NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-18 04:56:29 -06:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Feature/remote group autocreate (#12394)

Browse Source 
* Add REMOTE_AUTH_AUTOCREATE_GROUPS

When REMOTE_AUTH_AUTOCREATE_GROUPS is True, Netbox will create groups
referenced in the REMOTE_AUTH_GROUP_HEADER that don't exist in the
database.

Closes #7671

* Fix naming of parameter

Apply the fix requested by kkthxbye-code in https://github.com/netbox-community/netbox/pull/8603

---------

Co-authored-by: Lars Kellogg-Stedman <lars@oddbit.com>
This commit is contained in:
Jon Schewe 2023-05-12 09:35:09 -05:00 committed by GitHub
parent 4eb5e90ccc
commit cc0c985fec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 50 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
netbox/netbox/authentication.py
View File

@ -156,8 +156,11 @@ class RemoteUserBackend(_RemoteUserBackend):
try: try:
group_list.append(Group.objects.get(name=name)) group_list.append(Group.objects.get(name=name))
except Group.DoesNotExist: except Group.DoesNotExist:
logging.error( if settings.REMOTE_AUTH_AUTO_CREATE_GROUPS:
f"Could not assign group {name} to remotely-authenticated user {user}: Group not found") group_list.append(Group.objects.create(name=name))
else:
logging.error(
f"Could not assign group {name} to remotely-authenticated user {user}: Group not found")
if group_list: if group_list:
user.groups.set(group_list) user.groups.set(group_list)
logger.debug( logger.debug(

1
netbox/netbox/settings.py
View File

@ -122,6 +122,7 @@ PLUGINS_CONFIG = getattr(configuration, 'PLUGINS_CONFIG', {})
QUEUE_MAPPINGS = getattr(configuration, 'QUEUE_MAPPINGS', {}) QUEUE_MAPPINGS = getattr(configuration, 'QUEUE_MAPPINGS', {})
RELEASE_CHECK_URL = getattr(configuration, 'RELEASE_CHECK_URL', None) RELEASE_CHECK_URL = getattr(configuration, 'RELEASE_CHECK_URL', None)
REMOTE_AUTH_AUTO_CREATE_USER = getattr(configuration, 'REMOTE_AUTH_AUTO_CREATE_USER', False) REMOTE_AUTH_AUTO_CREATE_USER = getattr(configuration, 'REMOTE_AUTH_AUTO_CREATE_USER', False)
REMOTE_AUTH_AUTO_CREATE_GROUPS = getattr(configuration, 'REMOTE_AUTH_AUTO_CREATE_GROUPS', False)
REMOTE_AUTH_BACKEND = getattr(configuration, 'REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend') REMOTE_AUTH_BACKEND = getattr(configuration, 'REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend')
REMOTE_AUTH_DEFAULT_GROUPS = getattr(configuration, 'REMOTE_AUTH_DEFAULT_GROUPS', []) REMOTE_AUTH_DEFAULT_GROUPS = getattr(configuration, 'REMOTE_AUTH_DEFAULT_GROUPS', [])
REMOTE_AUTH_DEFAULT_PERMISSIONS = getattr(configuration, 'REMOTE_AUTH_DEFAULT_PERMISSIONS', {}) REMOTE_AUTH_DEFAULT_PERMISSIONS = getattr(configuration, 'REMOTE_AUTH_DEFAULT_PERMISSIONS', {})

44
netbox/netbox/tests/test_authentication.py
View File

@ -310,6 +310,50 @@ class ExternalAuthenticationTestCase(TestCase):
list(new_user.groups.all()) list(new_user.groups.all())
) )
@override_settings(
REMOTE_AUTH_ENABLED=True,
REMOTE_AUTH_AUTO_CREATE_USER=True,
REMOTE_AUTH_GROUP_SYNC_ENABLED=True,
REMOTE_AUTH_AUTO_CREATE_GROUPS=True,
LOGIN_REQUIRED=True,
)
def test_remote_auth_remote_groups_autocreate(self):
"""
Test enabling remote authentication with group sync and autocreate
enabled with the default configuration.
"""
headers = {
"HTTP_REMOTE_USER": "remoteuser2",
"HTTP_REMOTE_USER_GROUP": "Group 1|Group 2",
}
self.assertTrue(settings.REMOTE_AUTH_ENABLED)
self.assertTrue(settings.REMOTE_AUTH_AUTO_CREATE_USER)
self.assertTrue(settings.REMOTE_AUTH_AUTO_CREATE_GROUPS)
self.assertTrue(settings.REMOTE_AUTH_GROUP_SYNC_ENABLED)
self.assertEqual(settings.REMOTE_AUTH_HEADER, "HTTP_REMOTE_USER")
self.assertEqual(settings.REMOTE_AUTH_GROUP_HEADER, "HTTP_REMOTE_USER_GROUP")
self.assertEqual(settings.REMOTE_AUTH_GROUP_SEPARATOR, "|")
groups = (
Group(name="Group 1"),
Group(name="Group 2"),
)
response = self.client.get(reverse("home"), follow=True, **headers)
self.assertEqual(response.status_code, 200)
new_user = User.objects.get(username="remoteuser2")
self.assertEqual(
int(self.client.session.get("_auth_user_id")),
new_user.pk,
msg="Authentication failed",
)
self.assertListEqual(
[group.name for group in groups],
[group.name for group in list(new_user.groups.all())],
)
@override_settings( @override_settings(
REMOTE_AUTH_ENABLED=True, REMOTE_AUTH_ENABLED=True,
REMOTE_AUTH_AUTO_CREATE_USER=True, REMOTE_AUTH_AUTO_CREATE_USER=True,