5 years ago · 46310787e2
--- a/api/desecapi/serializers.py
+++ b/api/desecapi/serializers.py
@@ -469,8 +469,14 @@ class DomainSerializer(serializers.ModelSerializer):
 
				             'name': {'trim_whitespace': False},
			
 
				         }
			
 
				 
			
 
				+    def __init__(self, *args, include_keys=False, **kwargs):
			
 
				+        self.include_keys = include_keys
			
 
				+        return super().__init__(*args, **kwargs)
			
 
				+
			
 
				     def get_fields(self):
			
 
				         fields = super().get_fields()
			
 
				+        if not self.include_keys:
			
 
				+            fields.pop('keys')
			
 
				         fields['name'].validators.append(ReadOnlyOnUpdateValidator())
			
 
				         return fields
			
 
				 
			
--- a/api/desecapi/tests/test_domains.py
+++ b/api/desecapi/tests/test_domains.py
@@ -148,6 +148,7 @@ class DomainOwnerTestCase1(DomainOwnerTestCase):
 
				             response_set = {data['name'] for data in response.data}
			
 
				             expected_set = {domain.name for domain in self.my_domains}
			
 
				             self.assertEqual(response_set, expected_set)
			
 
				+            self.assertFalse(any('keys' in data for data in response.data))
			
 
				 
			
 
				     def test_delete_my_domain(self):
			
 
				         url = self.reverse('v1:domain-detail', name=self.my_domain.name)
			
@@ -204,6 +205,7 @@ class DomainOwnerTestCase1(DomainOwnerTestCase):
 
				                 response = self.client.post(self.reverse('v1:domain-list'), {'name': name})
			
 
				                 self.assertStatus(response, status.HTTP_201_CREATED)
			
 
				                 self.assertEqual(len(mail.outbox), 0)
			
 
				+                self.assertTrue(isinstance(response.data['keys'], list))
			
 
				 
			
 
				             with self.assertPdnsRequests(self.request_pdns_zone_retrieve_crypto_keys(name)):
			
 
				                 self.assertStatus(
			
--- a/api/desecapi/views.py
+++ b/api/desecapi/views.py
@@ -86,6 +86,10 @@ class DomainViewSet(IdempotentDestroy,
 
				     def get_queryset(self):
			
 
				         return self.request.user.domains
			
 
				 
			
 
				+    def get_serializer(self, *args, **kwargs):
			
 
				+        include_keys = (self.action in ['create', 'retrieve'])
			
 
				+        return super().get_serializer(*args, include_keys=include_keys, **kwargs)
			
 
				+
			
 
				     def perform_create(self, serializer):
			
 
				         with PDNSChangeTracker():
			
 
				             domain = serializer.save(owner=self.request.user)
			
--- a/docs/dns/domains.rst
+++ b/docs/dns/domains.rst
@@ -57,8 +57,9 @@ Field details:
 
				 
			
 
				     Notes:
			
 
				 
			
 
				-    - Newly created domains are assigned a key after a short while (usually
			
 
				-      around one minute).  Until then, this field is empty.
			
 
				+    - Keys are returned immediately after domain creation or when retrieving a
			
 
				+      specific domain. In contrast, when listing all domains, the keys field
			
 
				+      is omitted for performance reasons.
			
 
				 
			
 
				     - The contents of this field are generated from PowerDNS' ``cryptokeys``
			
 
				       endpoint, see https://doc.powerdns.com/md/httpapi/api_spec/#cryptokeys.
			
@@ -132,14 +133,14 @@ support.
 
				 Listing Domains
			
 
				 ~~~~~~~~~~~~~~~
			
 
				 
			
 
				-The ``/api/v1/domains/`` endpoint reponds to ``GET`` requests with an array of
			
 
				+The ``/api/v1/domains/`` endpoint responds to ``GET`` requests with an array of
			
 
				 `domain object`_\ s. For example, you may issue the following command::
			
 
				 
			
 
				     curl -X GET https://desec.io/api/v1/domains/ \
			
 
				         --header "Authorization: Token {token}"
			
 
				 
			
 
				 to retrieve an overview of the domains you own.  Domains are returned in
			
 
				-reverse chronological order of their creation.
			
 
				+reverse chronological order of their creation, and DNSSEC keys are omitted.
			
 
				 
			
 
				 The response status code in case of success is ``200 OK``.  This is true also
			
 
				 if you do not own any domains; in this case, the response body will be an empty