users: Remove unnecessary get_api_key helper.

Using the column name is clearer.

tools/test-api

@@ -39,7 +39,6 @@ with test_server_running(
     )
     from zerver.actions.users import change_user_is_active
     from zerver.lib.test_helpers import reset_email_visibility_to_everyone_in_zulip_realm
-    from zerver.lib.users import get_api_key
     from zerver.models.groups import NamedUserGroup, SystemGroups
     from zerver.models.realms import get_realm
     from zerver.models.users import get_user
@@ -75,7 +74,7 @@ with test_server_running(
     user.can_change_user_emails = True
     user.save(update_fields=["can_create_users", "can_change_user_emails"])
 
-    api_key = get_api_key(user)
+    api_key = user.api_key
     site = "http://zulip.zulipdev.com:9981"
     client = Client(
         email=email,
@@ -88,7 +87,7 @@ with test_server_running(
     realm = get_realm("zulip")
     user = get_user(email, realm)
 
-    api_key = get_api_key(user)
+    api_key = user.api_key
     site = "http://zulip.zulipdev.com:9981"
     owner_client = Client(
         email=email,
@@ -101,7 +100,7 @@ with test_server_running(
     guest_user = do_create_user(
         "guest@zulip.com", "secret", get_realm("zulip"), "Mr. Guest", acting_user=None
     )
-    api_key = get_api_key(guest_user)
+    api_key = guest_user.api_key
     nonadmin_client = Client(
         email=email,
         api_key=api_key,

zerver/actions/create_user.py

@@ -42,7 +42,6 @@ from zerver.lib.user_groups import get_system_user_group_for_user
 from zerver.lib.users import (
     can_access_delivery_email,
     format_user_row,
-    get_api_key,
     get_data_for_inaccessible_user,
     get_user_ids_who_can_access_user,
     user_access_restricted_in_realm,
@@ -478,7 +477,7 @@ def created_bot_event(user_profile: UserProfile) -> dict[str, Any]:
         full_name=user_profile.full_name,
         bot_type=user_profile.bot_type,
         is_active=user_profile.is_active,
-        api_key=get_api_key(user_profile),
+        api_key=user_profile.api_key,
         default_sending_stream=default_sending_stream_name,
         default_events_register_stream=default_events_register_stream_name,
         default_all_public_streams=user_profile.default_all_public_streams,

zerver/lib/test_classes.py

@@ -79,7 +79,6 @@ from zerver.lib.thumbnail import ThumbnailFormat
 from zerver.lib.topic import RESOLVED_TOPIC_PREFIX, filter_by_topic_name_via_message
 from zerver.lib.upload import upload_message_attachment_from_request
 from zerver.lib.user_groups import get_system_user_group_for_user
-from zerver.lib.users import get_api_key
 from zerver.lib.webhooks.common import (
     check_send_webhook_message,
     get_fixture_http_headers,
@@ -956,7 +955,7 @@ Output:
         # TODO: use encode_user where possible
         assert "@" in email
         user = get_user_by_delivery_email(email, get_realm(realm))
-        api_key = get_api_key(user)
+        api_key = user.api_key
 
         return self.encode_credentials(email, api_key)
 
@@ -2437,7 +2436,7 @@ one or more new messages.
     def build_webhook_url(self, *args: str, **kwargs: str) -> str:
         url = self.URL_TEMPLATE
         if url.find("api_key") >= 0:
-            api_key = get_api_key(self.test_user)
+            api_key = self.test_user.api_key
             url = self.URL_TEMPLATE.format(api_key=api_key, stream=self.CHANNEL_NAME)
         else:
             url = self.URL_TEMPLATE.format(stream=self.CHANNEL_NAME)

zerver/lib/users.py

@@ -497,10 +497,6 @@ def get_accounts_for_email(email: str) -> list[Account]:
     ]
 
 
-def get_api_key(user_profile: UserProfile) -> str:
-    return user_profile.api_key
-
-
 def validate_user_custom_profile_field(
     realm_id: int, field: CustomProfileField, value: ProfileDataElementValue
 ) -> ProfileDataElementValue:

