Fix: correct serializing of auth tokens for export

2024-10-29 07:00:08 -07:00 · 2024-10-29 07:00:08 -07:00 · c5fddf8abe
commit c5fddf8abe
parent 3af3484a00
2 changed files with 21 additions and 1 deletions
--- a/src/documents/management/commands/document_exporter.py
+++ b/src/documents/management/commands/document_exporter.py
@ -271,7 +271,6 @@ class Command(CryptMixin, BaseCommand):
            "social_accounts": SocialAccount.objects.all(),
            "social_apps": SocialApp.objects.all(),
            "social_tokens": SocialToken.objects.all(),
-            "auth_tokens": Token.objects.all(),
        }

        if settings.AUDIT_LOG_ENABLED:
@ -286,6 +285,20 @@ class Command(CryptMixin, BaseCommand):
                    serializers.serialize("json", manifest_key_to_object_query[key]),
                )

+            # Add the auth tokens to the manifest, serialized manually
+            manifest_dict["auth_tokens"] = [
+                {
+                    "model": "authtoken.token",
+                    "pk": t.pk,
+                    "fields": {
+                        "key": t.key,
+                        "user": t.user_id,
+                        "created": t.created.isoformat(),
+                    },
+                }
+                for t in Token.objects.all()
+            ]
+
            self.encrypt_secret_fields(manifest_dict)

            # These are treated specially and included in the per-document manifest
--- a/src/documents/tests/test_management_exporter.py
+++ b/src/documents/tests/test_management_exporter.py
@ -20,6 +20,7 @@ from django.utils import timezone
 from guardian.models import GroupObjectPermission
 from guardian.models import UserObjectPermission
 from guardian.shortcuts import assign_perm
+from rest_framework.authtoken.models import Token

 from documents.management.commands import document_exporter
 from documents.models import Correspondent
@ -874,6 +875,8 @@ class TestCryptExportImport(
            password="mypassword",
        )

+        Token.objects.create(user=User.objects.first())
+
        call_command(
            "document_exporter",
            "--no-progress-bar",
@ -912,6 +915,10 @@ class TestCryptExportImport(
        self.assertIsNotNone(account)
        self.assertEqual(account.password, "mypassword")

+        token = Token.objects.first()
+
+        self.assertIsNotNone(token)
+
    def test_import_crypt_no_passphrase(self):
        """
        GIVEN: