From eaf49f2367ffdba2cfaab53d7e55e3a0489b3319 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C4=93teris=20Caune?= <cuu508@gmail.com>
Date: Tue, 22 Jan 2019 16:23:51 +0200
Subject: [PATCH] Don't switch projects when viewing the "Account Settings"
 page

---
 hc/accounts/middleware.py             |  9 +--------
 hc/accounts/models.py                 | 12 ++++++++----
 hc/accounts/tests/test_profile.py     | 11 -----------
 hc/accounts/views.py                  | 24 +-----------------------
 hc/front/views.py                     |  4 +---
 hc/payments/views.py                  |  6 ------
 templates/accounts/badges.html        |  2 +-
 templates/accounts/billing.html       |  5 ++++-
 templates/accounts/notifications.html |  5 ++++-
 templates/base.html                   |  4 +---
 10 files changed, 21 insertions(+), 61 deletions(-)

diff --git a/hc/accounts/middleware.py b/hc/accounts/middleware.py
index 0ee1c2e2167..1f6e6bf5171 100644
--- a/hc/accounts/middleware.py
+++ b/hc/accounts/middleware.py
@@ -1,5 +1,4 @@
-from django.db.models import Q
-from hc.accounts.models import Profile, Project
+from hc.accounts.models import Profile
 
 
 class TeamAccessMiddleware(object):
@@ -10,12 +9,6 @@ def __call__(self, request):
         if not request.user.is_authenticated:
             return self.get_response(request)
 
-        is_owner = Q(owner=request.user)
-        is_member = Q(member__user_id=request.user.id)
-        projects_q = Project.objects.filter(is_owner | is_member).distinct()
-        projects_q = projects_q.select_related("owner")
-        request.get_projects = lambda: list(projects_q)
-
         profile = Profile.objects.for_user(request.user)
         if profile.current_project is None:
             profile.current_project = profile.get_own_project()
diff --git a/hc/accounts/models.py b/hc/accounts/models.py
index a099bb8b90f..3b3cafe62c0 100644
--- a/hc/accounts/models.py
+++ b/hc/accounts/models.py
@@ -110,13 +110,17 @@ def send_change_email_link(self):
         }
         emails.change_email(self.user.email, ctx)
 
-    def checks_from_all_projects(self):
-        """ Return a queryset of checks from projects we have access to. """
+    def projects(self):
+        """ Return a queryset of all projects we have access to. """
 
         is_owner = models.Q(owner=self.user)
         is_member = models.Q(member__user=self.user)
-        q = Project.objects.filter(is_owner | is_member)
-        project_ids = q.values("id")
+        return Project.objects.filter(is_owner | is_member)
+
+    def checks_from_all_projects(self):
+        """ Return a queryset of checks from projects we have access to. """
+
+        project_ids = self.projects().values("id")
 
         from hc.api.models import Check
         return Check.objects.filter(project_id__in=project_ids)
diff --git a/hc/accounts/tests/test_profile.py b/hc/accounts/tests/test_profile.py
index fecc9f39ee1..16c4c6c0560 100644
--- a/hc/accounts/tests/test_profile.py
+++ b/hc/accounts/tests/test_profile.py
@@ -4,7 +4,6 @@
 from django.conf import settings
 from django.utils.timezone import now
 from hc.test import BaseTestCase
-from hc.accounts.models import Member
 from hc.api.models import Check
 
 
@@ -93,16 +92,6 @@ def test_it_skips_nag_if_none_down(self):
 
         self.assertEqual(len(mail.outbox), 0)
 
-    def test_it_switches_to_own_team(self):
-        self.client.login(username="bob@example.org", password="password")
-
-        self.client.get("/accounts/profile/")
-
-        # After visiting the profile page, team should be switched back
-        # to user's default team.
-        self.bobs_profile.refresh_from_db()
-        self.assertEqual(self.bobs_profile.current_project, self.bobs_project)
-
     def test_it_sends_change_email_link(self):
         self.client.login(username="alice@example.org", password="password")
 
diff --git a/hc/accounts/views.py b/hc/accounts/views.py
index 36ecae2dc4d..fa1346cf36d 100644
--- a/hc/accounts/views.py
+++ b/hc/accounts/views.py
@@ -74,16 +74,6 @@ def _make_user(email):
     return user
 
 
-def _ensure_own_team(request):
-    """ Make sure user is switched to their own team. """
-
-    if request.project.owner != request.user:
-        request.project = request.profile.get_own_project()
-
-        request.profile.current_project = request.project
-        request.profile.save()
-
-
 def _redirect_after_login(request):
     """ Redirect to the URL indicated in ?next= query parameter. """
 
@@ -188,14 +178,11 @@ def check_token(request, username, token):
 
