Merge branch 'internal_recovery_api' into 'master'

Minor edits to two_factor_recovery_codes API error catching Minor fixes to the `two_factor_recovery_codes` internal API making the conditionals more sane. Thanks @DouweM for pointing it out. See merge request !6000
2016-09-02 14:20:07 +00:00 · 2016-09-02 14:20:07 +00:00 · 0a41b340b4
parent 5a7e027859 8b6154c145
commit 0a41b340b4
2 changed files with 11 additions and 7 deletions
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@ -105,15 +105,19 @@ module API
      post '/two_factor_recovery_codes' do
        status 200

-        key = Key.find(params[:key_id])
-        user = key.user
+        key = Key.find_by(id: params[:key_id])

-        # Make sure this isn't a deploy key
-        unless key.type.nil?
+        unless key
+          return { 'success' => false, 'message' => 'Could not find the given key' }
+        end
+
+        if key.is_a?(DeployKey)
          return { success: false, message: 'Deploy keys cannot be used to retrieve recovery codes' }
        end

-        unless user.present?
+        user = key.user
+
+        unless user
          return { success: false, message: 'Could not find a user for the given key' }
        end

--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@ -44,8 +44,8 @@ describe API::API, api: true  do
           secret_token: secret_token,
           key_id: 12345

-      expect(response).to have_http_status(404)
-      expect(json_response['message']).to eq('404 Not found')
+      expect(json_response['success']).to be_falsey
+      expect(json_response['message']).to eq('Could not find the given key')
    end

    it 'returns an error message when the key is a deploy key' do