diff --git a/netbox/users/views.py b/netbox/users/views.py index 8fffcc96c..5412e8dcb 100644 --- a/netbox/users/views.py +++ b/netbox/users/views.py @@ -360,7 +360,6 @@ class NetBoxUserView(generic.ObjectView): def get_required_permission(self): # Need to override as ObjectView will query for NetBoxUser as the model # but the model we need to check perms for is User - breakpoint() return get_permission_for_model(User, 'view') def get_extra_context(self, request, instance): diff --git a/netbox/utilities/permissions.py b/netbox/utilities/permissions.py index b20aafce0..58a6130d8 100644 --- a/netbox/utilities/permissions.py +++ b/netbox/utilities/permissions.py @@ -18,10 +18,12 @@ def get_permission_for_model(model, action): :param model: A model or instance :param action: View, add, change, or delete (string) """ + # breakpoint() + ct = ContentType.objects.get_for_model(model) return '{}.{}_{}'.format( - model._meta.app_label, + ct.app_label, action, - model._meta.model_name + ct.model ) diff --git a/netbox/utilities/views.py b/netbox/utilities/views.py index a45e149c7..951595cb7 100644 --- a/netbox/utilities/views.py +++ b/netbox/utilities/views.py @@ -79,8 +79,9 @@ class ObjectPermissionRequiredMixin(AccessMixin): if user.has_perms((permission_required, *self.additional_permissions)): # Update the view's QuerySet to filter only the permitted objects - action = resolve_permission(permission_required)[1] - self.queryset = self.queryset.restrict(user, action) + if isinstance(self.queryset, RestrictedQuerySet): + action = resolve_permission(permission_required)[1] + self.queryset = self.queryset.restrict(user, action) return True @@ -94,7 +95,7 @@ class ObjectPermissionRequiredMixin(AccessMixin): 'a base queryset'.format(self.__class__.__name__) ) - if isinstance(self.queryset, RestrictedQuerySet) and not self.has_permission(): + if not self.has_permission(): return self.handle_no_permission() return super().dispatch(request, *args, **kwargs)