blob: e45700783959e2fc86c02521e5303c663a6fa49c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# frozen_string_literal: true
module Groups
module SshCertificates
class CreateService
def initialize(group, params, current_user)
@group = group
@params = params
@current_user = current_user
end
def execute
key = params[:key]
fingerprint = generate_fingerprint(key)
return ServiceResponse.error(message: 'Group', reason: :forbidden) if group.has_parent?
# return a key error instead of fingerprint error, as the user has no knowledge of fingerprint.
unless fingerprint
return ServiceResponse.error(message: 'Validation failed: Invalid key',
reason: :unprocessable_entity)
end
result = group.ssh_certificates.create!(
key: key,
title: params[:title],
fingerprint: fingerprint
)
# title and key attributes are returned as [FILTERED]
# by config/application.rb#L181-233
# make attributes unfiltered by running find
ssh_certificate = group.ssh_certificates.find(result.id)
ServiceResponse.success(payload: ssh_certificate)
rescue ActiveRecord::RecordInvalid, ArgumentError => e
ServiceResponse.error(
message: e.message,
reason: :unprocessable_entity
)
end
private
attr_reader :group, :params, :current_user
def generate_fingerprint(key)
Gitlab::SSHPublicKey.new(key).fingerprint_sha256&.delete_prefix('SHA256:')
end
end
end
end
Groups::SshCertificates::CreateService.prepend_mod_with('Groups::SshCertificates::CreateService')
|