 @login_required
 def profile(request):
-    _ensure_own_team(request)
     profile = request.profile
-    project = profile.get_own_project()
 
     ctx = {
         "page": "profile",
         "profile": profile,
-        "project": project
     }
 
     if request.method == "POST":
@@ -212,12 +199,10 @@ def profile(request):
 @login_required
 def project(request, code):
     project = Project.objects.get(code=code, owner_id=request.user.id)
-    profile = project.owner_profile
 
     ctx = {
         "page": "profile",
         "project": project,
-        "profile": profile,
         "show_api_keys": False,
         "project_name_status": "default",
         "api_status": "default",
@@ -292,7 +277,6 @@ def project(request, code):
 
 @login_required
 def notifications(request):
-    _ensure_own_team(request)
     profile = request.profile
 
     ctx = {
@@ -328,14 +312,8 @@ def notifications(request):
 
 @login_required
 def badges(request):
-    _ensure_own_team(request)
-
-    projects = [request.project]
-    for membership in request.user.memberships.all():
-        projects.append(membership.project)
-
     badge_sets = []
-    for project in projects:
+    for project in request.profile.projects():
         tags = set()
         for check in Check.objects.filter(project=project):
             tags.update(check.tags_list())
diff --git a/hc/front/views.py b/hc/front/views.py
index 22b0a12fe5e..27a47ddba56 100644
--- a/hc/front/views.py
+++ b/hc/front/views.py
@@ -85,9 +85,7 @@ def _has_access(request, project_code):
     if request.user.is_superuser:
         return True
 
-    is_owner = Q(owner_id=request.user.id)
-    is_member = Q(member__user_id=request.user.id)
-    projects = Project.objects.filter(is_owner | is_member)
+    projects = request.profile.projects()
     return projects.filter(code=project_code).exists()
 
 
diff --git a/hc/payments/views.py b/hc/payments/views.py
index 9dd6ce28fde..b77e50270bf 100644
--- a/hc/payments/views.py
+++ b/hc/payments/views.py
@@ -35,12 +35,6 @@ def pricing(request):
 
 @login_required
 def billing(request):
-    if request.project.owner != request.user:
-        request.project = request.profile.get_own_project()
-
-        request.profile.current_project = request.project
-        request.profile.save()
-
     # Don't use Subscription.objects.for_user method here, so a
     # subscription object is not created just by viewing a page.
     sub = Subscription.objects.filter(user_id=request.user.id).first()
diff --git a/templates/accounts/badges.html b/templates/accounts/badges.html
index 260c9269d8a..4c7bd9d938d 100644
--- a/templates/accounts/badges.html
+++ b/templates/accounts/badges.html
@@ -6,7 +6,7 @@
 {% block content %}
 <div class="row">
     <div class="col-sm-12">
-        <h1 class="settings-title">Settings</h1>
+        <h1 class="settings-title">Settings <small>{{ request.user.email }}</small></h1>
     </div>
 </div>
 
diff --git a/templates/accounts/billing.html b/templates/accounts/billing.html
index f49c293b030..ae197cae7f9 100644
--- a/templates/accounts/billing.html
+++ b/templates/accounts/billing.html
@@ -6,7 +6,10 @@
 {% block content %}
 <div class="row">
     <div class="col-sm-12">
-        <h1 class="settings-title">Settings</h1>
+        <h1 class="settings-title">
+            Settings
+            <small>{{ request.user.email}}</small>
+        </h1>
     </div>
 </div>
 
diff --git a/templates/accounts/notifications.html b/templates/accounts/notifications.html
index b4b07c0756e..b52f405f7cc 100644
--- a/templates/accounts/notifications.html
+++ b/templates/accounts/notifications.html
@@ -6,7 +6,10 @@
 {% block content %}
 <div class="row">
     <div class="col-sm-12">
-        <h1 class="settings-title">Settings</h1>
+        <h1 class="settings-title">
+            Settings
+            <small>{{ request.user.email }}</small>
+        </h1>
     </div>
 </div>
 
diff --git a/templates/base.html b/templates/base.html
index a191b7193b4..1a81ef99d9f 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -123,8 +123,7 @@
                         <span class="caret"></span>
                     </a>
                     <ul class="dropdown-menu">
-                    {% with projects=request.get_projects %}
-                        {% for project in projects %}
+                        {% for project in request.profile.projects.all %}
                         <li class="dropdown-header">{{ project }}</li>
                         <li>
                             <a href="{% url 'hc-switch-project' project.code %}">Checks</a>
@@ -136,7 +135,6 @@
                         {% endif %}
                         <li role="separator" class="divider"></li>
                         {% endfor %}
-                    {% endwith %}
 
                     <li><a href="{% url 'hc-profile' %}">Account Settings</a></li>
                     <li><a href="{% url 'hc-logout' %}">Log Out</a></li>