Add latest changes from gitlab-org/gitlab@master

2 files changed, 86 insertions, 0 deletions

diff --git a/app/services/groups/ssh_certificates/create_service.rb b/app/services/groups/ssh_certificates/create_service.rb
new file mode 100644
index 00000000000..6890901c306
--- /dev/null
+++ b/app/services/groups/ssh_certificates/create_service.rb
@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Groups
+  module SshCertificates
+    class CreateService
+      def initialize(group, params)
+        @group = group
+        @params = params
+      end
+
+      def execute
+        key = params[:key]
+        fingerprint = generate_fingerprint(key)
+
+        return ServiceResponse.error(message: 'Group', reason: :forbidden) if group.has_parent?
+
+        # return a key error instead of fingerprint error, as the user has no knowledge of fingerprint.
+        unless fingerprint
+          return ServiceResponse.error(message: 'Validation failed: Invalid key',
+            reason: :unprocessable_entity)
+        end
+
+        result = group.ssh_certificates.create!(
+          key: key,
+          title: params[:title],
+          fingerprint: fingerprint
+        )
+
+        # title and key attributes are returned as [FILTERED]
+        # by config/application.rb#L181-233
+        # make attributes unfiltered by running find
+        ssh_certificate = group.ssh_certificates.find(result.id)
+        ServiceResponse.success(payload: ssh_certificate)
+
+      rescue ActiveRecord::RecordInvalid, ArgumentError => e
+        ServiceResponse.error(
+          message: e.message,
+          reason: :unprocessable_entity
+        )
+      end
+
+      private
+
+      attr_reader :group, :params
+
+      def generate_fingerprint(key)
+        Gitlab::SSHPublicKey.new(key).fingerprint_sha256&.delete_prefix('SHA256:')
+      end
+    end
+  end
+end
diff --git a/app/services/groups/ssh_certificates/destroy_service.rb b/app/services/groups/ssh_certificates/destroy_service.rb
new file mode 100644
index 00000000000..7a450d5bee6
--- /dev/null
+++ b/app/services/groups/ssh_certificates/destroy_service.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module Groups
+  module SshCertificates
+    class DestroyService
+      def initialize(group, params)
+        @group = group
+        @params = params
+      end
+
+      def execute
+        ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id])
+
+        ssh_certificate.destroy!
+        ServiceResponse.success
+
+      rescue ActiveRecord::RecordNotFound
+        ServiceResponse.error(
+          message: 'SSH Certificate not found',
+          reason: :not_found
+        )
+
+      rescue ActiveRecord::RecordNotDestroyed
+        ServiceResponse.error(
+          message: 'SSH Certificate could not be deleted',
+          reason: :method_not_allowed
+        )
+      end
+
+      private
+
+      attr_reader :group, :params
+    end
+  end
+end