zerver/openapi/curl_param_value_generators.py

@@ -20,7 +20,6 @@ from zerver.lib.events import do_events_register
 from zerver.lib.initial_password import initial_password
 from zerver.lib.test_classes import ZulipTestCase
 from zerver.lib.upload import upload_message_attachment
-from zerver.lib.users import get_api_key
 from zerver.models import Client, Message, NamedUserGroup, UserPresence
 from zerver.models.realms import get_realm
 from zerver.models.users import UserProfile, get_user
@@ -377,7 +376,7 @@ def deactivate_own_user() -> dict[str, object]:
     )
     realm = get_realm("zulip")
     test_user = get_user(test_user_email, realm)
-    test_user_api_key = get_api_key(test_user)
+    test_user_api_key = test_user.api_key
     # change authentication line to allow test_client to delete itself.
     AUTHENTICATION_LINE[0] = f"{deactivate_test_user.email}:{test_user_api_key}"
     return {}

zerver/tests/test_auth_backends.py

@@ -83,7 +83,7 @@ from zerver.lib.test_helpers import (
 from zerver.lib.thumbnail import DEFAULT_AVATAR_SIZE, MEDIUM_AVATAR_SIZE, resize_avatar
 from zerver.lib.types import Validator
 from zerver.lib.user_groups import is_user_in_group
-from zerver.lib.users import get_api_key, get_users_for_api
+from zerver.lib.users import get_users_for_api
 from zerver.lib.utils import assert_is_not_none
 from zerver.lib.validator import (
     check_bool,
@@ -7656,7 +7656,7 @@ class JWTFetchAPIKeyTest(ZulipTestCase):
         self.email = self.example_email("hamlet")
         self.realm = get_realm("zulip")
         self.user_profile = get_user_by_delivery_email(self.email, self.realm)
-        self.api_key = get_api_key(self.user_profile)
+        self.api_key = self.user_profile.api_key
         self.raw_user_data = get_users_for_api(
             self.user_profile.realm,
             self.user_profile,

zerver/tests/test_decorators.py

@@ -50,7 +50,6 @@ from zerver.lib.response import json_response, json_success
 from zerver.lib.test_classes import ZulipTestCase
 from zerver.lib.test_helpers import HostRequestMock, dummy_handler, queries_captured
 from zerver.lib.user_agent import parse_user_agent
-from zerver.lib.users import get_api_key
 from zerver.lib.utils import generate_api_key, has_api_key_format
 from zerver.middleware import LogRequests, parse_client
 from zerver.models import Client, Realm, UserProfile
@@ -154,7 +153,7 @@ class DecoratorTestCase(ZulipTestCase):
         webhook_bot_email = "webhook-bot@zulip.com"
         webhook_bot_realm = get_realm("zulip")
         webhook_bot = get_user(webhook_bot_email, webhook_bot_realm)
-        webhook_bot_api_key = get_api_key(webhook_bot)
+        webhook_bot_api_key = webhook_bot.api_key
 
         request = HostRequestMock()
         request.POST["api_key"] = "X" * 32
@@ -339,7 +338,7 @@ class SkipRateLimitingTest(ZulipTestCase):
 
         request = HostRequestMock(host="zulip.testserver")
         request.method = "POST"
-        request.POST["api_key"] = get_api_key(self.example_user("hamlet"))
+        request.POST["api_key"] = self.example_user("hamlet").api_key
         with mock.patch("zerver.decorator.rate_limit_user") as rate_limit_mock:
             result = my_unlimited_view(request)
 
@@ -348,7 +347,7 @@ class SkipRateLimitingTest(ZulipTestCase):
 
         request = HostRequestMock(host="zulip.testserver")
         request.method = "POST"
-        request.POST["api_key"] = get_api_key(self.example_user("hamlet"))
+        request.POST["api_key"] = self.example_user("hamlet").api_key
         with mock.patch("zerver.decorator.rate_limit_user") as rate_limit_mock:
             result = my_rate_limited_view(request)
 
@@ -462,7 +461,7 @@ class DecoratorLoggingTestCase(ZulipTestCase):
 
     def test_authenticated_rest_api_view_errors(self) -> None:
         user_profile = self.example_user("hamlet")
-        api_key = get_api_key(user_profile)
+        api_key = user_profile.api_key
         credentials = f"{user_profile.email}:{api_key}"
         api_auth = "Digest " + base64.b64encode(credentials.encode()).decode()
         result = self.client_post("/api/v1/external/zendesk", {}, HTTP_AUTHORIZATION=api_auth)
@@ -676,7 +675,7 @@ class DeactivatedRealmTest(ZulipTestCase):
             email_owners=False,
         )
         user_profile = self.example_user("hamlet")
-        api_key = get_api_key(user_profile)
+        api_key = user_profile.api_key
         url = f"/api/v1/external/jira?api_key={api_key}&stream=jira_custom"
         data = self.webhook_fixture_data("jira", "created_v2")
         result = self.client_post(url, data, content_type="application/json")
@@ -878,7 +877,7 @@ class InactiveUserTest(ZulipTestCase):
         user_profile = self.example_user("hamlet")
         do_deactivate_user(user_profile, acting_user=None)
 
