From a4789ba9c74c7f038c769b8b228306f8331e5b39 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Mon, 6 May 2024 16:57:14 -0400 Subject: [PATCH 1/2] Fixes #15977: Hide all admin menu items for non-authenticated users --- netbox/netbox/navigation/__init__.py | 1 + netbox/netbox/navigation/menu.py | 11 +++++++++-- netbox/utilities/templatetags/navigation.py | 2 ++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/netbox/netbox/navigation/__init__.py b/netbox/netbox/navigation/__init__.py index d13282f7ecf..b4f7dbd9f58 100644 --- a/netbox/netbox/navigation/__init__.py +++ b/netbox/netbox/navigation/__init__.py @@ -32,6 +32,7 @@ class MenuItem: link: str link_text: str permissions: Optional[Sequence[str]] = () + auth_required: Optional[bool] = False staff_only: Optional[bool] = False buttons: Optional[Sequence[MenuItemButton]] = () diff --git a/netbox/netbox/navigation/menu.py b/netbox/netbox/navigation/menu.py index 4fe16e773a4..2a58b277e76 100644 --- a/netbox/netbox/navigation/menu.py +++ b/netbox/netbox/navigation/menu.py @@ -371,6 +371,7 @@ MenuItem( link=f'users:user_list', link_text=_('Users'), + auth_required=True, permissions=[f'auth.view_user'], buttons=( MenuItemButton( @@ -390,6 +391,7 @@ MenuItem( link=f'users:group_list', link_text=_('Groups'), + auth_required=True, permissions=[f'auth.view_group'], buttons=( MenuItemButton( @@ -409,12 +411,14 @@ MenuItem( link=f'users:token_list', link_text=_('API Tokens'), + auth_required=True, permissions=[f'users.view_token'], buttons=get_model_buttons('users', 'token') ), MenuItem( link=f'users:objectpermission_list', link_text=_('Permissions'), + auth_required=True, permissions=[f'users.view_objectpermission'], buttons=get_model_buttons('users', 'objectpermission', actions=['add']) ), @@ -425,16 +429,19 @@ items=( MenuItem( link='core:system', - link_text=_('System') + link_text=_('System'), + auth_required=True ), MenuItem( link='core:configrevision_list', link_text=_('Configuration History'), + auth_required=True, permissions=['core.view_configrevision'] ), MenuItem( link='core:background_queue_list', - link_text=_('Background Tasks') + link_text=_('Background Tasks'), + auth_required=True ), ), ), diff --git a/netbox/utilities/templatetags/navigation.py b/netbox/utilities/templatetags/navigation.py index fd492db2225..5911655fe04 100644 --- a/netbox/utilities/templatetags/navigation.py +++ b/netbox/utilities/templatetags/navigation.py @@ -26,6 +26,8 @@ def nav(context): for group in menu.groups: items = [] for item in group.items: + if item.auth_required and not user.is_authenticated: + continue if not user.has_perms(item.permissions): continue if item.staff_only and not user.is_staff: From 5e86b8f63457b5cc6ee6fbb9c21b245322907343 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Mon, 6 May 2024 17:22:31 -0400 Subject: [PATCH 2/2] Account for absence of auth_required on PluginMenuItem --- netbox/utilities/templatetags/navigation.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netbox/utilities/templatetags/navigation.py b/netbox/utilities/templatetags/navigation.py index 5911655fe04..176996aa13c 100644 --- a/netbox/utilities/templatetags/navigation.py +++ b/netbox/utilities/templatetags/navigation.py @@ -26,7 +26,7 @@ def nav(context): for group in menu.groups: items = [] for item in group.items: - if item.auth_required and not user.is_authenticated: + if getattr(item, 'auth_required', False) and not user.is_authenticated: continue if not user.has_perms(item.permissions): continue