From cf6f188ef3e2d913b9395269f999f617749e9c0e Mon Sep 17 00:00:00 2001
From: mpeltriaux <Michel_Peltriaux@web.de>
Date: Wed, 5 Nov 2025 10:37:27 +0100
Subject: [PATCH] # Refactoring APITokenView

* refactors API Token view
* updates tests
---
 user/forms/modals/api_token.py |  1 +
 user/tests/unit/test_forms.py  |  2 +-
 user/urls.py                   |  4 ++--
 user/views/api_token.py        | 32 ++++++++++++++------------------
 4 files changed, 18 insertions(+), 21 deletions(-)

diff --git a/user/forms/modals/api_token.py b/user/forms/modals/api_token.py
index d5ead620..5db9f3fb 100644
--- a/user/forms/modals/api_token.py
+++ b/user/forms/modals/api_token.py
@@ -22,6 +22,7 @@ class NewAPITokenModalForm(BaseModalForm):
     def __init__(self, *args, **kwargs):
         self.template = "modal/modal_form.html"
         super().__init__(*args, **kwargs)
+        self.instance = self.user
         self.form_title = _("Generate API Token")
 
         self.form_caption = ""
diff --git a/user/tests/unit/test_forms.py b/user/tests/unit/test_forms.py
index 4a86945f..e036743c 100644
--- a/user/tests/unit/test_forms.py
+++ b/user/tests/unit/test_forms.py
@@ -260,7 +260,7 @@ class ApiTokenFormTestCase(BaseTestCase):
         }
 
         self.assertIsNone(self.user.api_token)
-        form = NewAPITokenModalForm(request.POST, instance=self.user)
+        form = NewAPITokenModalForm(request.POST, request=request)
         form.save()
         self.user.refresh_from_db()
         token = self.user.api_token
diff --git a/user/urls.py b/user/urls.py
index 7712b837..14ca7ce5 100644
--- a/user/urls.py
+++ b/user/urls.py
@@ -9,7 +9,7 @@ from django.urls import path
 
 from user.autocomplete.share import ShareUserAutocomplete, ShareTeamAutocomplete
 from user.autocomplete.team import TeamAdminAutocomplete
-from user.views.api_token import APITokenView, new_api_token_view
+from user.views.api_token import APITokenView, NewAPITokenView
 from user.views.propagate import PropagateUserView
 from user.views.teams import TeamIndexView, NewTeamView, TeamDetailModalView, EditTeamView, RemoveTeamView, \
     LeaveTeamView
@@ -21,7 +21,7 @@ urlpatterns = [
     path("propagate/", PropagateUserView.as_view(), name="propagate"),
     path("notifications/", NotificationsView.as_view(), name="notifications"),
     path("token/api", APITokenView.as_view(), name="api-token"),
-    path("token/api/new", new_api_token_view, name="api-token-new"),
+    path("token/api/new", NewAPITokenView.as_view(), name="api-token-new"),
     path("contact/<id>", ContactView.as_view(), name="contact"),
     path("team/", TeamIndexView.as_view(), name="team-index"),
     path("team/new", NewTeamView.as_view(), name="team-new"),
diff --git a/user/views/api_token.py b/user/views/api_token.py
index 3b653c28..f90729ab 100644
--- a/user/views/api_token.py
+++ b/user/views/api_token.py
@@ -4,9 +4,9 @@ Created on: 08.01.25
 
 """
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.mixins import LoginRequiredMixin
 from django.http import HttpRequest
 from django.shortcuts import render
-from django.urls import reverse
 from django.utils.decorators import method_decorator
 from django.views import View
 from django.utils.translation import gettext_lazy as _
@@ -15,7 +15,9 @@ from konova.contexts import BaseContext
 from konova.decorators import default_group_required
 from konova.sub_settings.context_settings import TAB_TITLE_IDENTIFIER
 from konova.utils.message_templates import NEW_API_TOKEN_GENERATED
+from konova.views.base import BaseModalFormView
 from user.forms.modals.api_token import NewAPITokenModalForm
+from user.models import User
 
 
 class APITokenView(View):
@@ -36,22 +38,16 @@ class APITokenView(View):
         context = BaseContext(request, context).context
         return render(request, template, context)
 
+class NewAPITokenView(LoginRequiredMixin, BaseModalFormView):
+    _MODEL_CLS = User
+    _FORM_CLS = NewAPITokenModalForm
+    _MSG_SUCCESS = NEW_API_TOKEN_GENERATED
+    _REDIRECT_URL = "user:api-token"
 
-def new_api_token_view(request: HttpRequest):
-    """ Function based view for processing ModalForm
-    (Currently ModalForms only work properly with function based views)
+    def _user_has_shared_access(self, user, **kwargs):
+        # No special checks to be done in here
+        return True
 
-    Args:
-        request ():
-
-    Returns:
-
-    """
-    user = request.user
-
-    form = NewAPITokenModalForm(request.POST or None, instance=user, request=request)
-    return form.process_request(
-        request=request,
-        msg_success=NEW_API_TOKEN_GENERATED,
-        redirect_url=reverse("user:api-token"),
-    )
\ No newline at end of file
+    def _user_has_permission(self, user, **kwargs):
+        # User should at least be a default user to be able to use the api
+        return user.is_default_user()