-        api_key = get_api_key(user_profile)
+        api_key = user_profile.api_key
         url = f"/api/v1/external/jira?api_key={api_key}&stream=jira_custom"
         data = self.webhook_fixture_data("jira", "created_v2")
         result = self.client_post(url, data, content_type="application/json")
@@ -937,19 +936,19 @@ class TestValidateApiKey(ZulipTestCase):
             # We use default_bot's key but webhook_bot's email address to test
             # the logic when an API key is passed and it doesn't belong to the
             # user whose email address has been provided.
-            api_key = get_api_key(self.default_bot)
+            api_key = self.default_bot.api_key
             validate_api_key(HostRequestMock(), self.webhook_bot.email, api_key)
 
     def test_validate_api_key_if_profile_is_not_active(self) -> None:
         change_user_is_active(self.default_bot, False)
         with self.assertRaises(JsonableError):
-            api_key = get_api_key(self.default_bot)
+            api_key = self.default_bot.api_key
             validate_api_key(HostRequestMock(), self.default_bot.email, api_key)
         change_user_is_active(self.default_bot, True)
 
     def test_validate_api_key_if_profile_is_incoming_webhook_and_is_webhook_is_unset(self) -> None:
         with self.assertRaises(JsonableError), self.assertLogs(level="WARNING") as root_warn_log:
-            api_key = get_api_key(self.webhook_bot)
+            api_key = self.webhook_bot.api_key
             validate_api_key(HostRequestMock(), self.webhook_bot.email, api_key)
         self.assertEqual(
             root_warn_log.output,
@@ -959,7 +958,7 @@ class TestValidateApiKey(ZulipTestCase):
         )
 
     def test_validate_api_key_if_profile_is_incoming_webhook_and_is_webhook_is_set(self) -> None:
-        api_key = get_api_key(self.webhook_bot)
+        api_key = self.webhook_bot.api_key
         profile = validate_api_key(
             HostRequestMock(host="zulip.testserver"),
             self.webhook_bot.email,
@@ -969,7 +968,7 @@ class TestValidateApiKey(ZulipTestCase):
         self.assertEqual(profile.id, self.webhook_bot.id)
 
     def test_validate_api_key_if_email_is_case_insensitive(self) -> None:
-        api_key = get_api_key(self.default_bot)
+        api_key = self.default_bot.api_key
         profile = validate_api_key(
             HostRequestMock(host="zulip.testserver"), self.default_bot.email.upper(), api_key
         )
@@ -977,7 +976,7 @@ class TestValidateApiKey(ZulipTestCase):
 
     def test_valid_api_key_if_user_is_on_wrong_subdomain(self) -> None:
         with self.settings(RUNNING_INSIDE_TORNADO=False):
-            api_key = get_api_key(self.default_bot)
+            api_key = self.default_bot.api_key
             with (
                 self.assertLogs(level="WARNING") as m,
                 self.assertRaisesRegex(

zerver/tests/test_event_system.py

@@ -27,7 +27,7 @@ from zerver.lib.test_helpers import (
     reset_email_visibility_to_everyone_in_zulip_realm,
     stub_event_queue_user_events,
 )
-from zerver.lib.users import get_api_key, get_users_for_api
+from zerver.lib.users import get_users_for_api
 from zerver.models import CustomProfileField, UserMessage, UserPresence, UserProfile
 from zerver.models.clients import get_client
 from zerver.models.realms import get_realm, get_realm_with_settings
@@ -627,7 +627,7 @@ class FetchInitialStateDataTest(ZulipTestCase):
         self.assert_length(result["realm_bots"], 0)
 
         # additionally the API key for a random bot is not present in the data
-        api_key = get_api_key(self.notification_bot(user_profile.realm))
+        api_key = self.notification_bot(user_profile.realm).api_key
         self.assertNotIn(api_key, str(result))
 
