From e558d9145d0db573a817bda51f0adc81043a33c7 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Wed, 21 Feb 2024 10:46:33 +0100 Subject: [PATCH] limit access to cache --- idhub/admin/forms.py | 4 ++-- idhub/admin/views.py | 13 ++++--------- idhub/mixins.py | 1 - idhub/models.py | 1 - idhub/user/views.py | 5 +---- idhub/views.py | 1 - 6 files changed, 7 insertions(+), 18 deletions(-) diff --git a/idhub/admin/forms.py b/idhub/admin/forms.py index fd57e64..5db83bd 100644 --- a/idhub/admin/forms.py +++ b/idhub/admin/forms.py @@ -68,6 +68,7 @@ class EncryptionKeyForm(forms.Form): txt = _("Key no valid!") raise ValidationError(txt) + cache.set("KEY_DIDS", None) return data def save(self, commit=True): @@ -426,8 +427,7 @@ class ImportCertificateForm(forms.Form): type=DID.Types.KEY ) - pw = cache.get("KEY_DIDS") - self._did.set_key_material(key_material, pw) + self._did.set_key_material(key_material) def save(self, commit=True): diff --git a/idhub/admin/views.py b/idhub/admin/views.py index 8a9bb63..60ac63a 100644 --- a/idhub/admin/views.py +++ b/idhub/admin/views.py @@ -701,15 +701,10 @@ class DeleteCredentialsView(Credentials): VerificableCredential, pk=pk, ) - status = [ - VerificableCredential.Status.REVOKED, - VerificableCredential.Status.ISSUED - ] - if self.object.status in status: - self.object.delete() - messages.success(self.request, _('Credential deleted successfully')) - Event.set_EV_CREDENTIAL_DELETED(self.object) - Event.set_EV_CREDENTIAL_DELETED_BY_ADMIN(self.object) + self.object.delete() + messages.success(self.request, _('Credential deleted successfully')) + Event.set_EV_CREDENTIAL_DELETED(self.object) + Event.set_EV_CREDENTIAL_DELETED_BY_ADMIN(self.object) return redirect(self.success_url) diff --git a/idhub/mixins.py b/idhub/mixins.py index ad1379b..6e793a8 100644 --- a/idhub/mixins.py +++ b/idhub/mixins.py @@ -1,6 +1,5 @@ from django.contrib.auth.mixins import LoginRequiredMixin from django.utils.translation import gettext_lazy as _ -from django.contrib.auth import views as auth_views from django.core.exceptions import PermissionDenied from django.urls import reverse_lazy, resolve from django.shortcuts import redirect diff --git a/idhub/models.py b/idhub/models.py index 8373373..2f563bf 100644 --- a/idhub/models.py +++ b/idhub/models.py @@ -6,7 +6,6 @@ import datetime from collections import OrderedDict from django.db import models from django.conf import settings -from django.core.cache import cache from django.template.loader import get_template from django.utils.translation import gettext_lazy as _ diff --git a/idhub/user/views.py b/idhub/user/views.py index d01c977..fe45fb4 100644 --- a/idhub/user/views.py +++ b/idhub/user/views.py @@ -1,8 +1,6 @@ -import os import json import base64 import qrcode -import logging import datetime import weasyprint import qrcode.image.svg @@ -34,7 +32,6 @@ from idhub.user.tables import ( DIDTable, CredentialsTable ) -from django.core.cache import cache from idhub.user.forms import ( RequestCredentialForm, DemandAuthorizationForm, @@ -172,7 +169,7 @@ class WaitingView(UserView, TemplateView): success_url = reverse_lazy('idhub:user_dashboard') def get(self, request, *args, **kwargs): - if cache.get("KEY_DIDS"): + if self.admin_validated: return redirect(self.success_url) return super().get(request, *args, **kwargs) diff --git a/idhub/views.py b/idhub/views.py index 8cdecb5..940687b 100644 --- a/idhub/views.py +++ b/idhub/views.py @@ -6,7 +6,6 @@ import zlib import pyroaring from django.conf import settings -from django.core.cache import cache from django.urls import reverse_lazy from django.views.generic.base import TemplateView from django.contrib.auth import views as auth_views