def test_update_api_key(self) -> None: user = self.example_user("hamlet") email = user.email self.login_user(user) old_api_keys = get_all_api_keys(user) # Ensure the old API keys are in the authentication cache, so # that the below logic can test whether we have a cache-flushing bug. for api_key in old_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email) result = self.client_post("/json/users/me/api_key/regenerate") self.assert_json_success(result) new_api_key = result.json()["api_key"] self.assertNotIn(new_api_key, old_api_keys) user = self.example_user("hamlet") current_api_keys = get_all_api_keys(user) self.assertIn(new_api_key, current_api_keys) for api_key in old_api_keys: with self.assertRaises(UserProfile.DoesNotExist): get_user_profile_by_api_key(api_key) for api_key in current_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email)
def test_update_api_key(self) -> None: user = self.example_user('hamlet') email = user.email self.login(email) old_api_keys = get_all_api_keys(user) # Ensure the old API keys are in the authentication cache, so # that the below logic can test whether we have a cache-flushing bug. for api_key in old_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email) result = self.client_post('/json/users/me/api_key/regenerate') self.assert_json_success(result) new_api_key = result.json()['api_key'] self.assertNotIn(new_api_key, old_api_keys) user = self.example_user('hamlet') current_api_keys = get_all_api_keys(user) self.assertIn(new_api_key, current_api_keys) for api_key in old_api_keys: with self.assertRaises(UserProfile.DoesNotExist): get_user_profile_by_api_key(api_key) for api_key in current_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email)
def test_update_api_key(self) -> None: user = self.example_user("hamlet") email = user.email self.login_user(user) old_api_keys = get_all_api_keys(user) # Ensure the old API keys are in the authentication cache, so # that the below logic can test whether we have a cache-flushing bug. for api_key in old_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email) # First verify this endpoint is not registered in the /json/... path # to prevent access with only a session. result = self.client_post("/json/users/me/api_key/regenerate") self.assertEqual(result.status_code, 404) # A logged-in session doesn't allow access to an /api/v1/ endpoint # of course. result = self.client_post("/api/v1/users/me/api_key/regenerate") self.assertEqual(result.status_code, 401) result = self.api_post(user, "/api/v1/users/me/api_key/regenerate") new_api_key = self.assert_json_success(result)["api_key"] self.assertNotIn(new_api_key, old_api_keys) user = self.example_user("hamlet") current_api_keys = get_all_api_keys(user) self.assertIn(new_api_key, current_api_keys) for api_key in old_api_keys: with self.assertRaises(UserProfile.DoesNotExist): get_user_profile_by_api_key(api_key) for api_key in current_api_keys: self.assertEqual(get_user_profile_by_api_key(api_key).email, email)
def test_update_api_key(self) -> None: user = self.example_user('hamlet') email = user.email self.login(email) old_api_keys = get_all_api_keys(user) result = self.client_post('/json/users/me/api_key/regenerate') self.assert_json_success(result) new_api_key = result.json()['api_key'] self.assertNotIn(new_api_key, old_api_keys) user = self.example_user('hamlet') current_api_keys = get_all_api_keys(user) self.assertIn(new_api_key, current_api_keys)
def user_cache_items(items_for_remote_cache: Dict[str, Tuple[UserProfile]], user_profile: UserProfile) -> None: for api_key in get_all_api_keys(user_profile): items_for_remote_cache[user_profile_by_api_key_cache_key(api_key)] = ( user_profile, ) items_for_remote_cache[user_profile_cache_key( user_profile.email, user_profile.realm)] = (user_profile, )
def delete_user_profile_caches(user_profiles: Iterable['UserProfile']) -> None: # Imported here to avoid cyclic dependency. from zerver.lib.users import get_all_api_keys keys = [] for user_profile in user_profiles: keys.append(user_profile_by_email_cache_key(user_profile.email)) keys.append(user_profile_by_id_cache_key(user_profile.id)) for api_key in get_all_api_keys(user_profile): keys.append(user_profile_by_api_key_cache_key(api_key)) keys.append(user_profile_cache_key(user_profile.email, user_profile.realm)) cache_delete_many(keys)
def delete_user_profile_caches(user_profiles: Iterable['UserProfile']) -> None: # Imported here to avoid cyclic dependency. from zerver.lib.users import get_all_api_keys from zerver.models import is_cross_realm_bot_email keys = [] for user_profile in user_profiles: keys.append(user_profile_by_email_cache_key(user_profile.delivery_email)) keys.append(user_profile_by_id_cache_key(user_profile.id)) for api_key in get_all_api_keys(user_profile): keys.append(user_profile_by_api_key_cache_key(api_key)) keys.append(user_profile_cache_key(user_profile.email, user_profile.realm)) if user_profile.is_bot and is_cross_realm_bot_email(user_profile.email): # Handle clearing system bots from their special cache. keys.append(bot_profile_cache_key(user_profile.email)) cache_delete_many(keys)
def user_cache_items(items_for_remote_cache: Dict[str, Tuple[UserProfile]], user_profile: UserProfile) -> None: for api_key in get_all_api_keys(user_profile): items_for_remote_cache[user_profile_by_api_key_cache_key(api_key)] = (user_profile,) items_for_remote_cache[user_profile_cache_key(user_profile.email, user_profile.realm)] = (user_profile,)