1
)
end
it
'returns 400 for invalid ID'
do
post
api
(
'/users/999999/gpg_keys'
,
admin
)
expect
(
response
).
to
have_http_status
(
400
)
end
end
describe
'GET /user/:id/gpg_keys'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
get
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
context
'when authenticated'
do
it
'returns 404 for non-existing user'
do
get
api
(
'/users/999999/gpg_keys'
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns 404 error if key not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/42"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
end
it
'returns array of GPG keys'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
get
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
include_pagination_headers
expect
(
json_response
).
to
be_an
Array
expect
(
json_response
.
first
[
'key'
]).
to
eq
(
gpg_key
.
key
)
end
end
end
describe
'DELETE /user/:id/gpg_keys/:key_id'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
delete
api
(
"/users/
#{
user
.
id
}
/keys/42"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
context
'when authenticated'
do
it
'deletes existing key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
gpg_key
.
id
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
204
)
end
.
to
change
{
user
.
gpg_keys
.
count
}.
by
(
-
1
)
end
it
'returns 404 error if user not found'
do
user
.
keys
<<
key
user
.
save
delete
api
(
"/users/999999/gpg_keys/
#{
gpg_key
.
id
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns 404 error if key not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/42"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
end
end
end
describe
'POST /user/:id/gpg_keys/:key_id/revoke'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/42/revoke"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
context
'when authenticated'
do
it
'revokes existing key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
,
admin
)
expect
(
response
).
to
have_http_status
(
:accepted
)
end
.
to
change
{
user
.
gpg_keys
.
count
}.
by
(
-
1
)
end
it
'returns 404 error if user not found'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
post
api
(
"/users/999999/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns 404 error if key not foud'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/42/revoke"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
end
end
end
describe
"POST /users/:id/emails"
do
before
do
admin
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment