mirror of
https://github.com/netbox-community/netbox.git
synced 2025-08-25 16:56:10 -06:00
12589 add user group manager
This commit is contained in:
Arthur
parent
4332ba0beb
commit
540339683c
@ -2,7 +2,7 @@ import binascii
|
|||||||
import os
|
import os
|
||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib.auth.models import Group, User
|
from django.contrib.auth.models import Group, GroupManager, User, UserManager
|
||||||
from django.contrib.contenttypes.models import ContentType
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.contrib.postgres.fields import ArrayField
|
from django.contrib.postgres.fields import ArrayField
|
||||||
from django.core.validators import MinLengthValidator
|
from django.core.validators import MinLengthValidator
|
||||||
@ -52,11 +52,15 @@ class AdminUser(User):
|
|||||||
proxy = True
|
proxy = True
|
||||||
|
|
||||||
|
|
||||||
|
class NetBoxUserManager(UserManager.from_queryset(RestrictedQuerySet)):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
class NetBoxUser(User):
|
class NetBoxUser(User):
|
||||||
"""
|
"""
|
||||||
Proxy contrib.auth.models.User for the UI
|
Proxy contrib.auth.models.User for the UI
|
||||||
"""
|
"""
|
||||||
objects = RestrictedQuerySet.as_manager()
|
objects = NetBoxUserManager()
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
verbose_name = 'User'
|
verbose_name = 'User'
|
||||||
|
|||||||
@ -4,7 +4,7 @@ from django.conf import settings
|
|||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.contrib.auth import login as auth_login, logout as auth_logout, update_session_auth_hash, get_user_model
|
from django.contrib.auth import login as auth_login, logout as auth_logout, update_session_auth_hash, get_user_model
|
||||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||||
from django.contrib.auth.models import update_last_login
|
from django.contrib.auth.models import Group, User, update_last_login
|
||||||
from django.contrib.auth.signals import user_logged_in
|
from django.contrib.auth.signals import user_logged_in
|
||||||
from django.db.models import Count
|
from django.db.models import Count
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
@ -22,6 +22,7 @@ from netbox.authentication import get_auth_backend_display, get_saml_idps
|
|||||||
from netbox.config import get_config
|
from netbox.config import get_config
|
||||||
from netbox.views import generic
|
from netbox.views import generic
|
||||||
from utilities.forms import ConfirmationForm
|
from utilities.forms import ConfirmationForm
|
||||||
|
from utilities.permissions import get_permission_for_model
|
||||||
from utilities.querysets import RestrictedQuerySet
|
from utilities.querysets import RestrictedQuerySet
|
||||||
from utilities.views import register_model_view
|
from utilities.views import register_model_view
|
||||||
from . import filtersets, forms, tables
|
from . import filtersets, forms, tables
|
||||||
@ -347,12 +348,18 @@ class NetBoxUserListView(generic.ObjectListView):
|
|||||||
filterset_form = forms.UserFilterForm
|
filterset_form = forms.UserFilterForm
|
||||||
table = tables.UserTable
|
table = tables.UserTable
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'view')
|
||||||
|
|
||||||
|
|
||||||
@register_model_view(NetBoxUser)
|
@register_model_view(NetBoxUser)
|
||||||
class NetBoxUserView(generic.ObjectView):
|
class NetBoxUserView(generic.ObjectView):
|
||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
template_name = 'users/user.html'
|
template_name = 'users/user.html'
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'view')
|
||||||
|
|
||||||
def get_extra_context(self, request, instance):
|
def get_extra_context(self, request, instance):
|
||||||
# Compile changelog table
|
# Compile changelog table
|
||||||
changelog = ObjectChange.objects.restrict(request.user, 'view').filter(user=request.user).prefetch_related(
|
changelog = ObjectChange.objects.restrict(request.user, 'view').filter(user=request.user).prefetch_related(
|
||||||
@ -371,16 +378,27 @@ class NetBoxUserEditView(generic.ObjectEditView):
|
|||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
form = forms.UserForm
|
form = forms.UserForm
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
# self._permission_action is set by dispatch() to either "add" or "change" depending on whether
|
||||||
|
# we are modifying an existing object or creating a new one.
|
||||||
|
return get_permission_for_model(User, self._permission_action)
|
||||||
|
|
||||||
|
|
||||||
@register_model_view(NetBoxUser, 'delete')
|
@register_model_view(NetBoxUser, 'delete')
|
||||||
class NetBoxUserDeleteView(generic.ObjectDeleteView):
|
class NetBoxUserDeleteView(generic.ObjectDeleteView):
|
||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'delete')
|
||||||
|
|
||||||
|
|
||||||
class NetBoxUserBulkImportView(generic.BulkImportView):
|
class NetBoxUserBulkImportView(generic.BulkImportView):
|
||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
model_form = forms.UserImportForm
|
model_form = forms.UserImportForm
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'add')
|
||||||
|
|
||||||
|
|
||||||
class NetBoxUserBulkEditView(generic.BulkEditView):
|
class NetBoxUserBulkEditView(generic.BulkEditView):
|
||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
@ -388,12 +406,19 @@ class NetBoxUserBulkEditView(generic.BulkEditView):
|
|||||||
table = tables.UserTable
|
table = tables.UserTable
|
||||||
form = forms.UserBulkEditForm
|
form = forms.UserBulkEditForm
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'change')
|
||||||
|
|
||||||
|
|
||||||
class NetBoxUserBulkDeleteView(generic.BulkDeleteView):
|
class NetBoxUserBulkDeleteView(generic.BulkDeleteView):
|
||||||
queryset = NetBoxUser.objects.all()
|
queryset = NetBoxUser.objects.all()
|
||||||
filterset = filtersets.UserFilterSet
|
filterset = filtersets.UserFilterSet
|
||||||
table = tables.UserTable
|
table = tables.UserTable
|
||||||
|
|
||||||
|
def get_required_permission(self):
|
||||||
|
return get_permission_for_model(User, 'delete')
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Groups
|
# Groups
|
||||||
#
|
#
|
||||||
|
|||||||
@ -1,3 +1,4 @@
|
|||||||
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.db.models import Prefetch, QuerySet
|
from django.db.models import Prefetch, QuerySet
|
||||||
|
|
||||||
from users.constants import CONSTRAINT_TOKEN_USER
|
from users.constants import CONSTRAINT_TOKEN_USER
|
||||||
@ -46,8 +47,9 @@ class RestrictedQuerySet(QuerySet):
|
|||||||
:param action: The action which must be permitted (e.g. "view" for "dcim.view_site"); default is 'view'
|
:param action: The action which must be permitted (e.g. "view" for "dcim.view_site"); default is 'view'
|
||||||
"""
|
"""
|
||||||
# Resolve the full name of the required permission
|
# Resolve the full name of the required permission
|
||||||
app_label = self.model._meta.app_label
|
ct = ContentType.objects.get_for_model(self.model)
|
||||||
model_name = self.model._meta.model_name
|
app_label = ct.app_label
|
||||||
|
model_name = ct.model
|
||||||
permission_required = f'{app_label}.{action}_{model_name}'
|
permission_required = f'{app_label}.{action}_{model_name}'
|
||||||
|
|
||||||
# Bypass restriction for superusers and exempt views
|
# Bypass restriction for superusers and exempt views
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user