diff --git a/netbox/netbox/authentication.py b/netbox/netbox/authentication.py index b5f5746fa..61dfe2fdb 100644 --- a/netbox/netbox/authentication.py +++ b/netbox/netbox/authentication.py @@ -94,7 +94,6 @@ class ObjectPermissionMixin: def has_perm(self, user_obj, perm, obj=None): app_label, action, model_name = resolve_permission(perm) - # breakpoint() # Superusers implicitly have all permissions if user_obj.is_active and user_obj.is_superuser: diff --git a/netbox/netbox/views/generic/bulk_views.py b/netbox/netbox/views/generic/bulk_views.py index 7bed7c4e9..e66e79a7a 100644 --- a/netbox/netbox/views/generic/bulk_views.py +++ b/netbox/netbox/views/generic/bulk_views.py @@ -626,7 +626,6 @@ class BulkEditView(GetReturnURLMixin, BaseMultiObjectView): clear_webhooks.send(sender=self) else: - print(f"form errors: {form.errors}") logger.debug("Form validation failed") else: diff --git a/netbox/users/forms/bulk_edit.py b/netbox/users/forms/bulk_edit.py index 0bdc65b77..9fe16db7b 100644 --- a/netbox/users/forms/bulk_edit.py +++ b/netbox/users/forms/bulk_edit.py @@ -50,9 +50,6 @@ class UserBulkEditForm(BootstrapMixin, forms.Form): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.fields['pk'].queryset = self.model.objects.all() - qs = self.fields['pk'].queryset - for i in qs: - print(f"pk: {i.pk}") class GroupBulkEditForm(BootstrapMixin, forms.Form): diff --git a/netbox/users/forms/model_forms.py b/netbox/users/forms/model_forms.py index c237ab0d8..ed5c7f6c8 100644 --- a/netbox/users/forms/model_forms.py +++ b/netbox/users/forms/model_forms.py @@ -197,11 +197,6 @@ class UserForm(BootstrapMixin, forms.ModelForm): del self.fields['confirm_password'] - # def is_valid(self): - # ret = super().is_valid() - # breakpoint() - # return ret - def save(self, *args, **kwargs): instance = super().save(*args, **kwargs) instance.object_permissions.set(self.cleaned_data['object_permissions']) diff --git a/netbox/users/views.py b/netbox/users/views.py index 1dc6eb0e7..53ff09122 100644 --- a/netbox/users/views.py +++ b/netbox/users/views.py @@ -406,6 +406,18 @@ class NetBoxUserBulkImportView(generic.BulkImportView): def get_required_permission(self): return get_permission_for_model(User, 'add') + def dispatch(self, request, *args, **kwargs): + breakpoint() + return super().dispatch(request, *args, **kwargs) + + def get(self, request, *args, **kwargs): + breakpoint() + return super().get(request, *args, **kwargs) + + def post(self, request, *args, **kwargs): + breakpoint() + return super().post(request, *args, **kwargs) + class NetBoxUserBulkEditView(generic.BulkEditView): queryset = NetBoxUser.objects.all() @@ -413,18 +425,6 @@ class NetBoxUserBulkEditView(generic.BulkEditView): table = tables.UserTable form = forms.UserBulkEditForm - def dispatch(self, request, *args, **kwargs): - # breakpoint() - return super().dispatch(request, *args, **kwargs) - - def get(self, request, *args, **kwargs): - # breakpoint() - return super().get(request, *args, **kwargs) - - def post(self, request, *args, **kwargs): - # breakpoint() - return super().post(request, *args, **kwargs) - class NetBoxUserBulkDeleteView(generic.BulkDeleteView): queryset = NetBoxUser.objects.all() diff --git a/netbox/utilities/permissions.py b/netbox/utilities/permissions.py index 58a6130d8..5590adbc7 100644 --- a/netbox/utilities/permissions.py +++ b/netbox/utilities/permissions.py @@ -18,7 +18,6 @@ def get_permission_for_model(model, action): :param model: A model or instance :param action: View, add, change, or delete (string) """ - # breakpoint() ct = ContentType.objects.get_for_model(model) return '{}.{}_{}'.format( ct.app_label, @@ -72,7 +71,7 @@ def permission_is_exempt(name): if action == 'view': if ( # All models (excluding those in EXEMPT_EXCLUDE_MODELS) are exempt from view permission enforcement - '*' in settings.EXEMPT_VIEW_PERMISSIONS and (app_label, model_name) not in settings.EXEMPT_EXCLUDE_MODELS + '*' in settings.EXEMPT_VIEW_PERMISSIONS and (f'{app_label}.{model_name}' in settings.EXEMPT_VIEW_PERMISSIONS or (app_label, model_name) not in settings.EXEMPT_EXCLUDE_MODELS) ) or ( # This specific model is exempt from view permission enforcement f'{app_label}.{model_name}' in settings.EXEMPT_VIEW_PERMISSIONS diff --git a/netbox/utilities/testing/views.py b/netbox/utilities/testing/views.py index 9d0f0584d..75a14f795 100644 --- a/netbox/utilities/testing/views.py +++ b/netbox/utilities/testing/views.py @@ -650,7 +650,7 @@ class ViewTestCases: if value is not None and not isinstance(field, ForeignKey): self.assertEqual(value, value) - @override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) + @override_settings(EXEMPT_VIEW_PERMISSIONS=['*',]) def test_bulk_import_objects_with_constrained_permission(self): initial_count = self._get_queryset().count() data = { @@ -704,7 +704,7 @@ class ViewTestCases: with disable_warnings('django.request'): self.assertHttpStatus(self.client.post(self._get_url('bulk_edit'), data), 403) - @override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) + @override_settings(EXEMPT_VIEW_PERMISSIONS=['*', 'auth.user', 'auth.group']) def test_bulk_edit_objects_with_permission(self): pk_list = list(self._get_queryset().values_list('pk', flat=True)[:3]) data = { @@ -729,7 +729,7 @@ class ViewTestCases: for i, instance in enumerate(self._get_queryset().filter(pk__in=pk_list)): self.assertInstanceEqual(instance, self.bulk_edit_data) - @override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) + @override_settings(EXEMPT_VIEW_PERMISSIONS=['*', 'auth.user', 'auth.group']) def test_bulk_edit_objects_with_constrained_permission(self): pk_list = list(self._get_queryset().values_list('pk', flat=True)[:3]) data = {