Merge branch 'api-gpg-key-management' into 'master'

API: Add GPG key management

Closes #36926

See merge request !13828

2 files changed, 154 insertions, 0 deletions

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 0092cc14e74..031dd02c6eb 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -491,6 +491,10 @@ module API
       expose :user, using: Entities::UserPublic
     end
 
+    class GPGKey < Grape::Entity
+      expose :id, :key, :created_at
+    end
+
     class Note < Grape::Entity
       # Only Issue and MergeRequest have iid
       NOTEABLE_TYPES_WITH_IID = %w(Issue MergeRequest).freeze
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 96f47bb618a..1825c90a23b 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -233,6 +233,86 @@ module API
         destroy_conditionally!(key)
       end
 
+      desc 'Add a GPG key to a specified user. Available only for admins.' do
+        detail 'This feature was added in GitLab 10.0'
+        success Entities::GPGKey
+      end
+      params do
+        requires :id, type: Integer, desc: 'The ID of the user'
+        requires :key, type: String, desc: 'The new GPG key'
+      end
+      post ':id/gpg_keys' do
+        authenticated_as_admin!
+
+        user = User.find_by(id: params.delete(:id))
+        not_found!('User') unless user
+
+        key = user.gpg_keys.new(declared_params(include_missing: false))
+
+        if key.save
+          present key, with: Entities::GPGKey
+        else
+          render_validation_error!(key)
+        end
+      end
+
+      desc 'Get the GPG keys of a specified user. Available only for admins.' do
+        detail 'This feature was added in GitLab 10.0'
+        success Entities::GPGKey
+      end
+      params do
+        requires :id, type: Integer, desc: 'The ID of the user'
+        use :pagination
+      end
+      get ':id/gpg_keys' do
+        authenticated_as_admin!
+
+        user = User.find_by(id: params[:id])
+        not_found!('User') unless user
+
+        present paginate(user.gpg_keys), with: Entities::GPGKey
+      end
+
+      desc 'Delete an existing GPG key from a specified user. Available only for admins.' do
+        detail 'This feature was added in GitLab 10.0'
+      end
+      params do
+        requires :id, type: Integer, desc: 'The ID of the user'
+        requires :key_id, type: Integer, desc: 'The ID of the GPG key'
+      end
+      delete ':id/gpg_keys/:key_id' do
+        authenticated_as_admin!
+
+        user = User.find_by(id: params[:id])
+        not_found!('User') unless user
+
+        key = user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+
+        status 204
+        key.destroy
+      end
+
+      desc 'Revokes an existing GPG key from a specified user. Available only for admins.' do
+        detail 'This feature was added in GitLab 10.0'
+      end
+      params do
+        requires :id, type: Integer, desc: 'The ID of the user'
+        requires :key_id, type: Integer, desc: 'The ID of the GPG key'
+      end
+      post ':id/gpg_keys/:key_id/revoke' do
+        authenticated_as_admin!
+
+        user = User.find_by(id: params[:id])
+        not_found!('User') unless user
+
+        key = user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+
+        key.revoke
+        status :accepted
+      end
+
       desc 'Add an email address to a specified user. Available only for admins.' do
         success Entities::Email
       end
@@ -492,6 +572,76 @@ module API
         destroy_conditionally!(key)
       end
 
+      desc "Get the currently authenticated user's GPG keys" do
+        detail 'This feature was added in GitLab 10.0'
+        success Entities::GPGKey
+      end
+      params do
+        use :pagination
+      end
+      get 'gpg_keys' do
+        present paginate(current_user.gpg_keys), with: Entities::GPGKey
+      end
+
+      desc 'Get a single GPG key owned by currently authenticated user' do
+        detail 'This feature was added in GitLab 10.0'
+        success Entities::GPGKey
+      end
+      params do
+        requires :key_id, type: Integer, desc: 'The ID of the GPG key'
+      end
+      get 'gpg_keys/:key_id' do
+        key = current_user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+
+        present key, with: Entities::GPGKey
+      end
+
+      desc 'Add a new GPG key to the currently authenticated user' do
+        detail 'This feature was added in GitLab 10.0'
+        success Entities::GPGKey
+      end
+      params do
+        requires :key, type: String, desc: 'The new GPG key'
+      end
+      post 'gpg_keys' do
+        key = current_user.gpg_keys.new(declared_params)
+
+        if key.save
+          present key, with: Entities::GPGKey
+        else
+          render_validation_error!(key)
+        end
+      end
+
+      desc 'Revoke a GPG key owned by currently authenticated user' do
+        detail 'This feature was added in GitLab 10.0'
+      end
+      params do
+        requires :key_id, type: Integer, desc: 'The ID of the GPG key'
+      end
+      post 'gpg_keys/:key_id/revoke' do
+        key = current_user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+
+        key.revoke
+        status :accepted
+      end
+
+      desc 'Delete a GPG key from the currently authenticated user' do
+        detail 'This feature was added in GitLab 10.0'
+      end
+      params do
+        requires :key_id, type: Integer, desc: 'The ID of the SSH key'
+      end
+      delete 'gpg_keys/:key_id' do
+        key = current_user.gpg_keys.find_by(id: params[:key_id])
+        not_found!('GPG Key') unless key
+
+        status 204
+        key.destroy
+      end
+
       desc "Get the currently authenticated user's email addresses" do
         success Entities::Email
       end