Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Delete a user's public key via admin api (closes #3014) #3059

Merged
merged 8 commits into from
Dec 6, 2017

Conversation

vtemian
Copy link
Contributor

@vtemian vtemian commented Dec 2, 2017

Let admin delete a user's key via API

@vtemian vtemian changed the title Delete a user's public key via admin api Delete a user's public key via admin api (closes #3014) Dec 2, 2017
@codecov-io
Copy link

codecov-io commented Dec 2, 2017

Codecov Report

Merging #3059 into master will increase coverage by 0.44%.
The diff coverage is 74%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #3059      +/-   ##
==========================================
+ Coverage   33.63%   34.07%   +0.44%     
==========================================
  Files         273      273              
  Lines       39954    39998      +44     
==========================================
+ Hits        13437    13629     +192     
+ Misses      24610    24429     -181     
- Partials     1907     1940      +33
Impacted Files Coverage Δ
routers/api/v1/user/key.go 8.33% <0%> (+4.76%) ⬆️
models/ssh_key.go 32.66% <100%> (+20.22%) ⬆️
routers/api/v1/api.go 76.34% <100%> (+1.34%) ⬆️
routers/api/v1/admin/user.go 23.3% <80%> (+23.3%) ⬆️
models/repo_indexer.go 51.98% <0%> (-1%) ⬇️
models/error.go 33.63% <0%> (+0.91%) ⬆️
modules/process/manager.go 81.15% <0%> (+4.34%) ⬆️
routers/api/v1/convert/convert.go 67.8% <0%> (+6.16%) ⬆️
... and 2 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c7fb6e3...6bf1fbf. Read the comment docs.

@tboerger tboerger added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 2, 2017
@lunny lunny added this to the 1.4.0 milestone Dec 2, 2017
@lunny lunny added the modifies/api This PR adds API routes or modifies them label Dec 2, 2017
@vtemian vtemian force-pushed the delete-user-key-as-admin-3014 branch from f3bea44 to 7d646ed Compare December 2, 2017 13:24
@lafriks
Copy link
Member

lafriks commented Dec 2, 2017

Can you also add test that adds and later deletes that key?
Also test for deleting not existing key and test deleting key with user that does not have rights to do that would be great

@vtemian
Copy link
Contributor Author

vtemian commented Dec 2, 2017

@lafriks done!

Copy link
Member

@ethantkoenig ethantkoenig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly looks good, just a few comments

// - name: id
// in: path
// description: key's id to delete
// type: string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

type: integer

// required: true
// - name: id
// in: path
// description: key's id to delete
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: "id of the key to delete"

func DeleteUserPublicKey(ctx *context.APIContext) {
// swagger:operation DELETE /admin/users/{username}/keys/{id} admin adminDeleteUserPublicKey
// ---
// summary: Delete a user's public key on behalf of a user
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: "Delete a user's public key". Don't need to repeat "user" twice.

return
}

if _, err := models.GetPublicKeyByID(ctx.ParamsInt64(":id")); err != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be nice if we didn't have to call GetPublicKeyByID before calling DeletePublicKey, since DeletePublicKey already calls GetPublicKeyByID. Perhaps it's worthwhile to have DeletePublicKey return a ErrKeyNotExist when you try to delete a non-existent key?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeap, I wanted to do that, but my concern was that right now DeletePublicKey returns nil if it encounters an ErrKeyNotExist error and maybe, somewhere in the code, somebody is relying on that. (even though is not a sane behavior)

Is it safe to return ErrKeyNotExist ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That function is used only in one file, so additional checks for that could be added for that error

// user1 is an admin user
session := loginUser(t, "user1")

req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/99999")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: please use models.NonexistentID instead of 99999

@vtemian vtemian force-pushed the delete-user-key-as-admin-3014 branch from 565c4b7 to 0e3388f Compare December 2, 2017 18:28
@vtemian vtemian force-pushed the delete-user-key-as-admin-3014 branch from 0e3388f to 65871ea Compare December 4, 2017 08:13
@vtemian
Copy link
Contributor Author

vtemian commented Dec 4, 2017

@ethantkoenig done

@@ -36,6 +36,7 @@
],
"summary": "Create a user",
"operationId": "adminCreateUser",
"security": null,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why these changes?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've run swagger generate spec and this was the output. I didn't want to manually change it since it's easier to maintain this way.

@ethantkoenig
Copy link
Member

LGTM

@tboerger tboerger added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Dec 6, 2017
@lafriks
Copy link
Member

lafriks commented Dec 6, 2017

LGTM

@tboerger tboerger added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 6, 2017
@lafriks lafriks merged commit 469ab99 into go-gitea:master Dec 6, 2017
@go-gitea go-gitea locked and limited conversation to collaborators Nov 23, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants