Prepare for the removal of Profile.api_key

hc/accounts/management/commands/createreadonlykeys.py

@@ -1,20 +0,0 @@
-from base64 import urlsafe_b64encode
-import os
-
-from django.core.management.base import BaseCommand
-
-from hc.accounts.models import Profile
-
-
-class Command(BaseCommand):
-    help = """Create read-only API keys."""
-
-    def handle(self, *args, **options):
-        c = 0
-        q = Profile.objects.filter(api_key_readonly="").exclude(api_key="")
-        for profile in q:
-            profile.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode()
-            profile.save()
-            c += 1
-
-        return "Done! Generated %d readonly keys." % c

hc/accounts/tests/test_profile.py

@@ -27,6 +27,19 @@ class ProfileTestCase(BaseTestCase):
         expected_subject = "Set password on %s" % settings.SITE_NAME
         self.assertEqual(mail.outbox[0].subject, expected_subject)
 
+    def test_it_shows_api_keys(self):
+        self.project.api_key_readonly = "R" * 32
+        self.project.save()
+
+        self.client.login(username="alice@example.org", password="password")
+
+        form = {"show_api_keys": "1"}
+        r = self.client.post("/accounts/profile/", form)
+        self.assertEqual(r.status_code, 200)
+
+        self.assertContains(r, "X" * 32)
+        self.assertContains(r, "R" * 32)
+
     def test_it_creates_api_key(self):
         self.client.login(username="alice@example.org", password="password")
 

hc/accounts/views.py

@@ -190,10 +190,12 @@ def check_token(request, username, token):
 def profile(request):
     _ensure_own_team(request)
     profile = request.profile
+    project = profile.get_own_project()
 
     ctx = {
         "page": "profile",
         "profile": profile,
+        "project": project,
         "show_api_keys": False,
         "api_status": "default",
         "team_status": "default"
@@ -209,10 +211,9 @@ def profile(request):
         elif "create_api_keys" in request.POST:
             profile.set_api_keys()
 
-            for project in request.user.project_set.all():
-                project.api_key = profile.api_key
-                project.api_key_readonly = profile.api_key_readonly
-                project.save()
+            project.api_key = profile.api_key
+            project.api_key_readonly = profile.api_key_readonly
+            project.save()
 
             ctx["show_api_keys"] = True
             ctx["api_keys_created"] = True
@@ -223,10 +224,9 @@ def profile(request):
             profile.api_key_readonly = ""
             profile.save()
 
-            for project in request.user.project_set.all():
-                project.api_key = ""
-                project.api_key_readonly = ""
-                project.save()
+            project.api_key = ""
+            project.api_key_readonly = ""
+            project.save()
 
             ctx["api_keys_revoked"] = True
             ctx["api_status"] = "info"

templates/accounts/profile.html

@@ -60,16 +60,16 @@
         <div class="panel panel-{{ api_status }}">
             <div class="panel-body settings-block">
                 <h2>API Access</h2>
-                {% if profile.api_key %}
+                {% if project.api_key %}
                     {% if show_api_keys %}
                         <p>
                             API key: <br />
-                            <code>{{ profile.api_key }}</code>
+                            <code>{{ project.api_key }}</code>
                         </p>
-                        {% if profile.api_key_readonly %}
+                        {% if project.api_key_readonly %}
                         <p>
                             API key (read-only): <br />
-                            <code>{{ profile.api_key_readonly }}</code>
+                            <code>{{ project.api_key_readonly }}</code>
                         </p>
                         {% endif %}
                         <button