# 456 Rework API key creation

* removes frontend input field holding generated API key * replaces with modal form * reworks tests on API token form
2025-01-08 16:03:26 +01:00
parent 123a470006
commit 9b63307f01
11 changed files with 214 additions and 389 deletions
--- a/user/tests/unit/test_forms.py
+++ b/user/tests/unit/test_forms.py
@@ -5,15 +5,14 @@ Contact: ksp-servicestelle@sgdnord.rlp.de
 Created on: 12.09.23

 """
-from django.core.exceptions import ObjectDoesNotExist
 from django.test import RequestFactory
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _

-from api.models import APIUserToken
 from konova.tests.test_views import BaseTestCase
+from user.forms.modals.api_token import NewAPITokenModalForm
 from user.forms.modals.team import NewTeamModalForm, EditTeamModalForm, RemoveTeamModalForm, LeaveTeamModalForm
-from user.forms.user import UserNotificationForm, UserAPITokenForm
+from user.forms.user import UserNotificationForm
 from user.models import Team, UserAction, UserNotification


@@ -252,35 +251,28 @@ class UserNotificationFormTestCase(BaseTestCase):
        self.assertIn(selected_notification, self.user.notifications.all())


-class UserAPITokenFormTestCase(BaseTestCase):
-    def test_init(self):
-        form = UserAPITokenForm(
-            instance=self.user
-        )
-        self.assertEqual(form.form_title, str(_("Create new token")))
-        self.assertEqual(form.form_caption, str(_("A new token needs to be validated by an administrator!")))
-        self.assertEqual(form.action_url, reverse("user:api-token"))
-        self.assertEqual(form.cancel_redirect, reverse("user:index"))
-
-        self.assertIsNone(form.fields["token"].initial)
-        self.assertTrue(form.fields["token"].widget.attrs["readonly"])
-
-    def test_save(self):
-        data = {
-            "token": APIUserToken().token
+class ApiTokenFormTestCase(BaseTestCase):
+    def test_new_token_and_recreating_token(self):
+        request = RequestFactory().request()
+        request.user = self.user
+        request.POST = {
+            "confirm": True
        }
-        form = UserAPITokenForm(
-            data,
-            instance=self.user
-        )
-        self.assertTrue(form.is_valid(), msg=form.errors)
+
        self.assertIsNone(self.user.api_token)
-        token = form.save()
-        self.assertEqual(self.user.api_token, token)
-        new_token = form.save()
-        self.assertEqual(self.user.api_token, new_token)
-        try:
-            token.refresh_from_db()
-            self.fail("Token should be deleted and not be fetchable anymore")
-        except ObjectDoesNotExist:
-            pass
+        form = NewAPITokenModalForm(request.POST, instance=self.user)
+        form.save()
+        self.user.refresh_from_db()
+        token = self.user.api_token
+        self.assertFalse(token.is_active)
+        self.assertIsNone(token.valid_until)
+        self.assertIsNotNone(token.token)
+
+        old_token = token.token
+        form.save()
+        self.user.refresh_from_db()
+        new_token = self.user.api_token
+        self.assertNotEqual(new_token.token, old_token)
+        self.assertFalse(new_token.is_active)
+        self.assertIsNone(new_token.valid_until)
+