mirror of
https://github.com/netbox-community/netbox.git
synced 2025-12-19 03:42:25 -06:00
Update ObjectPermission.object_types to reference ObjectType
This commit is contained in:
Jeremy Stretch
@@ -1,5 +1,4 @@
|
||||
from django.conf import settings
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.db.models import Q
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
@@ -50,13 +49,14 @@ def resolve_permission_ct(name):
|
||||
|
||||
:param name: Permission name in the format <app_label>.<action>_<model>
|
||||
"""
|
||||
from core.models import ObjectType
|
||||
app_label, action, model_name = resolve_permission(name)
|
||||
try:
|
||||
content_type = ContentType.objects.get(app_label=app_label, model=model_name)
|
||||
except ContentType.DoesNotExist:
|
||||
object_type = ObjectType.objects.get(app_label=app_label, model=model_name)
|
||||
except ObjectType.DoesNotExist:
|
||||
raise ValueError(_("Unknown app_label/model_name for {name}").format(name=name))
|
||||
|
||||
return content_type, action
|
||||
return object_type, action
|
||||
|
||||
|
||||
def permission_is_exempt(name):
|
||||
|
||||
@@ -10,6 +10,7 @@ from graphene.types import Dynamic as GQLDynamic, List as GQLList, Union as GQLU
|
||||
from rest_framework import status
|
||||
from rest_framework.test import APIClient
|
||||
|
||||
from core.models import ObjectType
|
||||
from extras.choices import ObjectChangeActionChoices
|
||||
from extras.models import ObjectChange
|
||||
from users.models import ObjectPermission, Token
|
||||
@@ -109,7 +110,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET to permitted object
|
||||
url = self._get_detail_url(instance1)
|
||||
@@ -183,7 +184,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET to permitted objects
|
||||
response = self.client.get(self._get_list_url(), **self.header)
|
||||
@@ -224,7 +225,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
initial_count = self._get_queryset().count()
|
||||
response = self.client.post(self._get_list_url(), self.create_data[0], format='json', **self.header)
|
||||
@@ -258,7 +259,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
initial_count = self._get_queryset().count()
|
||||
response = self.client.post(self._get_list_url(), self.create_data, format='json', **self.header)
|
||||
@@ -309,7 +310,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
response = self.client.patch(url, update_data, format='json', **self.header)
|
||||
self.assertHttpStatus(response, status.HTTP_200_OK)
|
||||
@@ -344,7 +345,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
id_list = list(self._get_queryset().values_list('id', flat=True)[:3])
|
||||
self.assertEqual(len(id_list), 3, "Insufficient number of objects to test bulk update")
|
||||
@@ -387,7 +388,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
response = self.client.delete(url, **self.header)
|
||||
self.assertHttpStatus(response, status.HTTP_204_NO_CONTENT)
|
||||
@@ -413,7 +414,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Target the three most recently created objects to avoid triggering recursive deletions
|
||||
# (e.g. with MPTT objects)
|
||||
@@ -504,7 +505,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
response = self.client.post(url, data={'query': query}, **self.header)
|
||||
self.assertHttpStatus(response, status.HTTP_200_OK)
|
||||
@@ -529,7 +530,7 @@ class APIViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
response = self.client.post(url, data={'query': query}, **self.header)
|
||||
self.assertHttpStatus(response, status.HTTP_200_OK)
|
||||
|
||||
@@ -8,6 +8,7 @@ from django.test import override_settings
|
||||
from django.urls import reverse
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from core.models import ObjectType
|
||||
from extras.choices import ObjectChangeActionChoices
|
||||
from extras.models import ObjectChange
|
||||
from netbox.models.features import ChangeLoggingMixin
|
||||
@@ -93,7 +94,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(instance.get_absolute_url()), 200)
|
||||
@@ -109,7 +110,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET to permitted object
|
||||
self.assertHttpStatus(self.client.get(instance1.get_absolute_url()), 200)
|
||||
@@ -161,7 +162,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('add')), 200)
|
||||
@@ -197,7 +198,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with object-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('add')), 200)
|
||||
@@ -260,7 +261,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('edit', instance)), 200)
|
||||
@@ -295,7 +296,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with a permitted object
|
||||
self.assertHttpStatus(self.client.get(self._get_url('edit', instance1)), 200)
|
||||
@@ -349,7 +350,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('delete', instance)), 200)
|
||||
@@ -384,7 +385,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with a permitted object
|
||||
self.assertHttpStatus(self.client.get(self._get_url('delete', instance1)), 200)
|
||||
@@ -442,7 +443,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('list')), 200)
|
||||
@@ -458,7 +459,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with object-level permission
|
||||
response = self.client.get(self._get_url('list'))
|
||||
@@ -477,7 +478,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Test default CSV export
|
||||
response = self.client.get(f'{url}?export')
|
||||
@@ -524,7 +525,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Bulk create objects
|
||||
response = self.client.post(**request)
|
||||
@@ -548,7 +549,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Attempt to make the request with unmet constraints
|
||||
self.assertHttpStatus(self.client.post(**request), 200)
|
||||
@@ -610,7 +611,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try GET with model-level permission
|
||||
self.assertHttpStatus(self.client.get(self._get_url('import')), 200)
|
||||
@@ -639,7 +640,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Test POST with permission
|
||||
self.assertHttpStatus(self.client.post(self._get_url('import'), data), 302)
|
||||
@@ -674,7 +675,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Attempt to import non-permitted objects
|
||||
self.assertHttpStatus(self.client.post(self._get_url('import'), data), 200)
|
||||
@@ -730,7 +731,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try POST with model-level permission
|
||||
self.assertHttpStatus(self.client.post(self._get_url('bulk_edit'), data), 302)
|
||||
@@ -761,7 +762,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Attempt to bulk edit permitted objects into a non-permitted state
|
||||
response = self.client.post(self._get_url('bulk_edit'), data)
|
||||
@@ -811,7 +812,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try POST with model-level permission
|
||||
self.assertHttpStatus(self.client.post(self._get_url('bulk_delete'), data), 302)
|
||||
@@ -833,7 +834,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Attempt to bulk delete non-permitted objects
|
||||
initial_count = self._get_queryset().count()
|
||||
@@ -891,7 +892,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Try POST with model-level permission
|
||||
self.assertHttpStatus(self.client.post(self._get_url('bulk_rename'), data), 302)
|
||||
@@ -916,7 +917,7 @@ class ViewTestCases:
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
obj_perm.object_types.add(ContentType.objects.get_for_model(self.model))
|
||||
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
|
||||
|
||||
# Attempt to bulk edit permitted objects into a non-permitted state
|
||||
response = self.client.post(self._get_url('bulk_rename'), data)
|
||||
|
||||
Reference in New Issue
Block a user