flake8
passed.
JSHint
passed.
Add a management command for invalidating tokens
Review Request #12481 — Created July 21, 2022 and submitted
This change adds an
rb-site manage /path/to/site invalidate-api-tokenscommand
that allows administrators to invalidate the API tokens for a set of users. Now
tokens can be invalidated individually via the API, or in batch with this
command.
Manually tested the command and checked that the right tokens were
being invalidated.
| Summary |
|---|
| Description | From | Last Updated |
|---|---|---|
|
Can we add module docstrings to the new empty __init__.py files? |
 david
|
|
|
Should I write documentation for this here: https://www.reviewboard.org/docs/manual/4.0/admin/sites/management-commands/? |
 maubin
|
|
|
We should gettext_lazy() this. |
 chipx86
|
|
|
I wonder if instead we should go by usernames? |
chipx86
|
|
|
We should _(...) all the help text. |
chipx86
|
|
|
Needs a Raises for CommandError. |
chipx86
|
|
|
We should end the strings with a period, make them proper sentences. |
chipx86
|
|
|
No blank line here. |
chipx86
|
|
|
Doesn't this already basically exist if you call invalidate_tokens with the default args (i.e. users=None)? |
david
|
|
|
I wonder if it wouldn't be better to have invalidate_tokens take a list of user PKs. That way we could … |
david
|
|
|
I think there's one-too-many ( and ). I don't think you'll need the list() though. The * should still work … |
chipx86
|
|
|
You can avoid the list comprehension. Given we're working with set, I'd also sort. Also, both variables are already a … |
chipx86
|
|
|
The % should be on the next line. |
chipx86
|
-
-
-
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) Doesn't this already basically exist if you call
invalidate_tokenswith the default args (i.e.users=None)? -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) I wonder if it wouldn't be better to have
invalidate_tokenstake a list of user PKs. That way we could avoid the entireUsersquery.
-
-
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) We should
gettext_lazy()this. -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) I wonder if instead we should go by usernames?
-
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) We should
_(...)all the help text. -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) Needs a
RaisesforCommandError. -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) We should end the strings with a period, make them proper sentences.
-
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 1) No blank line here.
Commits: |
|
||||||
|---|---|---|---|---|---|---|---|
Diff: |
Revision 2 (+274) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 2) I think there's one-too-many
(and).I don't think you'll need the
list()though. The*should still work with the return type forvalues_list(). -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 2) You can avoid the list comprehension.
Given we're working with
set, I'd also sort.Also, both variables are already a
set.So:
', '.join(sorted(usernames - found_usernames)) -
reviewboard/webapi/management/commands/invalidate-api-tokens.py (Diff revision 2) The
%should be on the next line.
Commits: |
|
||||||
|---|---|---|---|---|---|---|---|
Diff: |
Revision 3 (+290) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.