Fixed API key updating, removed the ability for people to remove API keys

2025-12-14 14:52:15 +00:00 · 2011-07-07 19:37:11 +01:00
parent 4ff890077f
commit 08fe37fe4b
5 changed files with 26 additions and 13 deletions
--- a/app/eve_api/forms.py
+++ b/app/eve_api/forms.py
@@ -12,6 +12,14 @@ class EveAPIForm(forms.ModelForm):
        fields = ('api_user_id', 'api_key', 'description', 'user')
        widgets = {'user': forms.HiddenInput()}

+    def __init__(self, *args, **kwargs):
+        super(EveAPIForm, self).__init__(*args, **kwargs)
+        instance = getattr(self, 'instance', None)
+
+        if instance and instance.pk:
+            # We're editing a existing instance, readonly the userid
+            self.fields['api_user_id'].widget.attrs['readonly'] = True
+
    def clean_api_key(self):

        if not len(self.cleaned_data['api_key']) == 64:
@@ -22,22 +30,25 @@ class EveAPIForm(forms.ModelForm):

        return self.cleaned_data['api_key']

-    def clean_user_id(self):
+    def clean_api_user_id(self):

-        if not 'user_id' in self.cleaned_data or self.cleaned_data['user_id'] == '':
+        if not 'api_user_id' in self.cleaned_data or self.cleaned_data['api_user_id'] == '':
            raise forms.ValidationError("Please provide a valid User ID")

        try:
-            int(self.cleaned_data['user_id'])
+            int(self.cleaned_data['api_user_id'])
        except ValueError:
            raise forms.ValidationError("Please provide a valid user ID.")

-        if not self.update:
+        if not getattr(self, 'instance', None):
            try:
-                eaccount = EVEAccount.objects.get(api_user_id=self.cleaned_data['user_id'])
+                eaccount = EVEAccount.objects.get(api_user_id=self.cleaned_data['api_user_id'])
            except EVEAccount.DoesNotExist:
                pass
            else:
                raise forms.ValidationError("This API User ID is already registered")
+        else:
+            if not int(self.cleaned_data['api_user_id']) == self.instance.api_user_id:
+                raise forms.ValidationError("You cannot change your API User ID")

-        return self.cleaned_data['user_id']
+        return self.cleaned_data['api_user_id']
--- a/app/eve_api/tasks/account.py
+++ b/app/eve_api/tasks/account.py
@@ -102,8 +102,10 @@ def import_apikey_func(api_userid, api_key, user=None, force_cache=False, log=lo

    # Create or retrieve the account last to make sure everything
    # before here is good to go.
-    account, created = EVEAccount.objects.get_or_create(api_key=api_key, api_user_id=api_userid)
-    account.api_key = api_key
+    account, created = EVEAccount.objects.get_or_create(api_user_id=api_userid)
+    if not created and not account.api_key == api_key:
+        account.api_key = api_key
+        account.api_keytype = API_KEYTYPE_UNKNOWN
    account.api_status = API_STATUS_OK
    if user and created:
        account.user = User.objects.get(id=user)
--- a/app/eve_api/urls.py
+++ b/app/eve_api/urls.py
@@ -6,7 +6,7 @@ from eve_api import views
 urlpatterns = patterns('',
    url(r'^eveapi/add/', views.eveapi_add, name="eveapi-add"),
    url(r'^eveapi/update/(?P<userid>\d+)/$', views.eveapi_update, name="eveapi-update"),
-    url(r'^eveapi/delete/(?P<userid>\d+)/$', views.eveapi_del, name="eveapi-delete"),
+    #url(r'^eveapi/delete/(?P<userid>\d+)/$', views.eveapi_del, name="eveapi-delete"),
    url(r'^eveapi/refresh/(?P<userid>\d+)/$', views.eveapi_refresh, name="eveapi-refresh"),
    url(r'^eveapi/log/(?P<userid>\d+)/$', views.eveapi_log, name="eveapi-log"),

--- a/app/eve_api/views.py
+++ b/app/eve_api/views.py
@@ -56,11 +56,11 @@ def eveapi_update(request, userid, post_save_redirect='/'):
    if request.method == 'POST':
        form = EveAPIForm(request.POST, instance=acc)
        if form.is_valid():
-            if form.has_changed() and ('api_key' in form.changed_data or 'api_user_id' in form.changed_data):
-                acc = form.save()
+            if form.has_changed() and ('api_key' in form.changed_data):
+                #acc = form.save()
                task = import_apikey_result.delay(api_key=acc.api_key, api_userid=acc.api_user_id, user=request.user.id)
                try:
-                    task.wait(10)
+                    task.wait(30)
                except celery.exceptions.TimeoutError:
                    msg = "The addition of your API key is still processing, please check back in a minute or so."
                except DocumentRetrievalError:
--- a/app/sso/templates/sso/profile.html
+++ b/app/sso/templates/sso/profile.html
@@ -114,7 +114,7 @@ setup.</p>
    <td><a href="{% url eve_api.views.eveapi_refresh acc.api_user_id %}"  onclick="javascript:refresh_apikey({{ acc.api_user_id }}); return false;">Refresh</a>,&nbsp;
        <a href="{% url eve_api.views.eveapi_update acc.api_user_id %}">Update Key</a>,&nbsp;
        <a href="{% url eve_api.views.eveapi_log acc.api_user_id %}">Logs</a>,&nbsp;
-        <a href="{% url eve_api.views.eveapi_del acc.api_user_id %}">Delete</a></td>
+        <!--<a href="{% url eve_api.views.eveapi_del acc.api_user_id %}">Delete</a></td>-->
 </tr>
 {% endfor %}
 </table>