     # Admin users have access to all bots in the realm_bots field

zerver/tests/test_upload.py

@@ -48,7 +48,6 @@ from zerver.lib.upload import sanitize_name, upload_message_attachment
 from zerver.lib.upload.base import ZulipUploadBackend
 from zerver.lib.upload.local import LocalUploadBackend
 from zerver.lib.upload.s3 import S3UploadBackend
-from zerver.lib.users import get_api_key
 from zerver.models import Attachment, Message, Realm, RealmDomain, UserProfile
 from zerver.models.realms import get_realm
 from zerver.models.users import get_system_bot, get_user_by_delivery_email
@@ -110,7 +109,7 @@ class FileUploadTest(UploadSerializeMixin, ZulipTestCase):
         response = self.client_get(url, {"api_key": "invalid"})
         self.assertEqual(response.status_code, 401)
 
-        response = self.client_get(url, {"api_key": get_api_key(user_profile)})
+        response = self.client_get(url, {"api_key": user_profile.api_key})
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response.getvalue(), b"zulip!")
 

zerver/tests/test_webhooks_common.py

@@ -11,7 +11,6 @@ from zerver.lib.exceptions import InvalidJSONError, JsonableError
 from zerver.lib.send_email import FromAddress
 from zerver.lib.test_classes import WebhookTestCase, ZulipTestCase
 from zerver.lib.test_helpers import HostRequestMock
-from zerver.lib.users import get_api_key
 from zerver.lib.webhooks.common import (
     INVALID_JSON_MESSAGE,
     MISSING_EVENT_HEADER_MESSAGE,
@@ -74,7 +73,7 @@ class WebhooksCommonTestCase(ZulipTestCase):
         webhook_bot_email = "webhook-bot@zulip.com"
         webhook_bot_realm = get_realm("zulip")
         webhook_bot = get_user(webhook_bot_email, webhook_bot_realm)
-        webhook_bot_api_key = get_api_key(webhook_bot)
+        webhook_bot_api_key = webhook_bot.api_key
         request = HostRequestMock()
         request.POST["api_key"] = webhook_bot_api_key
         request.host = "zulip.testserver"

zerver/tests/test_zephyr.py

@@ -5,7 +5,6 @@ from unittest.mock import patch
 import orjson
 
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.users import get_api_key
 from zerver.models.realms import get_realm
 from zerver.models.users import get_user
 
@@ -33,7 +32,7 @@ class ZephyrTest(ZulipTestCase):
         email = str(self.mit_email("starnine"))
         realm = get_realm("zephyr")
         user = get_user(email, realm)
-        api_key = get_api_key(user)
+        api_key = user.api_key
         self.login_user(user)
 
         def ccache_mock(**kwargs: Any) -> Any:

zerver/views/auth.py

@@ -67,7 +67,7 @@ from zerver.lib.subdomains import get_subdomain, is_subdomain_root_or_alias
 from zerver.lib.typed_endpoint import typed_endpoint
 from zerver.lib.url_encoding import append_url_query_string
 from zerver.lib.user_agent import parse_user_agent
-from zerver.lib.users import get_api_key, get_users_for_api, is_2fa_verified
+from zerver.lib.users import get_users_for_api, is_2fa_verified
 from zerver.lib.utils import has_api_key_format
 from zerver.lib.validator import validate_login_email
 from zerver.models import (
@@ -463,7 +463,7 @@ def finish_desktop_flow(
 def finish_mobile_flow(request: HttpRequest, user_profile: UserProfile, otp: str) -> HttpResponse:
     # For the mobile OAuth flow, we send the API key and other
     # necessary details in a redirect to a zulip:// URL scheme.
-    api_key = get_api_key(user_profile)
+    api_key = user_profile.api_key
     response = create_response_for_otp_flow(
         api_key, otp, user_profile, encrypted_key_field_name="otp_encrypted_api_key"
     )
@@ -1028,7 +1028,7 @@ def process_api_key_fetch_authenticate_result(
     process_client(request, user_profile)
     RequestNotes.get_notes(request).requester_for_logs = user_profile.format_requester_for_logs()
 
-    api_key = get_api_key(user_profile)
+    api_key = user_profile.api_key
     return api_key
 
 
@@ -1204,7 +1204,7 @@ def json_fetch_api_key(
     ):
         raise JsonableError(_("Password is incorrect."))
 
