NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-24 09:28:38 -06:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

Add override for read_only tokens to be used with an overriden permission set

Browse Source
This commit is contained in:
Daniel Sheppard 2024-06-18 09:59:34 -05:00
parent ed3f0846d3
commit 38786748b7
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
netbox/netbox/api/authentication.py
View File

@ -103,9 +103,14 @@ class TokenPermissions(DjangoObjectPermissions):
super().__init__() super().__init__()
def _verify_write_permission(self, request): def _verify_write_permission(self, request):
# Determine if this permission set allows read-only tokens
allow_readonly_token = getattr(self, 'allow_readonly_token', False)
# If token authentication is in use, verify that the token allows write operations (for unsafe methods). # If token authentication is in use, verify that the token allows write operations (for unsafe methods).
if request.method in SAFE_METHODS or request.auth.write_enabled: # If this permission set allows read-only tokens, also permit access
if request.method in SAFE_METHODS or request.auth.write_enabled or (
not request.auth.write_enabled and allow_readonly_token
):
return True return True
def has_permission(self, request, view): def has_permission(self, request, view):
@ -150,6 +155,8 @@ class RequireViewOnlyPermissions(TokenPermissions):
'DELETE': ['%(app_label)s.view_%(model_name)s'], 'DELETE': ['%(app_label)s.view_%(model_name)s'],
} }
allow_readonly_token = True
class IsAuthenticatedOrLoginNotRequired(BasePermission): class IsAuthenticatedOrLoginNotRequired(BasePermission):
""" """