5 files changed, 58 insertions, 22 deletions

diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb
index 83d5ced9be8..ade2c54552b 100644
--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
@@ -12,8 +12,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
   end
 
   def new
-    redirect_to namespace_project_deploy_keys_path(@project.namespace,
-                                                   @project)
+    redirect_to namespace_project_deploy_keys_path(@project.namespace, @project)
   end
 
   def create
@@ -21,19 +20,16 @@ class Projects::DeployKeysController < Projects::ApplicationController
     set_index_vars
 
     if @key.valid? && @project.deploy_keys << @key
-      redirect_to namespace_project_deploy_keys_path(@project.namespace,
-                                                     @project)
+      redirect_to namespace_project_deploy_keys_path(@project.namespace, @project)
     else
       render "index"
     end
   end
 
   def enable
-    @key = accessible_keys.find(params[:id])
-    @project.deploy_keys << @key
+    EnableDeployKeyService.new(@project, current_user, params).execute
 
-    redirect_to namespace_project_deploy_keys_path(@project.namespace,
-                                                   @project)
+    redirect_to namespace_project_deploy_keys_path(@project.namespace, @project)
   end
 
   def disable
@@ -45,9 +41,9 @@ class Projects::DeployKeysController < Projects::ApplicationController
   protected
 
   def set_index_vars
-    @enabled_keys ||= @project.deploy_keys
+    @enabled_keys           ||= @project.deploy_keys
 
-    @available_keys         ||= accessible_keys - @enabled_keys
+    @available_keys         ||= current_user.accessible_deploy_keys - @enabled_keys
     @available_project_keys ||= current_user.project_deploy_keys - @enabled_keys
     @available_public_keys  ||= DeployKey.are_public - @enabled_keys
 
@@ -56,10 +52,6 @@ class Projects::DeployKeysController < Projects::ApplicationController
     @available_public_keys -= @available_project_keys
   end
 
-  def accessible_keys
-    @accessible_keys ||= current_user.accessible_deploy_keys
-  end
-
   def deploy_key_params
     params.require(:deploy_key).permit(:key, :title)
   end
diff --git a/app/services/enable_deploy_key_service.rb b/app/services/enable_deploy_key_service.rb
new file mode 100644
index 00000000000..baa4a9dd2d4
--- /dev/null
+++ b/app/services/enable_deploy_key_service.rb
@@ -0,0 +1,14 @@
+class EnableDeployKeyService < BaseService
+  def execute
+    key = accessible_keys.find_by(id: params[:key_id] || params[:id])
+
+    project.deploy_keys << key if key
+    key
+  end
+
+  private
+
+  def accessible_keys
+    current_user.accessible_deploy_keys
+  end
+end
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index 52f89373ad3..6dc9beb57ec 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -76,12 +76,12 @@ module API
           requires :key_id, type: Integer, desc: 'The ID of the deploy key'
         end
         post ":id/#{path}/:key_id/enable" do
-          key = DeployKey.find(params[:key_id])
+          key = EnableDeployKeyService.new(user_project, current_user, declared(params)).execute
 
-          if user_project.deploy_keys << key
+          if key
             present key, with: Entities::SSHKey
           else
-            render_validation_error!(key)
+            not_found!('Deploy Key')
           end
         end
 
diff --git a/spec/requests/api/deploy_keys_spec.rb b/spec/requests/api/deploy_keys_spec.rb
index 7e7a2733f3c..7d8cc45327c 100644
--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -3,11 +3,14 @@ require 'spec_helper'
 describe API::API, api: true  do
   include ApiHelpers
 
-  let(:user)    { create(:user) }
-  let(:admin)   { create(:admin) }
-  let(:project) { create(:project, creator_id: user.id) }
-  let!(:deploy_keys_project) { create(:deploy_keys_project, project: project) }
-  let(:deploy_key)  { deploy_keys_project.deploy_key }
+  let(:user)        { create(:user) }
+  let(:admin)       { create(:admin) }
+  let(:project)     { create(:project, creator_id: user.id) }
+  let(:deploy_key)  { create(:deploy_key, public: true) }
+
+  let!(:deploy_keys_project) do
+    create(:deploy_keys_project, project: project, deploy_key: deploy_key)
+  end
 
   describe 'GET /deploy_keys' do
     context 'when unauthenticated' do
diff --git a/spec/services/enable_deploy_key_service_spec.rb b/spec/services/enable_deploy_key_service_spec.rb
new file mode 100644
index 00000000000..abb5710dfc0
--- /dev/null
+++ b/spec/services/enable_deploy_key_service_spec.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+describe EnableDeployKeyService, services: true do
+  let(:deploy_key)  { create(:deploy_key, public: true) }
+  let(:project)     { create(:empty_project) }
+  let(:user)        { project.creator}
+  let!(:params)     { { key_id: deploy_key.id } }
+
+  it 'enables the key' do
+    expect do
+      service.execute
+    end.to change { project.deploy_keys.count }.from(0).to(1)
+  end
+
+  context 'trying to add an unaccessable key' do
+    let(:another_key) { create(:another_key) }
+    let!(:params)     { { key_id: another_key.id } }
+
+    it 'returns nil if the key cannot be added' do
+      expect(service.execute).to be nil
+    end
+  end
+
+  def service
+    EnableDeployKeyService.new(project, user, params)
+  end
+end