In profile.html, if settings.ENABLE_REST_API == False, trying to render a link to the generate_token page will raise a NoReverseMatch exception, so we shouldn't render that. In any case, if the REST API is disabled, we really shouldn't render the API token section of the page at all.
Only render the API token and generation link if settings.ENABLE_REST_API is True.
Cc: stable Reported-by: Tomas Novotny tomas@novotny.cz Closes: #138 ("NoReverseMatch exception on user login with disabled REST API") Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens") Signed-off-by: Andrew Donnellan andrew.donnellan@au1.ibm.com --- patchwork/templates/patchwork/profile.html | 2 ++ patchwork/views/user.py | 2 ++ 2 files changed, 4 insertions(+)
diff --git a/patchwork/templates/patchwork/profile.html b/patchwork/templates/patchwork/profile.html index 75c4f59..4ca78da 100644 --- a/patchwork/templates/patchwork/profile.html +++ b/patchwork/templates/patchwork/profile.html @@ -140,6 +140,7 @@ address.</p> <th>Password:</th> <td><a href="{% url 'password_change' %}">Change password</a> </tr> +{% if rest_api_enabled %} <tr> <th>API Token:</th> <td> @@ -162,6 +163,7 @@ address.</p> </form> </td> </tr> +{% endif %} </table> </div>
diff --git a/patchwork/views/user.py b/patchwork/views/user.py index d99fedf..693c02d 100644 --- a/patchwork/views/user.py +++ b/patchwork/views/user.py @@ -128,6 +128,8 @@ def profile(request): context['linked_emails'] = people context['linkform'] = EmailForm() context['api_token'] = request.user.profile.token + if settings.ENABLE_REST_API: + context['rest_api_enabled'] = True
return render(request, 'patchwork/profile.html', context)