From c08f02ab7f2e52629dc419281a9dbaf75dc242c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C4=93teris=20Caune?= <cuu508@gmail.com>
Date: Thu, 17 Jan 2019 16:26:45 +0200
Subject: [PATCH] Drop Profile.api_key and Profile.api_key_readonly (both are
 stored with Project now)

---
 .../migrations/0023_auto_20190117_1419.py     | 25 +++++++++++++++++++
 hc/accounts/models.py                         | 14 ++++-------
 hc/accounts/tests/test_profile.py             | 16 ++++--------
 hc/accounts/views.py                          | 10 +-------
 hc/api/decorators.py                          |  1 -
 hc/api/tests/test_create_check.py             |  4 +--
 hc/test.py                                    |  2 +-
 7 files changed, 39 insertions(+), 33 deletions(-)
 create mode 100644 hc/accounts/migrations/0023_auto_20190117_1419.py

diff --git a/hc/accounts/migrations/0023_auto_20190117_1419.py b/hc/accounts/migrations/0023_auto_20190117_1419.py
new file mode 100644
index 00000000..26c264f0
--- /dev/null
+++ b/hc/accounts/migrations/0023_auto_20190117_1419.py
@@ -0,0 +1,25 @@
+# Generated by Django 2.1.5 on 2019-01-17 14:19
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0022_auto_20190114_0857'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key',
+        ),
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key_id',
+        ),
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key_readonly',
+        ),
+    ]
diff --git a/hc/accounts/models.py b/hc/accounts/models.py
index 6fc987aa..b605a431 100644
--- a/hc/accounts/models.py
+++ b/hc/accounts/models.py
@@ -51,9 +51,6 @@ class Profile(models.Model):
     ping_log_limit = models.IntegerField(default=100)
     check_limit = models.IntegerField(default=20)
     token = models.CharField(max_length=128, blank=True)
-    api_key_id = models.CharField(max_length=128, blank=True)
-    api_key = models.CharField(max_length=128, blank=True)
-    api_key_readonly = models.CharField(max_length=128, blank=True)
     current_team = models.ForeignKey("self", models.SET_NULL, null=True)
     current_project = models.ForeignKey("Project", models.SET_NULL, null=True)
     last_sms_date = models.DateTimeField(null=True, blank=True)
@@ -123,12 +120,6 @@ class Profile(models.Model):
         }
         emails.change_email(self.user.email, ctx)
 
-    def set_api_keys(self, key_id=""):
-        self.api_key_id = key_id
-        self.api_key = urlsafe_b64encode(os.urandom(24)).decode()
-        self.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode()
-        self.save()
-
     def checks_from_all_projects(self):
         """ Return a queryset of checks from projects we have access to. """
 
@@ -251,6 +242,11 @@ class Project(models.Model):
         num_used = Check.objects.filter(project__owner=self.owner).count()
         return self.owner_profile.check_limit - num_used
 
+    def set_api_keys(self):
+        self.api_key = urlsafe_b64encode(os.urandom(24)).decode()
+        self.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode()
+        self.save()
+
     def set_next_nag_date(self):
         """ Set next_nag_date on profiles of all members of this project. """
 
diff --git a/hc/accounts/tests/test_profile.py b/hc/accounts/tests/test_profile.py
index cb393d25..cd19eb96 100644
--- a/hc/accounts/tests/test_profile.py
+++ b/hc/accounts/tests/test_profile.py
@@ -47,17 +47,14 @@ class ProfileTestCase(BaseTestCase):
         r = self.client.post("/accounts/profile/", form)
         self.assertEqual(r.status_code, 200)
 
-        self.profile.refresh_from_db()
-        api_key = self.profile.api_key
+        self.project.refresh_from_db()
+        api_key = self.project.api_key
         self.assertTrue(len(api_key) > 10)
         self.assertFalse("b'" in api_key)
 
-        self.project.refresh_from_db()
-        self.assertEqual(self.project.api_key, api_key)
-
     def test_it_revokes_api_key(self):
-        self.profile.api_key_readonly = "R" * 32
-        self.profile.save()
+        self.project.api_key_readonly = "R" * 32
+        self.project.save()
 
         self.client.login(username="alice@example.org", password="password")
 
@@ -65,12 +62,9 @@ class ProfileTestCase(BaseTestCase):
         r = self.client.post("/accounts/profile/", form)
         assert r.status_code == 200
 
-        self.profile.refresh_from_db()
-        self.assertEqual(self.profile.api_key, "")
-        self.assertEqual(self.profile.api_key_readonly, "")
-
         self.project.refresh_from_db()
         self.assertEqual(self.project.api_key, "")
+        self.assertEqual(self.project.api_key_readonly, "")
 
     def test_it_sends_report(self):
         check = Check(name="Test Check", user=self.alice, project=self.project)
diff --git a/hc/accounts/views.py b/hc/accounts/views.py
index 84366b90..195814b8 100644
--- a/hc/accounts/views.py
+++ b/hc/accounts/views.py
@@ -209,21 +209,13 @@ def profile(request):
             profile.send_set_password_link()
             return redirect("hc-link-sent")
         elif "create_api_keys" in request.POST:
-            profile.set_api_keys()
-
-            project.api_key = profile.api_key
-            project.api_key_readonly = profile.api_key_readonly
+            project.set_api_keys()
             project.save()
 
             ctx["show_api_keys"] = True
             ctx["api_keys_created"] = True
             ctx["api_status"] = "success"
         elif "revoke_api_keys" in request.POST:
-            profile.api_key_id = ""
-            profile.api_key = ""
-            profile.api_key_readonly = ""
-            profile.save()
-
             project.api_key = ""
             project.api_key_readonly = ""
             project.save()
diff --git a/hc/api/decorators.py b/hc/api/decorators.py
index 67e2a358..939e1056 100644
--- a/hc/api/decorators.py
+++ b/hc/api/decorators.py
@@ -1,7 +1,6 @@
 import json
 from functools import wraps
 
-from django.contrib.auth.models import User
 from django.db.models import Q
 from django.http import HttpResponse, JsonResponse
 from hc.accounts.models import Project
diff --git a/hc/api/tests/test_create_check.py b/hc/api/tests/test_create_check.py
index cdd89ea6..992795d2 100644
--- a/hc/api/tests/test_create_check.py
+++ b/hc/api/tests/test_create_check.py
@@ -207,8 +207,8 @@ class CreateCheckTestCase(BaseTestCase):
         self.assertEqual(r.status_code, 403)
 
     def test_readonly_key_does_not_work(self):
-        self.profile.api_key_readonly = "R" * 32
-        self.profile.save()
+        self.project.api_key_readonly = "R" * 32
+        self.project.save()
 
         r = self.post({"api_key": "R" * 32, "name": "Foo"})
         self.assertEqual(r.status_code, 401)
diff --git a/hc/test.py b/hc/test.py
index eb8db788..d3318b84 100644
--- a/hc/test.py
+++ b/hc/test.py
@@ -18,7 +18,7 @@ class BaseTestCase(TestCase):
         self.project.badge_key = self.alice.username
         self.project.save()
 
-        self.profile = Profile(user=self.alice, api_key="X" * 32)
+        self.profile = Profile(user=self.alice)
         self.profile.sms_limit = 50
         self.profile.current_project = self.project
         self.profile.save()