In profile.html, if settings.ENABLE_REST_API == False, trying to render a link to the generate_token page will raise a NoReverseMatch exception, so we shouldn't render that. In any case, if the REST API is disabled, we really shouldn't render the API token section of the page at all.
Only render the API token and generation link if settings.ENABLE_REST_API is True.
Cc: stable Reported-by: Tomas Novotny tomas@novotny.cz Closes: #138 ("NoReverseMatch exception on user login with disabled REST API") Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens") Signed-off-by: Andrew Donnellan andrew.donnellan@au1.ibm.com --- patchwork/templates/patchwork/profile.html | 2 ++ patchwork/views/user.py | 2 ++ 2 files changed, 4 insertions(+)
diff --git a/patchwork/templates/patchwork/profile.html b/patchwork/templates/patchwork/profile.html index 75c4f59..4ca78da 100644 --- a/patchwork/templates/patchwork/profile.html +++ b/patchwork/templates/patchwork/profile.html @@ -140,6 +140,7 @@ address.</p> <th>Password:</th> <td><a href="{% url 'password_change' %}">Change password</a> </tr> +{% if rest_api_enabled %} <tr> <th>API Token:</th> <td> @@ -162,6 +163,7 @@ address.</p> </form> </td> </tr> +{% endif %} </table> </div>
diff --git a/patchwork/views/user.py b/patchwork/views/user.py index d99fedf..693c02d 100644 --- a/patchwork/views/user.py +++ b/patchwork/views/user.py @@ -128,6 +128,8 @@ def profile(request): context['linked_emails'] = people context['linkform'] = EmailForm() context['api_token'] = request.user.profile.token + if settings.ENABLE_REST_API: + context['rest_api_enabled'] = True
return render(request, 'patchwork/profile.html', context)
On 19/12/17 16:41, Andrew Donnellan wrote:
In profile.html, if settings.ENABLE_REST_API == False, trying to render a link to the generate_token page will raise a NoReverseMatch exception, so we shouldn't render that. In any case, if the REST API is disabled, we really shouldn't render the API token section of the page at all.
Only render the API token and generation link if settings.ENABLE_REST_API is True.
Cc: stable
Gah, my git mailrc strikes again and Ccs this to stable@vger... please drop them on replies.
Sorry for the noise, kernel people!
Andrew
Reported-by: Tomas Novotny tomas@novotny.cz Closes: #138 ("NoReverseMatch exception on user login with disabled REST API") Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens") Signed-off-by: Andrew Donnellan andrew.donnellan@au1.ibm.com
patchwork/templates/patchwork/profile.html | 2 ++ patchwork/views/user.py | 2 ++ 2 files changed, 4 insertions(+)
diff --git a/patchwork/templates/patchwork/profile.html b/patchwork/templates/patchwork/profile.html index 75c4f59..4ca78da 100644 --- a/patchwork/templates/patchwork/profile.html +++ b/patchwork/templates/patchwork/profile.html @@ -140,6 +140,7 @@ address.</p> <th>Password:</th> <td><a href="{% url 'password_change' %}">Change password</a>
</tr> +{% if rest_api_enabled %} <tr> <th>API Token:</th> <td> @@ -162,6 +163,7 @@ address.</p> </form> </td> </tr> +{% endif %} </table> </div> diff --git a/patchwork/views/user.py b/patchwork/views/user.py index d99fedf..693c02d 100644 --- a/patchwork/views/user.py +++ b/patchwork/views/user.py @@ -128,6 +128,8 @@ def profile(request): context['linked_emails'] = people context['linkform'] = EmailForm() context['api_token'] = request.user.profile.token + if settings.ENABLE_REST_API: + context['rest_api_enabled'] = True return render(request, 'patchwork/profile.html', context)
On Tue, 2017-12-19 at 16:41 +1100, Andrew Donnellan wrote:
In profile.html, if settings.ENABLE_REST_API == False, trying to render a link to the generate_token page will raise a NoReverseMatch exception, so we shouldn't render that. In any case, if the REST API is disabled, we really shouldn't render the API token section of the page at all.
Only render the API token and generation link if settings.ENABLE_REST_API is True.
Cc: stable Reported-by: Tomas Novotny tomas@novotny.cz Closes: #138 ("NoReverseMatch exception on user login with disabled REST API") Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens") Signed-off-by: Andrew Donnellan andrew.donnellan@au1.ibm.com
Looks good to me. Merged and backported to 'stable/2.0'.
Reviewed-by: Stephen Finucane stephen@that.guru
linux-stable-mirror@lists.linaro.org