Merge branch 'feature' into issue_9536

2026-02-05 14:56:24 -06:00 · 2022-06-23 10:35:27 -04:00
parent 81cea9b9d9 f563ba7a9e
commit cfb9605e9b
182 changed files with 3327 additions and 1107 deletions
@@ -9,13 +9,14 @@ from django.db import models
 from django.db.models.signals import post_save
 from django.dispatch import receiver
 from django.utils import timezone
+from netaddr import IPNetwork

+from ipam.fields import IPNetworkField
 from netbox.config import get_config
 from utilities.querysets import RestrictedQuerySet
 from utilities.utils import flatten_dict
 from .constants import *

-
 __all__ = (
    'ObjectPermission',
    'Token',
@@ -220,6 +221,14 @@ class Token(models.Model):
        max_length=200,
        blank=True
    )
+    allowed_ips = ArrayField(
+        base_field=IPNetworkField(),
+        blank=True,
+        null=True,
+        verbose_name='Allowed IPs',
+        help_text='Allowed IPv4/IPv6 networks from where the token can be used. Leave blank for no restrictions. '
+                  'Ex: "10.1.1.0/24, 192.168.10.16/32, 2001:DB8:1::/64"',
+    )

    class Meta:
        pass
@@ -244,6 +253,19 @@ class Token(models.Model):
            return False
        return True

+    def validate_client_ip(self, client_ip):
+        """
+        Validate the API client IP address against the source IP restrictions (if any) set on the token.
+        """
+        if not self.allowed_ips:
+            return True
+
+        for ip_network in self.allowed_ips:
+            if client_ip in IPNetwork(ip_network):
+                return True
+
+        return False
+

 #
 # Permissions