Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of the ssh-key. Deploy keys per repository can also be searched. There is no current clear API point to allow search of all deploy keys by fingerprint or keyID. Signed-off-by: Andrew Thornton <[email protected]>
go-gitea · techknowlogick · Nov 1, 2018 · Sep 19, 2018 · Sep 19, 2018 · Sep 29, 2018
commit 6bd8fb17a4f6faf3338f354d8e52bb325ad5dd04
diff --git a/models/ssh_key.go b/models/ssh_key.go
@@ -24,6 +24,7 @@ import (
  "code.gitea.io/gitea/modules/util"
 
  "github.com/Unknwon/com"
+ "github.com/go-xorm/builder"
  "github.com/go-xorm/xorm"
  "golang.org/x/crypto/ssh"
 )
@@ -465,6 +466,19 @@ func SearchPublicKeyByContent(content string) (*PublicKey, error) {
  return key, nil
 }
 
+// SearchPublicKey returns a list of public keys matching the provided arguments.
+func SearchPublicKey(uid int64, fingerprint string) ([]*PublicKey, error) {
+ keys := make([]*PublicKey, 0, 5)
+ cond := builder.NewCond()
+ if uid != 0 {
+ cond = cond.And(builder.Eq{"owner_id": uid})
+ }
+ if fingerprint != "" {
+ cond = cond.And(builder.Eq{"fingerprint": fingerprint})
+ }
+ return keys, x.Where(cond).Find(&keys)
+}
+
 // ListPublicKeys returns a list of public keys belongs to given user.
 func ListPublicKeys(uid int64) ([]*PublicKey, error) {
  keys := make([]*PublicKey, 0, 5)
@@ -833,3 +847,19 @@ func ListDeployKeys(repoID int64) ([]*DeployKey, error) {
  Where("repo_id = ?", repoID).
  Find(&keys)
 }
+
+// SearchDeployKeys returns a list of deploy keys matching the provided arguments.
+func SearchDeployKeys(repoID int64, keyID int64, fingerprint string) ([]*DeployKey, error) {
+ keys := make([]*DeployKey, 0, 5)
+ cond := builder.NewCond()
+ if repoID != 0 {
+ cond = cond.And(builder.Eq{"repo_id": repoID})
+ }
+ if keyID != 0 {
+ cond = cond.And(builder.Eq{"key_id": keyID})
+ }
+ if fingerprint != "" {
+ cond = cond.And(builder.Eq{"fingerprint": fingerprint})
+ }
+ return keys, x.Where(cond).Find(&keys)
+}
diff --git a/routers/api/v1/repo/key.go b/routers/api/v1/repo/key.go
@@ -52,10 +52,28 @@ func ListDeployKeys(ctx *context.APIContext) {
  // description: name of the repo
  // type: string
  // required: true
+ // - name: key_id
+ // in: query
+ // description: the key_id to search for
+ // type: integer
+ // - name: fingerprint
+ // in: query
+ // description: fingerprint of the key
+ // type: string
  // responses:
  // "200":
  // "$ref": "#/responses/DeployKeyList"
- keys, err := models.ListDeployKeys(ctx.Repo.Repository.ID)
+ var keys []*models.DeployKey
+ var err error
+
+ fingerprint := ctx.Query("fingerprint")
+ keyID := ctx.QueryInt64("key_id")
+ if fingerprint != "" || keyID != 0 {
+ keys, err = models.SearchDeployKeys(ctx.Repo.Repository.ID, keyID, fingerprint)
+ } else {
+ keys, err = models.ListDeployKeys(ctx.Repo.Repository.ID)
+ }
+
  if err != nil {
  ctx.Error(500, "ListDeployKeys", err)
  return

diff --git a/routers/api/v1/user/key.go b/routers/api/v1/user/key.go
@@ -61,7 +61,25 @@ func composePublicKeysAPILink() string {
 }
 
 func listPublicKeys(ctx *context.APIContext, user *models.User) {
- keys, err := models.ListPublicKeys(user.ID)
+ var keys []*models.PublicKey
+ var err error
+
+ fingerprint := ctx.Query("fingerprint")
+ username := ctx.Params("username")
+
+ if fingerprint != "" {
+ // Querying not just listing
+ if username != "" {
+ // Restrict to provided uid
+ keys, err = models.SearchPublicKey(user.ID, fingerprint)
+ } else {
+ // Unrestricted
+ keys, err = models.SearchPublicKey(0, fingerprint)
+ }
+ } else {
+ // Use ListPublicKeys
+ keys, err = models.ListPublicKeys(user.ID)
+ }
 
  if err != nil {
  ctx.Error(500, "ListPublicKeys", err)
@@ -85,6 +103,11 @@ func ListMyPublicKeys(ctx *context.APIContext) {
  // swagger:operation GET /user/keys user userCurrentListKeys
  // ---
  // summary: List the authenticated user's public keys
+ // parameters:
+ // - name: fingerprint
+ // in: query
+ // description: fingerprint of the key
+ // type: string
  // produces:
  // - application/json
  // responses:
@@ -106,6 +129,10 @@ func ListPublicKeys(ctx *context.APIContext) {
  // description: username of user
  // type: string
  // required: true
+ // - name: fingerprint
+ // in: query
+ // description: fingerprint of the key
+ // type: string
  // responses:
  // "200":
  // "$ref": "#/responses/PublicKeyList"

diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
@@ -2682,6 +2682,18 @@
  "name": "repo",
  "in": "path",
  "required": true
+ },
+ {
+ "type": "integer",
+ "description": "the key_id to search for",
+ "name": "key_id",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "fingerprint of the key",
+ "name": "fingerprint",
+ "in": "query"
  }
  ],
  "responses": {
@@ -4976,6 +4988,14 @@
  ],
  "summary": "List the authenticated user's public keys",
  "operationId": "userCurrentListKeys",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "fingerprint of the key",
+ "name": "fingerprint",
+ "in": "query"
+ }
+ ],
  "responses": {
  "200": {
  "$ref": "#/responses/PublicKeyList"
@@ -5540,6 +5560,12 @@
  "name": "username",
  "in": "path",
  "required": true
+ },
+ {
+ "type": "string",
+ "description": "fingerprint of the key",
+ "name": "fingerprint",
+ "in": "query"
  }
  ],
  "responses": {