From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from antelope.ash.relay.mailchannels.net ([23.83.222.4]:51632 "EHLO antelope.ash.relay.mailchannels.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752783AbeADLud (ORCPT ); Thu, 4 Jan 2018 06:50:33 -0500 Message-ID: <1515065458.32193.0.camel@that.guru> Subject: Re: [PATCH] views: Don't render token section of user profile if REST API disabled From: Stephen Finucane To: Andrew Donnellan , patchwork@lists.ozlabs.org Cc: tomas@novotny.cz, stable@vger.kernel.org Date: Thu, 04 Jan 2018 11:30:58 +0000 In-Reply-To: <20171219054127.26494-1-andrew.donnellan@au1.ibm.com> References: <20171219054127.26494-1-andrew.donnellan@au1.ibm.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: stable-owner@vger.kernel.org List-ID: On Tue, 2017-12-19 at 16:41 +1100, Andrew Donnellan wrote: > In profile.html, if settings.ENABLE_REST_API == False, trying to > render a > link to the generate_token page will raise a NoReverseMatch > exception, so > we shouldn't render that. In any case, if the REST API is disabled, > we > really shouldn't render the API token section of the page at all. > > Only render the API token and generation link if > settings.ENABLE_REST_API > is True. > > Cc: stable > Reported-by: Tomas Novotny > Closes: #138 ("NoReverseMatch exception on user login with disabled > REST API") > Fixes: 85c8f369204a ("views: Provide a way to view, (re)generate > tokens") > Signed-off-by: Andrew Donnellan Looks good to me. Merged and backported to 'stable/2.0'. Reviewed-by: Stephen Finucane