Drop Profile.api_key and Profile.api_key_readonly (both are stored with Project now)

hc/accounts/migrations/0023_auto_20190117_1419.py

@@ -0,0 +1,25 @@
+# Generated by Django 2.1.5 on 2019-01-17 14:19
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0022_auto_20190114_0857'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key',
+        ),
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key_id',
+        ),
+        migrations.RemoveField(
+            model_name='profile',
+            name='api_key_readonly',
+        ),
+    ]

hc/accounts/models.py

@@ -51,9 +51,6 @@ class Profile(models.Model):
     ping_log_limit = models.IntegerField(default=100)
     check_limit = models.IntegerField(default=20)
     token = models.CharField(max_length=128, blank=True)
-    api_key_id = models.CharField(max_length=128, blank=True)
-    api_key = models.CharField(max_length=128, blank=True)
-    api_key_readonly = models.CharField(max_length=128, blank=True)
     current_team = models.ForeignKey("self", models.SET_NULL, null=True)
     current_project = models.ForeignKey("Project", models.SET_NULL, null=True)
     last_sms_date = models.DateTimeField(null=True, blank=True)
@@ -123,12 +120,6 @@ class Profile(models.Model):
         }
         emails.change_email(self.user.email, ctx)
 
-    def set_api_keys(self, key_id=""):
-        self.api_key_id = key_id
-        self.api_key = urlsafe_b64encode(os.urandom(24)).decode()
-        self.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode()
-        self.save()
-
     def checks_from_all_projects(self):
         """ Return a queryset of checks from projects we have access to. """
 
@@ -251,6 +242,11 @@ class Project(models.Model):
         num_used = Check.objects.filter(project__owner=self.owner).count()
         return self.owner_profile.check_limit - num_used
 
+    def set_api_keys(self):
+        self.api_key = urlsafe_b64encode(os.urandom(24)).decode()
+        self.api_key_readonly = urlsafe_b64encode(os.urandom(24)).decode()
+        self.save()
+
     def set_next_nag_date(self):
         """ Set next_nag_date on profiles of all members of this project. """
 

hc/accounts/tests/test_profile.py

@@ -47,17 +47,14 @@ class ProfileTestCase(BaseTestCase):
         r = self.client.post("/accounts/profile/", form)
         self.assertEqual(r.status_code, 200)
 
-        self.profile.refresh_from_db()
-        api_key = self.profile.api_key
+        self.project.refresh_from_db()
+        api_key = self.project.api_key
         self.assertTrue(len(api_key) > 10)
         self.assertFalse("b'" in api_key)
 
-        self.project.refresh_from_db()
-        self.assertEqual(self.project.api_key, api_key)
-
     def test_it_revokes_api_key(self):
-        self.profile.api_key_readonly = "R" * 32
-        self.profile.save()
+        self.project.api_key_readonly = "R" * 32
+        self.project.save()
 
         self.client.login(username="[email protected]", password="password")
 
@@ -65,12 +62,9 @@ class ProfileTestCase(BaseTestCase):
         r = self.client.post("/accounts/profile/", form)
         assert r.status_code == 200
 
-        self.profile.refresh_from_db()
-        self.assertEqual(self.profile.api_key, "")
-        self.assertEqual(self.profile.api_key_readonly, "")
-
         self.project.refresh_from_db()
         self.assertEqual(self.project.api_key, "")
+        self.assertEqual(self.project.api_key_readonly, "")
 
     def test_it_sends_report(self):
         check = Check(name="Test Check", user=self.alice, project=self.project)

hc/accounts/views.py

@@ -209,21 +209,13 @@ def profile(request):
             profile.send_set_password_link()
             return redirect("hc-link-sent")
         elif "create_api_keys" in request.POST:
-            profile.set_api_keys()
-
-            project.api_key = profile.api_key
-            project.api_key_readonly = profile.api_key_readonly
+            project.set_api_keys()
             project.save()
 
             ctx["show_api_keys"] = True
             ctx["api_keys_created"] = True
             ctx["api_status"] = "success"
         elif "revoke_api_keys" in request.POST:
-            profile.api_key_id = ""
-            profile.api_key = ""
-            profile.api_key_readonly = ""
-            profile.save()
-
             project.api_key = ""
             project.api_key_readonly = ""
             project.save()

hc/api/decorators.py

@@ -1,7 +1,6 @@
 import json
 from functools import wraps
 
-from django.contrib.auth.models import User
 from django.db.models import Q
 from django.http import HttpResponse, JsonResponse
 from hc.accounts.models import Project

hc/api/tests/test_create_check.py

@@ -207,8 +207,8 @@ class CreateCheckTestCase(BaseTestCase):
         self.assertEqual(r.status_code, 403)
 
     def test_readonly_key_does_not_work(self):
-        self.profile.api_key_readonly = "R" * 32
-        self.profile.save()
+        self.project.api_key_readonly = "R" * 32
+        self.project.save()
 
         r = self.post({"api_key": "R" * 32, "name": "Foo"})
         self.assertEqual(r.status_code, 401)

hc/test.py

@@ -18,7 +18,7 @@ class BaseTestCase(TestCase):
         self.project.badge_key = self.alice.username
         self.project.save()
 
-        self.profile = Profile(user=self.alice, api_key="X" * 32)
+        self.profile = Profile(user=self.alice)
         self.profile.sms_limit = 50
         self.profile.current_project = self.project
         self.profile.save()