Delete ssh keys shouldn't be a POST & Cleanup routes (#1934)

2025-12-08 15:40:18 +01:00 · 2025-11-27 15:26:47 +00:00 · 2025-11-27 15:26:47 +00:00 · d0af45a0c7
commit d0af45a0c7
parent 78ab098d02
3 changed files with 23 additions and 32 deletions
--- a/app/Http/Controllers/Api/Client/SSHKeyController.php
+++ b/app/Http/Controllers/Api/Client/SSHKeyController.php
@ -55,23 +55,19 @@ class SSHKeyController extends ClientApiController
     *
     * Deletes an SSH key from the user's account.
     */
-    public function delete(ClientApiRequest $request): JsonResponse
+    public function delete(ClientApiRequest $request, string $fingerprint): JsonResponse
    {
-        $request->validate(['fingerprint' => ['required', 'string']]);
-
-        /** @var ?UserSSHKey $key */
+        /** @var UserSSHKey $key */
        $key = $request->user()->sshKeys()
-            ->where('fingerprint', $request->input('fingerprint'))
-            ->first();
+            ->where('fingerprint', $fingerprint)
+            ->firstOrFail();

-        if (!is_null($key)) {
-            $key->delete();
+        Activity::event('user:ssh-key.delete')
+            ->subject($key)
+            ->property('fingerprint', $key->fingerprint)
+            ->log();

-            Activity::event('user:ssh-key.delete')
-                ->subject($key)
-                ->property('fingerprint', $key->fingerprint)
-                ->log();
-        }
+        $key->delete();

        return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
    }
--- a/routes/api-client.php
+++ b/routes/api-client.php
@ -27,14 +27,16 @@ Route::prefix('/account')->middleware(AccountSubject::class)->group(function ()

    Route::get('/activity', Client\ActivityLogController::class)->name('api:client.account.activity');

-    Route::get('/api-keys', [Client\ApiKeyController::class, 'index']);
-    Route::post('/api-keys', [Client\ApiKeyController::class, 'store']);
-    Route::delete('/api-keys/{identifier}', [Client\ApiKeyController::class, 'delete']);
+    Route::prefix('/api-keys')->group(function () {
+        Route::get('/', [Client\ApiKeyController::class, 'index']);
+        Route::post('/', [Client\ApiKeyController::class, 'store']);
+        Route::delete('/{identifier}', [Client\ApiKeyController::class, 'delete']);
+    });

    Route::prefix('/ssh-keys')->group(function () {
        Route::get('/', [Client\SSHKeyController::class, 'index']);
        Route::post('/', [Client\SSHKeyController::class, 'store']);
-        Route::post('/remove', [Client\SSHKeyController::class, 'delete']);
+        Route::delete('/{fingerprint}', [Client\SSHKeyController::class, 'delete']);
    });
 });

@ -91,12 +93,12 @@ Route::prefix('/servers/{server:uuid}')->middleware([ServerSubject::class, Authe
        Route::delete('/{schedule}/tasks/{task}', [Client\Servers\ScheduleTaskController::class, 'delete']);
    });

-    Route::prefix('/network')->group(function () {
-        Route::get('/allocations', [Client\Servers\NetworkAllocationController::class, 'index']);
-        Route::post('/allocations', [Client\Servers\NetworkAllocationController::class, 'store']);
-        Route::post('/allocations/{allocation}', [Client\Servers\NetworkAllocationController::class, 'update']);
-        Route::post('/allocations/{allocation}/primary', [Client\Servers\NetworkAllocationController::class, 'setPrimary']);
-        Route::delete('/allocations/{allocation}', [Client\Servers\NetworkAllocationController::class, 'delete']);
+    Route::prefix('/network/allocations')->group(function () {
+        Route::get('/', [Client\Servers\NetworkAllocationController::class, 'index']);
+        Route::post('/', [Client\Servers\NetworkAllocationController::class, 'store']);
+        Route::post('/{allocation}', [Client\Servers\NetworkAllocationController::class, 'update']);
+        Route::post('/{allocation}/primary', [Client\Servers\NetworkAllocationController::class, 'setPrimary']);
+        Route::delete('/{allocation}', [Client\Servers\NetworkAllocationController::class, 'delete']);
    });

    Route::prefix('/users')->group(function () {
--- a/tests/Integration/Api/Client/SSHKeyControllerTest.php
+++ b/tests/Integration/Api/Client/SSHKeyControllerTest.php
@ -40,20 +40,13 @@ class SSHKeyControllerTest extends ClientApiIntegrationTestCase
        $key = UserSSHKey::factory()->for($user)->create();
        $key2 = UserSSHKey::factory()->for($user2)->create();

-        $endpoint = '/api/client/account/ssh-keys/remove';
-
        $this->actingAs($user);
-        $this->postJson($endpoint)
-            ->assertUnprocessable()
-            ->assertJsonPath('errors.0.meta', ['source_field' => 'fingerprint', 'rule' => 'required']);
-
-        $this->postJson($endpoint, ['fingerprint' => $key->fingerprint])->assertNoContent();
+        $this->delete('/api/client/account/ssh-keys/' . $key->fingerprint)->assertNoContent();

        $this->assertSoftDeleted($key);
        $this->assertNotSoftDeleted($key2);

-        $this->postJson($endpoint, ['fingerprint' => $key->fingerprint])->assertNoContent();
-        $this->postJson($endpoint, ['fingerprint' => $key2->fingerprint])->assertNoContent();
+        $this->delete('/api/client/account/ssh-keys/' . $key2->fingerprint)->assertNotFound();

        $this->assertNotSoftDeleted($key2);
    }