8853 hide key on edit

2025-08-24 16:26:09 -06:00 · 2022-10-12 16:08:58 -07:00 · 2022-10-12 16:08:58 -07:00 · 9a0b8f51bf
commit 9a0b8f51bf
parent dd48bf5a4c
2 changed files with 11 additions and 1 deletions
--- a/netbox/users/forms.py
+++ b/netbox/users/forms.py
@ -1,4 +1,5 @@
 from django import forms
+from django.conf import settings
 from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm as DjangoPasswordChangeForm
 from django.contrib.postgres.forms import SimpleArrayField
 from django.utils.html import mark_safe
@ -117,3 +118,12 @@ class TokenForm(BootstrapMixin, forms.ModelForm):
        widgets = {
            'expires': DateTimePicker(),
        }
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        instance = getattr(self, 'instance', None)
+        if instance and instance.id and not settings.ALLOW_TOKEN_RETRIEVAL:
+            keyfield = self.fields['key']
+            keyfield.disabled = True
+            keyfield.required = False
+            keyfield.widget = forms.HiddenInput()
--- a/netbox/users/models.py
+++ b/netbox/users/models.py
@ -235,7 +235,7 @@ class Token(models.Model):

    def __str__(self):
        # Only display the last 24 bits of the token to avoid accidental exposure.
-        return f"{self.key[-6:]} ({self.user})"
+        return f"{self.description or self.key[-6:]} ({self.user})"

    def save(self, *args, **kwargs):
        if not self.key: