NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-22 20:12:00 -06:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Fixes #15977: Hide all admin menu items for non-authenticated users (#15978)

Browse Source 
* Fixes #15977: Hide all admin menu items for non-authenticated users

* Account for absence of auth_required on PluginMenuItem
This commit is contained in:
Jeremy Stretch 2024-05-07 10:37:42 -04:00 committed by GitHub
parent b4486b4d30
commit acc2add845
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
netbox/netbox/navigation/__init__.py
View File

@ -32,6 +32,7 @@ class MenuItem:
link: str link: str
link_text: str link_text: str
permissions: Optional[Sequence[str]] = () permissions: Optional[Sequence[str]] = ()
auth_required: Optional[bool] = False
staff_only: Optional[bool] = False staff_only: Optional[bool] = False
buttons: Optional[Sequence[MenuItemButton]] = () buttons: Optional[Sequence[MenuItemButton]] = ()

11
netbox/netbox/navigation/menu.py
View File

@ -371,6 +371,7 @@ ADMIN_MENU = Menu(
MenuItem( MenuItem(
link=f'users:user_list', link=f'users:user_list',
link_text=_('Users'), link_text=_('Users'),
auth_required=True,
permissions=[f'auth.view_user'], permissions=[f'auth.view_user'],
buttons=( buttons=(
MenuItemButton( MenuItemButton(
@ -390,6 +391,7 @@ ADMIN_MENU = Menu(
MenuItem( MenuItem(
link=f'users:group_list', link=f'users:group_list',
link_text=_('Groups'), link_text=_('Groups'),
auth_required=True,
permissions=[f'auth.view_group'], permissions=[f'auth.view_group'],
buttons=( buttons=(
MenuItemButton( MenuItemButton(
@ -409,12 +411,14 @@ ADMIN_MENU = Menu(
MenuItem( MenuItem(
link=f'users:token_list', link=f'users:token_list',
link_text=_('API Tokens'), link_text=_('API Tokens'),
auth_required=True,
permissions=[f'users.view_token'], permissions=[f'users.view_token'],
buttons=get_model_buttons('users', 'token') buttons=get_model_buttons('users', 'token')
), ),
MenuItem( MenuItem(
link=f'users:objectpermission_list', link=f'users:objectpermission_list',
link_text=_('Permissions'), link_text=_('Permissions'),
auth_required=True,
permissions=[f'users.view_objectpermission'], permissions=[f'users.view_objectpermission'],
buttons=get_model_buttons('users', 'objectpermission', actions=['add']) buttons=get_model_buttons('users', 'objectpermission', actions=['add'])
), ),
@ -425,16 +429,19 @@ ADMIN_MENU = Menu(
items=( items=(
MenuItem( MenuItem(
link='core:system', link='core:system',
link_text=_('System') link_text=_('System'),
auth_required=True
), ),
MenuItem( MenuItem(
link='core:configrevision_list', link='core:configrevision_list',
link_text=_('Configuration History'), link_text=_('Configuration History'),
auth_required=True,
permissions=['core.view_configrevision'] permissions=['core.view_configrevision']
), ),
MenuItem( MenuItem(
link='core:background_queue_list', link='core:background_queue_list',
link_text=_('Background Tasks') link_text=_('Background Tasks'),
auth_required=True
), ),
), ),
), ),

2
netbox/utilities/templatetags/navigation.py
View File

@ -26,6 +26,8 @@ def nav(context):
for group in menu.groups: for group in menu.groups:
items = [] items = []
for item in group.items: for item in group.items:
if getattr(item, 'auth_required', False) and not user.is_authenticated:
continue
if not user.has_perms(item.permissions): if not user.has_perms(item.permissions):
continue continue
if item.staff_only and not user.is_staff: if item.staff_only and not user.is_staff: