views: Don't render token section of user profile if REST API disabled

In profile.html, if settings.ENABLE_REST_API == False, trying to render a
link to the generate_token page will raise a NoReverseMatch exception, so
we shouldn't render that. In any case, if the REST API is disabled, we
really shouldn't render the API token section of the page at all.

Only render the API token and generation link if settings.ENABLE_REST_API
is True.

Reported-by: Tomas Novotny <tomas@novotny.cz>
Closes: #138 ("NoReverseMatch exception on user login with disabled REST API")
Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate tokens")
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Reviewed-by: Stephen Finucane <stephen@that.guru>

diff --git a/patchwork/templates/patchwork/profile.html b/patchwork/templates/patchwork/profile.html
index 75c4f59f89049aba62159c903a9a1f36637330b4..4ca78dae430e198c4af5caa9d6c3ad5008880293 100644 (file)
--- a/patchwork/templates/patchwork/profile.html
+++ b/patchwork/templates/patchwork/profile.html
@@ -140,6 +140,7 @@ address.</p>
   <th>Password:</th>
   <td><a href="{% url 'password_change' %}">Change password</a>
  </tr>
+{% if rest_api_enabled %}
  <tr>
   <th>API Token:</th>
   <td>
@@ -162,6 +163,7 @@ address.</p>
    </form>
   </td>
  </tr>
+{% endif %}
 </table>
 </div>
 

diff --git a/patchwork/views/user.py b/patchwork/views/user.py
index d99fedf064a001e8a2af1d8787c66e8b1e5c4c96..693c02da22dec87db6268a74d6f3ac5f375fd136 100644 (file)
--- a/patchwork/views/user.py
+++ b/patchwork/views/user.py
@@ -128,6 +128,8 @@ def profile(request):
     context['linked_emails'] = people
     context['linkform'] = EmailForm()
     context['api_token'] = request.user.profile.token
+    if settings.ENABLE_REST_API:
+        context['rest_api_enabled'] = True
 
     return render(request, 'patchwork/profile.html', context)