Merge branch 'master' into feature/multi-level-container-registry-images

* master: (1327 commits)
  Merge branch 'render-json-leak' into 'security'
  Merge branch 'ssrf' into 'security'
  Merge branch 'ssrf' into 'security'
  Merge branch 'fix-links-target-blank' into 'security'
  Merge branch '28058-hide-emails-in-atom-feeds' into 'security'
  Fix karma test
  Reset filters after click
  Handle Route#name being nil after an update
  Only add frontend code coverage instrumentation when generating coverage report
  fix recompile assets step in 9.0 upgrade guide to use yarn
  Undo explicit conversion to Integer
  Make level_value accept string integers
  Make feature spec more robust
  Removed d3.js from the main application.js bundle
  Extend compound status for manual actions specs
  Update css to be nice and tidy.
  Fix pipeline status for transition between stages
  add an index to the ghost column
  Return 404 in project issues API endpoint when project cannot be found
  Improve rename projects migration
  ...

Conflicts:
	doc/ci/docker/using_docker_build.md
	spec/lib/gitlab/import_export/all_models.yml

1 files changed, 53 insertions, 0 deletions

diff --git a/lib/api/v3/users.rb b/lib/api/v3/users.rb
index e05e457a5df..14f54731730 100644
--- a/lib/api/v3/users.rb
+++ b/lib/api/v3/users.rb
@@ -71,6 +71,46 @@ module API
             user.activate
           end
         end
+
+        desc 'Get the contribution events of a specified user' do
+          detail 'This feature was introduced in GitLab 8.13.'
+          success ::API::V3::Entities::Event
+        end
+        params do
+          requires :id, type: Integer, desc: 'The ID of the user'
+          use :pagination
+        end
+        get ':id/events' do
+          user = User.find_by(id: params[:id])
+          not_found!('User') unless user
+
+          events = user.events.
+            merge(ProjectsFinder.new.execute(current_user)).
+            references(:project).
+            with_associations.
+            recent
+
+          present paginate(events), with: ::API::V3::Entities::Event
+        end
+
+        desc 'Delete an existing SSH key from a specified user. Available only for admins.' do
+          success ::API::Entities::SSHKey
+        end
+        params do
+          requires :id, type: Integer, desc: 'The ID of the user'
+          requires :key_id, type: Integer, desc: 'The ID of the SSH key'
+        end
+        delete ':id/keys/:key_id' do
+          authenticated_as_admin!
+
+          user = User.find_by(id: params[:id])
+          not_found!('User') unless user
+
+          key = user.keys.find_by(id: params[:key_id])
+          not_found!('Key') unless key
+
+          present key.destroy, with: ::API::Entities::SSHKey
+        end
       end
 
       resource :user do
@@ -90,6 +130,19 @@ module API
         get "emails" do
           present current_user.emails, with: ::API::Entities::Email
         end
+
+        desc 'Delete an SSH key from the currently authenticated user' do
+          success ::API::Entities::SSHKey
+        end
+        params do
+          requires :key_id, type: Integer, desc: 'The ID of the SSH key'
+        end
+        delete "keys/:key_id" do
+          key = current_user.keys.find_by(id: params[:key_id])
+          not_found!('Key') unless key
+
+          present key.destroy, with: ::API::Entities::SSHKey
+        end
       end
     end
   end