3 files changed, 34 insertions, 12 deletions

diff --git a/models/error.go b/models/error.go
index 561252e8..54d32d15 100644
--- a/models/error.go
+++ b/models/error.go
@@ -528,3 +528,23 @@ func IsErrAttachmentNotExist(err error) bool {
 func (err ErrAttachmentNotExist) Error() string {
 	return fmt.Sprintf("attachment does not exist [id: %d, uuid: %s]", err.ID, err.UUID)
 }
+
+//    _____          __  .__                   __  .__               __  .__
+//   /  _  \  __ ___/  |_|  |__   ____   _____/  |_|__| ____ _____ _/  |_|__| ____   ____
+//  /  /_\  \|  |  \   __\  |  \_/ __ \ /    \   __\  |/ ___\\__  \\   __\  |/  _ \ /    \
+// /    |    \  |  /|  | |   Y  \  ___/|   |  \  | |  \  \___ / __ \|  | |  (  <_> )   |  \
+// \____|__  /____/ |__| |___|  /\___  >___|  /__| |__|\___  >____  /__| |__|\____/|___|  /
+//         \/                 \/     \/     \/             \/     \/                    \/
+
+type ErrAuthenticationNotExist struct {
+	ID int64
+}
+
+func IsErrAuthenticationNotExist(err error) bool {
+	_, ok := err.(ErrAuthenticationNotExist)
+	return ok
+}
+
+func (err ErrAuthenticationNotExist) Error() string {
+	return fmt.Sprintf("Authentication does not exist [id: %d]", err.ID)
+}
diff --git a/models/login.go b/models/login.go
index 1ec5309d..5e260106 100644
--- a/models/login.go
+++ b/models/login.go
@@ -36,7 +36,6 @@ const (
 
 var (
 	ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")
-	ErrAuthenticationNotExist     = errors.New("Authentication does not exist")
 	ErrAuthenticationUserUsed     = errors.New("Authentication has been used by some users")
 )
 
@@ -191,13 +190,14 @@ func LoginSources() ([]*LoginSource, error) {
 	return auths, x.Find(&auths)
 }
 
+// GetLoginSourceByID returns login source by given ID.
 func GetLoginSourceByID(id int64) (*LoginSource, error) {
 	source := new(LoginSource)
 	has, err := x.Id(id).Get(source)
 	if err != nil {
 		return nil, err
 	} else if !has {
-		return nil, ErrAuthenticationNotExist
+		return nil, ErrAuthenticationNotExist{id}
 	}
 	return source, nil
 }
diff --git a/models/publickey.go b/models/publickey.go
index ac0ec71f..68389478 100644
--- a/models/publickey.go
+++ b/models/publickey.go
@@ -460,7 +460,7 @@ func DeletePublicKey(doer *User, id int64) (err error) {
 	}
 
 	// Check if user has access to delete this key.
-	if doer.Id != key.OwnerID {
+	if !doer.IsAdmin && doer.Id != key.OwnerID {
 		return ErrKeyAccessDenied{doer.Id, key.ID, "public"}
 	}
 
@@ -672,15 +672,17 @@ func DeleteDeployKey(doer *User, id int64) error {
 	}
 
 	// Check if user has access to delete this key.
-	repo, err := GetRepositoryByID(key.RepoID)
-	if err != nil {
-		return fmt.Errorf("GetRepositoryByID: %v", err)
-	}
-	yes, err := HasAccess(doer, repo, ACCESS_MODE_ADMIN)
-	if err != nil {
-		return fmt.Errorf("HasAccess: %v", err)
-	} else if !yes {
-		return ErrKeyAccessDenied{doer.Id, key.ID, "deploy"}
+	if !doer.IsAdmin {
+		repo, err := GetRepositoryByID(key.RepoID)
+		if err != nil {
+			return fmt.Errorf("GetRepositoryByID: %v", err)
+		}
+		yes, err := HasAccess(doer, repo, ACCESS_MODE_ADMIN)
+		if err != nil {
+			return fmt.Errorf("HasAccess: %v", err)
+		} else if !yes {
+			return ErrKeyAccessDenied{doer.Id, key.ID, "deploy"}
+		}
 	}
 
 	sess := x.NewSession()