NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-08-24 08:25:17 -06:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

11508 review changes

Browse Source
This commit is contained in:
Arthur 2023-08-17 08:23:05 -07:00
parent 57bcb8199d
commit 816eb75d78
2 changed files with 10 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
netbox/netbox/authentication.py
View File

@ -48,8 +48,6 @@ AUTH_BACKEND_ATTRS = {
'salesforce-oauth2': ('Salesforce', 'salesforce'), 'salesforce-oauth2': ('Salesforce', 'salesforce'),
} }
BASE_MICROSOFT_GRAPH_URL = 'https://graph.microsoft.com/v1.0/'
def get_auth_backend_display(name): def get_auth_backend_display(name):
""" """
@ -396,22 +394,23 @@ def azuread_map_groups(response, user, backend, *args, **kwargs):
Map Azure AD group ID to Netbox group Map Azure AD group ID to Netbox group
Also set is_superuser or is_staff based on config map Also set is_superuser or is_staff based on config map
''' '''
BASE_MICROSOFT_GRAPH_URL = 'https://graph.microsoft.com/v1.0/'
logger = logging.getLogger('netbox.auth.azuread_map_groups') logger = logging.getLogger('netbox.auth.azuread_map_groups')
if not hasattr(settings, "SOCIAL_AUTH_PIPELINE_CONFIG"): if not hasattr(settings, "SOCIAL_AUTH_PIPELINE_CONFIG"):
raise ImproperlyConfigured( raise ImproperlyConfigured(
"Azure group mapping has been configured, but SOCIAL_AUTH_PIPELINE_CONFIG is not defined." "Azure AD group mapping has been configured, but SOCIAL_AUTH_PIPELINE_CONFIG is not defined."
) )
config = getattr(settings, "SOCIAL_AUTH_PIPELINE_CONFIG") config = getattr(settings, "SOCIAL_AUTH_PIPELINE_CONFIG")
if "AZUREAD_USER_FLAGS_BY_GROUP" not in config: if "AZUREAD_USER_FLAGS_BY_GROUP" not in config:
raise ImproperlyConfigured( raise ImproperlyConfigured(
"Azure group mapping has been configured, but AZUREAD_USER_FLAGS_BY_GROUP is not defined." "Azure AD group mapping has been configured, but AZUREAD_USER_FLAGS_BY_GROUP is not defined."
) )
if "AZUREAD_GROUP_MAP" not in config: if "AZUREAD_GROUP_MAP" not in config:
raise ImproperlyConfigured( raise ImproperlyConfigured(
"Azure group mapping has been configured, but AZUREAD_GROUP_MAP is not defined." "Azure AD group mapping has been configured, but AZUREAD_GROUP_MAP is not defined."
) )
flags_by_group = config["AZUREAD_USER_FLAGS_BY_GROUP"] flags_by_group = config["AZUREAD_USER_FLAGS_BY_GROUP"]
@ -438,7 +437,7 @@ def azuread_map_groups(response, user, backend, *args, **kwargs):
headers=headers, headers=headers,
) )
except Exception as e: except Exception as e:
logger.error(f"Azure group mapping error getting groups for user {user} from Microsoft Graph API: {e}") logger.error(f"Azure AD group mapping error getting groups for user {user} from Microsoft Graph API: {e}")
raise e raise e
# Set groups and permissions based on returned group list # Set groups and permissions based on returned group list
@ -453,25 +452,21 @@ def azuread_map_groups(response, user, backend, *args, **kwargs):
group_id = value.get('id', None) group_id = value.get('id', None)
if group_id in flags_by_group['is_superuser']: if group_id in flags_by_group['is_superuser']:
logger.info(f"Azure group mapping - setting superuser status for: {user}.") logger.info(f"Azure AD group mapping - setting superuser status for: {user}.")
is_superuser = True is_superuser = True
if group_id in flags_by_group['is_staff']: if group_id in flags_by_group['is_staff']:
logger.info(f"Azure group mapping - setting staff status for: {user}.") logger.info(f"Azure AD group mapping - setting staff status for: {user}.")
is_staff = True is_staff = True
if group_id in group_mapping: if group_id in group_mapping:
group_name = group_mapping[group_id] group_name = group_mapping[group_id]
try: try:
group = Group.objects.get(name=group_name) group = Group.objects.get(name=group_name)
except Group.DoesNotExist:
group = None
if group:
group.user_set.add(user) group.user_set.add(user)
logger.info(f"Azure group mapping - adding group {group_name} to user: {user}.") logger.info(f"Azure AD group mapping - adding group {group_name} to user: {user}.")
else: except Group.DoesNotExist:
logger.info(f"Azure group mapping - group: {group_name} not found.") logger.info(f"Azure AD group mapping - group: {group_name} not found.")
user.is_superuser = is_superuser user.is_superuser = is_superuser
user.is_staff = is_staff user.is_staff = is_staff

5
netbox/netbox/settings.py
View File

@ -162,11 +162,6 @@ TIME_FORMAT = getattr(configuration, 'TIME_FORMAT', 'g:i a')
TIME_ZONE = getattr(configuration, 'TIME_ZONE', 'UTC') TIME_ZONE = getattr(configuration, 'TIME_ZONE', 'UTC')
ENABLE_LOCALIZATION = getattr(configuration, 'ENABLE_LOCALIZATION', False) ENABLE_LOCALIZATION = getattr(configuration, 'ENABLE_LOCALIZATION', False)
# Load all REMOTE_AUTH_BACKEND_* settings from the user configuration
for param in dir(configuration):
if param.startswith('REMOTE_AUTH_BACKEND_'):
globals()[param] = getattr(configuration, param)
# Check for hard-coded dynamic config parameters # Check for hard-coded dynamic config parameters
for param in PARAMS: for param in PARAMS:
if hasattr(configuration, param.name): if hasattr(configuration, param.name):