From 26c3401f4d74a1c4dbcf47b8d069bcc560ecbd74 Mon Sep 17 00:00:00 2001 From: sergio_gimenez Date: Wed, 6 Nov 2024 08:24:10 +0100 Subject: [PATCH] Do not show serial numbers if user not authenticated --- device/templates/device_web.html | 36 +++++++++++++------------- device/tests/test_mock_device.py | 6 +++-- device/tests/test_public_device_web.py | 14 +++++----- device/views.py | 9 ++++++- 4 files changed, 36 insertions(+), 29 deletions(-) diff --git a/device/templates/device_web.html b/device/templates/device_web.html index f63eb9d..8c607d3 100644 --- a/device/templates/device_web.html +++ b/device/templates/device_web.html @@ -138,31 +138,31 @@ {% endfor %} - {% if user.is_authenticated %} -

Components

-
- {% for component in object.components %} -
-
-
-
{{ component.type }}
-

- {% for component_key, component_value in component.items %} - {% if component_key not in 'actions,type' %} +

Components

+
+ {% for component in object.components %} +
+
+
+
{{ component.type }}
+

+ {% for component_key, component_value in component.items %} + {% if component_key not in 'actions,type' %} + {% if component_key != 'serialNumber' or user.is_authenticated %} {{ component_key }}: {{ component_value }}
{% endif %} - {% endfor %} -

-
+ {% endif %} + {% endfor %} +

- {% endfor %} -
- {% endif %} +
+ {% endfor %} +
diff --git a/device/tests/test_mock_device.py b/device/tests/test_mock_device.py index efe8a5c..732c6ed 100644 --- a/device/tests/test_mock_device.py +++ b/device/tests/test_mock_device.py @@ -28,12 +28,14 @@ class TestDevice(Device): { 'type': 'CPU', 'model': 'Intel i7', - 'manufacturer': 'Intel' + 'manufacturer': 'Intel', + 'serialNumber': 'SN12345678' }, { 'type': 'RAM', 'size': '8GB', - 'manufacturer': 'Kingston' + 'manufacturer': 'Kingston', + 'serialNumber': 'SN87654321' } ] self.last_evidence = self._evidence diff --git a/device/tests/test_public_device_web.py b/device/tests/test_public_device_web.py index 1a0b3fc..84d8bf1 100644 --- a/device/tests/test_public_device_web.py +++ b/device/tests/test_public_device_web.py @@ -37,11 +37,7 @@ class PublicDeviceWebViewTests(TestCase): self.assertContains(response, 'Computer') self.assertContains(response, self.test_id) self.assertNotContains(response, 'Serial Number') - self.assertNotContains(response, 'Components') - self.assertNotContains(response, 'CPU') - self.assertNotContains(response, 'Intel') - self.assertNotContains(response, 'RAM') - self.assertNotContains(response, 'Kingston') + self.assertNotContains(response, 'serialNumber') @patch('device.views.Device') def test_html_response_authenticated(self, MockDevice): @@ -77,8 +73,8 @@ class PublicDeviceWebViewTests(TestCase): self.assertEqual(json_data['shortid'], self.test_id[:6].upper()) self.assertEqual(json_data['uuids'], []) self.assertEqual(json_data['hids'], ['hid1', 'hid2']) - self.assertNotIn('components', json_data) self.assertNotIn('serial_number', json_data) + self.assertNotIn('serialNumber', json_data) @patch('device.views.Device') def test_json_response_authenticated(self, MockDevice): @@ -99,12 +95,14 @@ class PublicDeviceWebViewTests(TestCase): { 'type': 'CPU', 'model': 'Intel i7', - 'manufacturer': 'Intel' + 'manufacturer': 'Intel', + 'serialNumber': 'SN12345678' }, { 'type': 'RAM', 'size': '8GB', - 'manufacturer': 'Kingston' + 'manufacturer': 'Kingston', + 'serialNumber': 'SN87654321' } ]) self.assertEqual(json_data['serial_number'], 'SN123456') diff --git a/device/views.py b/device/views.py index f0a0097..f99c196 100644 --- a/device/views.py +++ b/device/views.py @@ -140,15 +140,22 @@ class PublicDeviceWebView(TemplateView): 'shortid': self.object.shortid, 'uuids': self.object.uuids, 'hids': self.object.hids, + 'components': self.remove_serial_numnber_from(self.object.components), } @property def authenticated_fields(self): return { + 'serial_number': self.object.serial_number, 'components': self.object.components, - 'serial_number': self.object.serial_number } + def remove_serial_numnber_from(self, components): + for component in components: + if 'serial_number' in component: + del component['SerialNumber'] + return components + def get_device_data(self): data = self.public_fields if self.request.user.is_authenticated: