From 9136e923c338ae07b6eac1382a02c818d3609fd0 Mon Sep 17 00:00:00 2001
From: Alexander Todorov <atodorov@otb.bg>
Date: Tue, 14 Nov 2023 17:05:11 +0200
Subject: [PATCH] Use tuple as the cache-key for IssueTrackerType.rpc_cache
 internally

in order to prevent integrations which define personal ApiTokens to
accidentally use a cached version for the same URL but different credentials
---
 tcms/issuetracker/base.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/tcms/issuetracker/base.py b/tcms/issuetracker/base.py
index b480e418c6..5ab4edc6f1 100644
--- a/tcms/issuetracker/base.py
+++ b/tcms/issuetracker/base.py
@@ -221,10 +221,14 @@ def rpc(self):
         if self.is_adding_testcase_to_issue_disabled():
             return None
 
-        if self.bug_system.base_url not in self.rpc_cache:
-            self.rpc_cache[self.bug_system.base_url] = self._rpc_connection()
-
-        return self.rpc_cache[self.bug_system.base_url]
+        # NOTE: using a tuple as the cache-key to prevent integrations which define
+        # personal ApiTokens to accidentally use a cached version
+        # for the same URL but different credentials
+        rpc_key = (self.bug_system.base_url, getattr(self.request, "user", None))
+        if rpc_key not in self.rpc_cache:
+            self.rpc_cache[rpc_key] = self._rpc_connection()
+
+        return self.rpc_cache[rpc_key]
 
     @property
     def rpc_credentials(self):