Commit 1c46199b authored by Michelle Gill's avatar Michelle Gill

Get a specific GPG key for a given user

Ability to access the public key for a user without authentication
parent 82f7405e
---
title: API support for a specific GPG Key for given user
merge_request: 43693
author:
type: added
...@@ -980,7 +980,7 @@ Example response: ...@@ -980,7 +980,7 @@ Example response:
## Get a specific GPG key for a given user ## Get a specific GPG key for a given user
Get a specific GPG key for a given user. Available only for admins. Get a specific GPG key for a given user. This endpoint can be accessed without authentication.
```plaintext ```plaintext
GET /users/:id/gpg_keys/:key_id GET /users/:id/gpg_keys/:key_id
......
...@@ -367,6 +367,26 @@ module API ...@@ -367,6 +367,26 @@ module API
end end
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
desc 'Get a specific GPG key for a given user.' do
detail 'This feature was added in GitLab 13.5'
success Entities::GpgKey
end
params do
requires :id, type: Integer, desc: 'The ID of the user'
requires :key_id, type: Integer, desc: 'The ID of the GPG key'
end
# rubocop: disable CodeReuse/ActiveRecord
get ':id/gpg_keys/:key_id' do
user = User.find_by(id: params[:id])
not_found!('User') unless user
key = user.gpg_keys.find_by(id: params[:key_id])
not_found!('GPG Key') unless key
present key, with: Entities::GpgKey
end
# rubocop: enable CodeReuse/ActiveRecord
desc 'Delete an existing GPG key from a specified user. Available only for admins.' do desc 'Delete an existing GPG key from a specified user. Available only for admins.' do
detail 'This feature was added in GitLab 10.0' detail 'This feature was added in GitLab 10.0'
end end
......
...@@ -1496,6 +1496,31 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -1496,6 +1496,31 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
end end
end end
describe 'GET /user/:id/gpg_keys/:key_id' do
it 'returns 404 for non-existing user' do
get api('/users/0/gpg_keys/1')
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 User Not Found')
end
it 'returns 404 for non-existing key' do
get api("/users/#{user.id}/gpg_keys/0")
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 GPG Key Not Found')
end
it 'returns a single GPG key' do
user.gpg_keys << gpg_key
get api("/users/#{user.id}/gpg_keys/#{gpg_key.id}")
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['key']).to eq(gpg_key.key)
end
end
describe 'DELETE /user/:id/gpg_keys/:key_id' do describe 'DELETE /user/:id/gpg_keys/:key_id' do
context 'when unauthenticated' do context 'when unauthenticated' do
it 'returns authentication error' do it 'returns authentication error' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment