From c7bcebd56e264772a8fe177e64476ea7b2b80144 Mon Sep 17 00:00:00 2001
From: Alexander Randa <randa.alex@gmail.com>
Date: Tue, 20 Jun 2017 09:37:07 +0000
Subject: Fix edit button for deploy keys available from other projects

---
 app/controllers/projects/deploy_keys_controller.rb      |  4 ++--
 changelogs/unreleased/33878_fix_edit_deploy_key.yml     |  4 ++++
 lib/api/deploy_keys.rb                                  |  2 +-
 .../projects/settings/repository_settings_spec.rb       | 17 +++++++++++++++++
 spec/requests/api/deploy_keys_spec.rb                   | 10 ++++++++++
 5 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/33878_fix_edit_deploy_key.yml

diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb
index 7f1469e107d..c2e621fa190 100644
--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
@@ -6,7 +6,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
   before_action :authorize_admin_project!
   before_action :authorize_update_deploy_key!, only: [:edit, :update]
 
-  layout "project_settings"
+  layout 'project_settings'
 
   def index
     respond_to do |format|
@@ -66,7 +66,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
   protected
 
   def deploy_key
-    @deploy_key ||= @project.deploy_keys.find(params[:id])
+    @deploy_key ||= DeployKey.find(params[:id])
   end
 
   def create_params
diff --git a/changelogs/unreleased/33878_fix_edit_deploy_key.yml b/changelogs/unreleased/33878_fix_edit_deploy_key.yml
new file mode 100644
index 00000000000..bc47d522240
--- /dev/null
+++ b/changelogs/unreleased/33878_fix_edit_deploy_key.yml
@@ -0,0 +1,4 @@
+---
+title: Fix edit button for deploy keys available from other projects
+merge_request: 12301
+author: Alexander Randa
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index 7cdee8aced7..d5c2f3d5094 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -86,7 +86,7 @@ module API
         at_least_one_of :title, :can_push
       end
       put ":id/deploy_keys/:key_id" do
-        key = user_project.deploy_keys.find(params.delete(:key_id))
+        key = DeployKey.find(params.delete(:key_id))
 
         authorize!(:update_deploy_key, key)
 
diff --git a/spec/features/projects/settings/repository_settings_spec.rb b/spec/features/projects/settings/repository_settings_spec.rb
index 2956ef73746..35cd0d6e832 100644
--- a/spec/features/projects/settings/repository_settings_spec.rb
+++ b/spec/features/projects/settings/repository_settings_spec.rb
@@ -65,6 +65,23 @@ feature 'Repository settings', feature: true do
         expect(page).to have_content('Write access allowed')
       end
 
+      scenario 'edit a deploy key from projects user has access to' do
+        project2 = create(:project_empty_repo)
+        project2.team << [user, role]
+        project2.deploy_keys << private_deploy_key
+
+        visit namespace_project_settings_repository_path(project.namespace, project)
+
+        find('li', text: private_deploy_key.title).click_link('Edit')
+
+        fill_in 'deploy_key_title', with: 'updated_deploy_key'
+        check 'deploy_key_can_push'
+        click_button 'Save changes'
+
+        expect(page).to have_content('updated_deploy_key')
+        expect(page).to have_content('Write access allowed')
+      end
+
       scenario 'remove an existing deploy key' do
         project.deploy_keys << private_deploy_key
         visit namespace_project_settings_repository_path(project.namespace, project)
diff --git a/spec/requests/api/deploy_keys_spec.rb b/spec/requests/api/deploy_keys_spec.rb
index 9c260f88f56..32439981b60 100644
--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -160,6 +160,16 @@ describe API::DeployKeys do
       expect(json_response['title']).to eq('new title')
       expect(json_response['can_push']).to eq(true)
     end
+
+    it 'updates a private ssh key from projects user has access with correct attributes' do
+      create(:deploy_keys_project, project: project2, deploy_key: private_deploy_key)
+
+      put api("/projects/#{project.id}/deploy_keys/#{private_deploy_key.id}", admin), { title: 'new title', can_push: true }
+
+      expect(json_response['id']).to eq(private_deploy_key.id)
+      expect(json_response['title']).to eq('new title')
+      expect(json_response['can_push']).to eq(true)
+    end
   end
 
   describe 'DELETE /projects/:id/deploy_keys/:key_id' do
-- 
cgit v1.2.1