NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-14 01:41:22 -06:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Closes #16107: Set LOGIN_REQUIRED to True by default (#16122)

Browse Source 
* Closes #16107: Set LOGIN_REQUIRED to True by default

* Update tests
This commit is contained in:
Jeremy Stretch 2024-05-14 07:53:19 -04:00 committed by GitHub
parent b67eda403a
commit b8a8db09ed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/configuration/security.md
View File

@ -159,9 +159,12 @@ Note that enabling this setting causes NetBox to update a user's session in the
## LOGIN_REQUIRED ## LOGIN_REQUIRED
Default: False Default: True
Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users are permitted to access most data in NetBox but not make any changes. When enabled, only authenticated users are permitted to access any part of NetBox. Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes).
!!! info "Changed in NetBox v4.0.2"
Prior to NetBox v4.0.2, this setting was disabled by default.
--- ---

5
netbox/netbox/configuration_example.py
View File

@ -157,9 +157,8 @@ LOGGING = {}
# authenticated to NetBox indefinitely. # authenticated to NetBox indefinitely.
LOGIN_PERSISTENCE = False LOGIN_PERSISTENCE = False
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users # Setting this to False will permit unauthenticated users to access most areas of NetBox (but not make any changes).
# are permitted to access most data in NetBox but not make any changes. LOGIN_REQUIRED = True
LOGIN_REQUIRED = False
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to # The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
# re-authenticate. (Default: 1209600 [14 days]) # re-authenticate. (Default: 1209600 [14 days])

2
netbox/netbox/settings.py
View File

@ -105,7 +105,7 @@ LANGUAGE_CODE = getattr(configuration, 'DEFAULT_LANGUAGE', 'en-us')
LANGUAGE_COOKIE_PATH = CSRF_COOKIE_PATH LANGUAGE_COOKIE_PATH = CSRF_COOKIE_PATH
LOGGING = getattr(configuration, 'LOGGING', {}) LOGGING = getattr(configuration, 'LOGGING', {})
LOGIN_PERSISTENCE = getattr(configuration, 'LOGIN_PERSISTENCE', False) LOGIN_PERSISTENCE = getattr(configuration, 'LOGIN_PERSISTENCE', False)
LOGIN_REQUIRED = getattr(configuration, 'LOGIN_REQUIRED', False) LOGIN_REQUIRED = getattr(configuration, 'LOGIN_REQUIRED', True)
LOGIN_TIMEOUT = getattr(configuration, 'LOGIN_TIMEOUT', None) LOGIN_TIMEOUT = getattr(configuration, 'LOGIN_TIMEOUT', None)
LOGOUT_REDIRECT_URL = getattr(configuration, 'LOGOUT_REDIRECT_URL', 'home') LOGOUT_REDIRECT_URL = getattr(configuration, 'LOGOUT_REDIRECT_URL', 'home')
MEDIA_ROOT = getattr(configuration, 'MEDIA_ROOT', os.path.join(BASE_DIR, 'media')).rstrip('/') MEDIA_ROOT = getattr(configuration, 'MEDIA_ROOT', os.path.join(BASE_DIR, 'media')).rstrip('/')

4
netbox/netbox/tests/test_plugins.py
View File

@ -42,6 +42,7 @@ class PluginTest(TestCase):
url = reverse('admin:dummy_plugin_dummymodel_add') url = reverse('admin:dummy_plugin_dummymodel_add')
self.assertEqual(url, '/admin/dummy_plugin/dummymodel/add/') self.assertEqual(url, '/admin/dummy_plugin/dummymodel/add/')
@override_settings(LOGIN_REQUIRED=False)
def test_views(self): def test_views(self):
# Test URL resolution # Test URL resolution
@ -53,7 +54,7 @@ class PluginTest(TestCase):
response = client.get(url) response = client.get(url)
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
@override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) @override_settings(EXEMPT_VIEW_PERMISSIONS=['*'], LOGIN_REQUIRED=False)
def test_api_views(self): def test_api_views(self):
# Test URL resolution # Test URL resolution
@ -65,6 +66,7 @@ class PluginTest(TestCase):
response = client.get(url) response = client.get(url)
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
@override_settings(LOGIN_REQUIRED=False)
def test_registered_views(self): def test_registered_views(self):
# Test URL resolution # Test URL resolution

4
netbox/utilities/testing/api.py
View File

@ -73,7 +73,7 @@ class APIViewTestCases:
class GetObjectViewTestCase(APITestCase): class GetObjectViewTestCase(APITestCase):
@override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) @override_settings(EXEMPT_VIEW_PERMISSIONS=['*'], LOGIN_REQUIRED=False)
def test_get_object_anonymous(self): def test_get_object_anonymous(self):
""" """
GET a single object as an unauthenticated user. GET a single object as an unauthenticated user.
@ -135,7 +135,7 @@ class APIViewTestCases:
class ListObjectsViewTestCase(APITestCase): class ListObjectsViewTestCase(APITestCase):
brief_fields = [] brief_fields = []
@override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) @override_settings(EXEMPT_VIEW_PERMISSIONS=['*'], LOGIN_REQUIRED=False)
def test_list_objects_anonymous(self): def test_list_objects_anonymous(self):
""" """
GET a list of objects as an unauthenticated user. GET a list of objects as an unauthenticated user.

4
netbox/utilities/testing/views.py
View File

@ -62,7 +62,7 @@ class ViewTestCases:
""" """
Retrieve a single instance. Retrieve a single instance.
""" """
@override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) @override_settings(EXEMPT_VIEW_PERMISSIONS=['*'], LOGIN_REQUIRED=False)
def test_get_object_anonymous(self): def test_get_object_anonymous(self):
# Make the request as an unauthenticated user # Make the request as an unauthenticated user
self.client.logout() self.client.logout()
@ -421,7 +421,7 @@ class ViewTestCases:
""" """
Retrieve multiple instances. Retrieve multiple instances.
""" """
@override_settings(EXEMPT_VIEW_PERMISSIONS=['*']) @override_settings(EXEMPT_VIEW_PERMISSIONS=['*'], LOGIN_REQUIRED=False)
def test_list_objects_anonymous(self): def test_list_objects_anonymous(self):
# Make the request as an unauthenticated user # Make the request as an unauthenticated user
self.client.logout() self.client.logout()