Commit 7079d62a authored by Robert Speicher's avatar Robert Speicher

Merge branch 'bvl-remove-user-id-discover-from-internal-api' into 'master'

Remove user_id param from the discover endpoint in the internal api

Closes #33647

See merge request gitlab-org/gitlab!18277
parents ccb00ed1 e02466a9
...@@ -52,6 +52,12 @@ class UserFinder ...@@ -52,6 +52,12 @@ class UserFinder
end end
end end
def find_by_ssh_key_id
return unless input_is_id?
User.find_by_ssh_key_id(@username_or_id)
end
def input_is_id? def input_is_id?
@username_or_id.is_a?(Numeric) || @username_or_id =~ /^\d+$/ @username_or_id.is_a?(Numeric) || @username_or_id =~ /^\d+$/
end end
......
...@@ -533,7 +533,7 @@ class User < ApplicationRecord ...@@ -533,7 +533,7 @@ class User < ApplicationRecord
# Returns a user for the given SSH key. # Returns a user for the given SSH key.
def find_by_ssh_key_id(key_id) def find_by_ssh_key_id(key_id)
Key.find_by(id: key_id)&.user find_by('EXISTS (?)', Key.select(1).where('keys.user_id = users.id').where(id: key_id))
end end
def find_by_full_path(path, follow_redirects: false) def find_by_full_path(path, follow_redirects: false)
......
...@@ -159,7 +159,6 @@ discovers the user associated with an SSH key. ...@@ -159,7 +159,6 @@ discovers the user associated with an SSH key.
|:----------|:-------|:---------|:------------| |:----------|:-------|:---------|:------------|
| `key_id` | integer | no | The id of the SSH key used as found in the authorized-keys file or through the `/authorized_keys` check | | `key_id` | integer | no | The id of the SSH key used as found in the authorized-keys file or through the `/authorized_keys` check |
| `username` | string | no | Username of the user being looked up, used by GitLab-shell when authenticating using a certificate | | `username` | string | no | Username of the user being looked up, used by GitLab-shell when authenticating using a certificate |
| `user_id` | integer | no | **Deprecated** User_id of the user being looked up |
``` ```
GET /internal/discover GET /internal/discover
......
...@@ -129,20 +129,15 @@ module API ...@@ -129,20 +129,15 @@ module API
# #
# Discover user by ssh key, user id or username # Discover user by ssh key, user id or username
# #
# rubocop: disable CodeReuse/ActiveRecord get '/discover' do
get "/discover" do
if params[:key_id] if params[:key_id]
key = Key.find(params[:key_id]) user = UserFinder.new(params[:key_id]).find_by_ssh_key_id
user = key.user
elsif params[:user_id]
user = User.find_by(id: params[:user_id])
elsif params[:username] elsif params[:username]
user = UserFinder.new(params[:username]).find_by_username user = UserFinder.new(params[:username]).find_by_username
end end
present user, with: Entities::UserSafe present user, with: Entities::UserSafe
end end
# rubocop: enable CodeReuse/ActiveRecord
get "/check" do get "/check" do
{ {
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'spec_helper' require 'spec_helper'
describe UserFinder do describe UserFinder do
set(:user) { create(:user) } let_it_be(:user) { create(:user) }
describe '#find_by_id' do describe '#find_by_id' do
context 'when the user exists' do context 'when the user exists' do
...@@ -24,7 +24,7 @@ describe UserFinder do ...@@ -24,7 +24,7 @@ describe UserFinder do
context 'when the user does not exist' do context 'when the user does not exist' do
it 'returns nil' do it 'returns nil' do
found = described_class.new(1).find_by_id found = described_class.new(-1).find_by_id
expect(found).to be_nil expect(found).to be_nil
end end
...@@ -84,7 +84,7 @@ describe UserFinder do ...@@ -84,7 +84,7 @@ describe UserFinder do
context 'when the user does not exist' do context 'when the user does not exist' do
it 'returns nil' do it 'returns nil' do
found = described_class.new(1).find_by_id_or_username found = described_class.new(-1).find_by_id_or_username
expect(found).to be_nil expect(found).to be_nil
end end
...@@ -110,7 +110,7 @@ describe UserFinder do ...@@ -110,7 +110,7 @@ describe UserFinder do
context 'when the user does not exist' do context 'when the user does not exist' do
it 'raises ActiveRecord::RecordNotFound' do it 'raises ActiveRecord::RecordNotFound' do
finder = described_class.new(1) finder = described_class.new(-1)
expect { finder.find_by_id! }.to raise_error(ActiveRecord::RecordNotFound) expect { finder.find_by_id! }.to raise_error(ActiveRecord::RecordNotFound)
end end
...@@ -170,10 +170,32 @@ describe UserFinder do ...@@ -170,10 +170,32 @@ describe UserFinder do
context 'when the user does not exist' do context 'when the user does not exist' do
it 'raises ActiveRecord::RecordNotFound' do it 'raises ActiveRecord::RecordNotFound' do
finder = described_class.new(1) finder = described_class.new(-1)
expect { finder.find_by_id_or_username! }.to raise_error(ActiveRecord::RecordNotFound) expect { finder.find_by_id_or_username! }.to raise_error(ActiveRecord::RecordNotFound)
end end
end end
end end
describe '#find_by_ssh_key_id' do
let_it_be(:ssh_key) { create(:key, user: user) }
it 'returns the user when passing the ssh key id' do
found = described_class.new(ssh_key.id).find_by_ssh_key_id
expect(found).to eq(user)
end
it 'returns the user when passing the ssh key id (string)' do
found = described_class.new(ssh_key.id.to_s).find_by_ssh_key_id
expect(found).to eq(user)
end
it 'returns nil when the id does not exist' do
found = described_class.new(-1).find_by_ssh_key_id
expect(found).to be_nil
end
end
end end
...@@ -1554,15 +1554,22 @@ describe User do ...@@ -1554,15 +1554,22 @@ describe User do
end end
describe '.find_by_ssh_key_id' do describe '.find_by_ssh_key_id' do
context 'using an existing SSH key ID' do let_it_be(:user) { create(:user) }
let(:user) { create(:user) } let_it_be(:key) { create(:key, user: user) }
let(:key) { create(:key, user: user) }
context 'using an existing SSH key ID' do
it 'returns the corresponding User' do it 'returns the corresponding User' do
expect(described_class.find_by_ssh_key_id(key.id)).to eq(user) expect(described_class.find_by_ssh_key_id(key.id)).to eq(user)
end end
end end
it 'only performs a single query' do
key # Don't count the queries for creating the key and user
expect { described_class.find_by_ssh_key_id(key.id) }
.not_to exceed_query_limit(1)
end
context 'using an invalid SSH key ID' do context 'using an invalid SSH key ID' do
it 'returns nil' do it 'returns nil' do
expect(described_class.find_by_ssh_key_id(-1)).to be_nil expect(described_class.find_by_ssh_key_id(-1)).to be_nil
......
...@@ -237,14 +237,6 @@ describe API::Internal::Base do ...@@ -237,14 +237,6 @@ describe API::Internal::Base do
expect(json_response['name']).to eq(user.name) expect(json_response['name']).to eq(user.name)
end end
it "finds a user by user id" do
get(api("/internal/discover"), params: { user_id: user.id, secret_token: secret_token })
expect(response).to have_gitlab_http_status(200)
expect(json_response['name']).to eq(user.name)
end
it "finds a user by username" do it "finds a user by username" do
get(api("/internal/discover"), params: { username: user.username, secret_token: secret_token }) get(api("/internal/discover"), params: { username: user.username, secret_token: secret_token })
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment