From 4abfa6231c4a5006e4baa9b3306c9307c4c75092 Mon Sep 17 00:00:00 2001
From: Tobias Genannt <t.genannt@scanplus.de>
Date: Fri, 2 Jul 2021 07:55:13 +0200
Subject: [PATCH] Fixed bug for users authenticated with API token

This prevents a crash when the current user has authenticated himself
with an API token. In this case the user will not have the permissions
given to his LDAP groups.
---
 netbox/netbox/authentication.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/netbox/netbox/authentication.py b/netbox/netbox/authentication.py
index 03241e522..2c843f076 100644
--- a/netbox/netbox/authentication.py
+++ b/netbox/netbox/authentication.py
@@ -147,7 +147,9 @@ try:
     class NBLDAPBackend(ObjectPermissionMixin, LDAPBackend_):
         def get_permission_filter(self, user_obj):
             permission_filter = super().get_permission_filter(user_obj)
-            if self.settings.FIND_GROUP_PERMS:
+            if (self.settings.FIND_GROUP_PERMS and
+                    hasattr(user_obj, "ldap_user") and
+                    hasattr(user_obj.ldap_user, "group_names")):
                 permission_filter = permission_filter | Q(groups__name__in=user_obj.ldap_user.group_names)
             return permission_filter
 except ModuleNotFoundError: