Related objects are saved in the same order as they are defined in the
input by the user. So related objects with a dependency on another need
to be saved after the related object they depend on. Which means that
when required, the order needs to be changed.
The related object lists are not part of the actual form, and the
individual related-object forms only cover the elements themselves. So
while the re-order should be done at the form-level during the clean-
step, there is no form covering the lists to use for that. Plus should
all errors be reported with their original location/index and not with
the fixed/resorted one, because these are not useful and even confusing
for the user. So the sorting should be done as late as possible, ideally
just before the save.
This adds a new `prep_related_object_list` hook, which gets passed each
list of related objects. This should only be used for modifications to
the list (aka order). Any changes to the individual objects should still
be done using the existing `prep_related_object_data` hook.
The passed list is not the plain list, but an enumerated variant. This
is needed to preserve the original index of the elements independently
from the actual (possibly changed) order the list, so any later detected
errors (for example by the elements form validation) can accurately be
reported back to the user.
Adding the field to the InterfaceTemplateImportForm is enough. The two
clean_*_type methods are for properly dynamically restricting what
values can be selected.
Elements of the "related objects list" are passed to the
`prep_related_object_data` function before any validation takes place,
with the potential of failing with a hard error. Similar to the "related
objects not list" case explicitly validate the elements general type,
and raise a normal validation error if it isn't a dictionary.
The related object fields are not covered by the form, so don't pass
any validation before trying to iterate over them and accessing their
elements. Instead of allowing a hard technical error to be raised,
explicitly check that it is indeed a list, and raise a normal validation
error if not.
Resolves performance issue where prefix deletion with 2000+ children
took 5-10 minutes due to sequential scans in hierarchy depth/children
calculations. Adding PostgreSQL GiST index with inet_ops enables efficient
network containment operators (>>, <<, <<=) in annotate_hierarchy() queries.
Performance impact:
- 30-60x speedup: 5-10 minutes → 10 seconds for large prefix deletions
- Real-world validation: 4s migration time on 1.24M prefix dataset
- Storage cost: 47MB index (11% of table storage, 38 bytes per prefix)
Works in conjunction with existing B-tree indexes on vrf_id for optimal
query performance. Benefits all network containment operations including
hierarchy navigation, aggregate views, and available IP/prefix calculations.
- Extract script list content into reusable partial template
- Add object-list CSS class for proper embedded table styling
- Hide module headers and management actions in widget context
- Use compact buttons with icon-only labels for widgets
- Add test coverage for embedded parameter handling
The embedded version now renders cleanly in dashboard widgets while
preserving full functionality in the main script list page.
* Fix MAC address pagination duplicates by adding 'pk' to model ordering
Add 'pk' to MACAddress model ordering to ensure deterministic results
when multiple MAC addresses have the same value. This prevents the same
MAC address from appearing on multiple pages during pagination.
The issue occurred because Django's default ordering by 'mac_address'
alone is non-deterministic when multiple records share the same MAC
address value, causing inconsistent pagination results when the same
MAC address is assigned to multiple interfaces on a device.
Added regression test that verifies MAC addresses with identical values
are properly ordered by their primary key, ensuring consistent pagination
behavior across the application.
Fixes netbox-community#19917
* Remove test
* Resolve migration conflict
---------
Co-authored-by: Jad Seifeddine <jseifeddine@macquarietelecom.com>
Co-authored-by: Jeremy Stretch <jstretch@netboxlabs.com>
Replace direct string concatenation with URLSearchParams to properly
encode user input in export link URLs, preventing injection of malicious
parameters or scripts through the search functionality.
Resolves CodeQL Alert #63 (js/xss-through-dom)
* Closes#19977: Denormalize site, location, and rack for device components
* Set blank=True on denormalized ForeignKeys
* Populate denormalized field in test data
* Ignore private fields when constructing test GraphQL requests
* Closes#19968: Use multiple selection lists for the assignment of object types when editing a permission
* Remove errant logging statements
* Defer compilation of choices for object_types
* Fix test data