-    api_key = get_api_key(user_profile)
+    api_key = user_profile.api_key
     return json_success(request, data={"api_key": api_key, "email": user_profile.delivery_email})
 
 

zerver/views/development/dev_login.py

@@ -18,7 +18,6 @@ from zerver.lib.exceptions import (
 from zerver.lib.response import json_success
 from zerver.lib.subdomains import get_subdomain
 from zerver.lib.typed_endpoint import typed_endpoint
-from zerver.lib.users import get_api_key
 from zerver.lib.validator import validate_login_email
 from zerver.models import Realm, UserProfile
 from zerver.models.realms import get_realm
@@ -139,7 +138,7 @@ def api_dev_fetch_api_key(request: HttpRequest, *, username: str) -> HttpRespons
     assert isinstance(user_profile, UserProfile)
 
     do_login(request, user_profile)
-    api_key = get_api_key(user_profile)
+    api_key = user_profile.api_key
     return json_success(
         request,
         data={"api_key": api_key, "email": user_profile.delivery_email, "user_id": user_profile.id},

zerver/views/users.py

@@ -79,7 +79,6 @@ from zerver.lib.users import (
     check_valid_bot_config,
     check_valid_bot_type,
     check_valid_interface_type,
-    get_api_key,
     get_users_for_api,
     max_message_id_for_user,
     validate_user_custom_profile_data,
@@ -678,7 +677,7 @@ def add_bot_backend(
 
     notify_created_bot(bot_profile)
 
-    api_key = get_api_key(bot_profile)
+    api_key = bot_profile.api_key
 
     json_result = dict(
         user_id=bot_profile.id,
@@ -706,7 +705,7 @@ def get_bots_backend(request: HttpRequest, user_profile: UserProfile) -> HttpRes
         # Bots are supposed to have only one API key, at least for now.
         # Therefore we can safely assume that one and only valid API key will be
         # the first one.
-        api_key = get_api_key(bot_profile)
+        api_key = bot_profile.api_key
 
         return dict(
             username=bot_profile.email,

zerver/views/zephyr.py

@@ -16,7 +16,6 @@ from zerver.lib.exceptions import JsonableError
 from zerver.lib.pysa import mark_sanitized
 from zerver.lib.response import json_success
 from zerver.lib.typed_endpoint import typed_endpoint
-from zerver.lib.users import get_api_key
 from zerver.models import UserProfile
 
 # Hack for mit.edu users whose Kerberos usernames don't match what they zephyr
@@ -63,7 +62,7 @@ def webathena_kerberos_login(
 
     # TODO: Send these data via (say) RabbitMQ
     try:
-        api_key = get_api_key(user_profile)
+        api_key = user_profile.api_key
         command = [
             "/home/zulip/python-zulip-api/zulip/integrations/zephyr/process_ccache",
             user,

zerver/webhooks/dropbox/tests.py

@@ -1,5 +1,4 @@
 from zerver.lib.test_classes import WebhookTestCase
-from zerver.lib.users import get_api_key
 
 
 class DropboxHookTests(WebhookTestCase):
@@ -20,7 +19,7 @@ class DropboxHookTests(WebhookTestCase):
 
     def test_verification_request(self) -> None:
         self.subscribe(self.test_user, self.CHANNEL_NAME)
-        get_params = {"stream_name": self.CHANNEL_NAME, "api_key": get_api_key(self.test_user)}
+        get_params = {"stream_name": self.CHANNEL_NAME, "api_key": self.test_user.api_key}
         result = self.client_get(self.url, get_params)
         self.assert_json_error(result, "Missing 'challenge' argument", 400)
 

zerver/webhooks/jira/tests.py

@@ -2,7 +2,6 @@ from unittest.mock import patch
 from urllib.parse import quote, unquote
 
 from zerver.lib.test_classes import WebhookTestCase
-from zerver.lib.users import get_api_key
 
 
 class JiraHookTests(WebhookTestCase):
@@ -11,7 +10,7 @@ class JiraHookTests(WebhookTestCase):
     WEBHOOK_DIR_NAME = "jira"
 
     def test_custom_channel(self) -> None:
-        api_key = get_api_key(self.test_user)
+        api_key = self.test_user.api_key
         self.subscribe(self.test_user, "jira_custom")
         url = f"/api/v1/external/jira?api_key={api_key}&stream=jira_custom"
         msg = self.send_webhook_payload(

zilencer/management/commands/print_initial_password.py

@@ -5,7 +5,6 @@ from typing_extensions import override
 
 from zerver.lib.initial_password import initial_password
 from zerver.lib.management import ZulipBaseCommand
-from zerver.lib.users import get_api_key
 
 
 class Command(ZulipBaseCommand):
@@ -32,4 +31,4 @@ class Command(ZulipBaseCommand):
                 print(f"ERROR: {email} does not look like an email address")
                 continue
             user = self.get_user(email, realm)
-            print(self.fmt % (email, initial_password(email), get_api_key(user)))
+            print(self.fmt % (email, initial_password(email), user.api_key))