Add ArrayField on ObjectPermission to store actions

2025-12-25 22:57:45 -06:00 · 2020-05-29 11:18:22 -04:00
parent cfc2425908
commit f197da97c2
7 changed files with 120 additions and 78 deletions
--- a/netbox/users/admin.py
+++ b/netbox/users/admin.py
@@ -2,9 +2,10 @@ from django import forms
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as UserAdmin_
 from django.contrib.auth.models import Group as StockGroup, User as StockUser
+from django.core.exceptions import FieldError, ValidationError

 from extras.admin import order_content_types
-from .models import Group, User, ObjectPermission, Token, UserConfig
+from .models import AdminGroup, AdminUser, ObjectPermission, Token, UserConfig


 #
@@ -16,7 +17,7 @@ admin.site.unregister(StockGroup)
 admin.site.unregister(StockUser)


-@admin.register(Group)
+@admin.register(AdminGroup)
 class GroupAdmin(admin.ModelAdmin):
    fields = ('name',)
    list_display = ('name', 'user_count')
@@ -34,7 +35,7 @@ class UserConfigInline(admin.TabularInline):
    verbose_name = 'Preferences'


-@admin.register(User)
+@admin.register(AdminUser)
 class UserAdmin(UserAdmin_):
    list_display = [
        'username', 'email', 'first_name', 'last_name', 'is_superuser', 'is_staff', 'is_active'
@@ -92,10 +93,41 @@ class ObjectPermissionForm(forms.ModelForm):
        order_content_types(self.fields['content_types'])
        self.fields['content_types'].choices.insert(0, ('', '---------'))

+    def clean(self):
+        content_types = self.cleaned_data['content_types']
+        attrs = self.cleaned_data['attrs']
+
+        # Validate the specified model attributes by attempting to execute a query. We don't care whether the query
+        # returns anything; we just want to make sure the specified attributes are valid.
+        if attrs:
+            for ct in content_types:
+                model = ct.model_class()
+                try:
+                    model.objects.filter(**attrs).exists()
+                except FieldError as e:
+                    raise ValidationError({
+                        'attrs': f'Invalid attributes for {model}: {e}'
+                    })
+

@admin.register(ObjectPermission)
 class ObjectPermissionAdmin(admin.ModelAdmin):
    form = ObjectPermissionForm
    list_display = [
-        'model', 'can_view', 'can_add', 'can_change', 'can_delete'
+        'list_models', 'list_users', 'list_groups', 'actions', 'attrs',
    ]
+
+    def get_queryset(self, request):
+        return super().get_queryset(request).prefetch_related('content_types', 'users', 'groups')
+
+    def list_models(self, obj):
+        return ', '.join([f"{ct}" for ct in obj.content_types.all()])
+    list_models.short_description = 'Models'
+
+    def list_users(self, obj):
+        return ', '.join([u.username for u in obj.users.all()])
+    list_users.short_description = 'Users'
+
+    def list_groups(self, obj):
+        return ', '.join([g.name for g in obj.groups.all()])
+    list_groups.short_description = 'Groups'