On Tue, 2017-12-19 at 16:41 +1100, Andrew Donnellan wrote:
In profile.html, if settings.ENABLE_REST_API == False, trying to render a link to the generate_token page will raise a NoReverseMatch exception, so we shouldn't render that. In any case, if the REST API is disabled, we really shouldn't render the API token section of the page at all.
Only render the API token and generation link if settings.ENABLE_REST_API is True.
Cc: stable Reported-by: Tomas Novotny tomas@novotny.cz Closes: #138 ("NoReverseMatch exception on user login with disabled REST API") Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens") Signed-off-by: Andrew Donnellan andrew.donnellan@au1.ibm.com
Looks good to me. Merged and backported to 'stable/2.0'.
Reviewed-by: Stephen Finucane stephen@that.guru