From 05bcfd77222e5848962e5215ab30573bbfe2dd1f Mon Sep 17 00:00:00 2001 From: Brian Tiemann Date: Mon, 26 Aug 2024 13:52:35 -0400 Subject: [PATCH 1/3] Resolve $user token to User.id for use in permissions based on custom fields --- netbox/utilities/permissions.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/netbox/utilities/permissions.py b/netbox/utilities/permissions.py index 893cc619e0d..b6e707abeb6 100644 --- a/netbox/utilities/permissions.py +++ b/netbox/utilities/permissions.py @@ -1,7 +1,10 @@ from django.conf import settings +from django.apps import apps from django.db.models import Q from django.utils.translation import gettext_lazy as _ +from users.constants import CONSTRAINT_TOKEN_USER + __all__ = ( 'get_permission_for_model', 'permission_is_exempt', @@ -93,6 +96,9 @@ def qs_filter_from_constraints(constraints, tokens=None): def _replace_tokens(value, tokens): if type(value) is list: return list(map(lambda v: tokens.get(v, v), value)) + User = apps.get_model('users.User') + if value == CONSTRAINT_TOKEN_USER and type(tokens[CONSTRAINT_TOKEN_USER] is User): + return tokens[CONSTRAINT_TOKEN_USER].id return tokens.get(value, value) params = Q() From 8f5162ed023d1c22f8b2d257d73db93a4e00a676 Mon Sep 17 00:00:00 2001 From: Brian Tiemann Date: Mon, 26 Aug 2024 14:06:31 -0400 Subject: [PATCH 2/3] Cleaner type check --- netbox/utilities/permissions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netbox/utilities/permissions.py b/netbox/utilities/permissions.py index b6e707abeb6..321d065cf92 100644 --- a/netbox/utilities/permissions.py +++ b/netbox/utilities/permissions.py @@ -97,7 +97,7 @@ def _replace_tokens(value, tokens): if type(value) is list: return list(map(lambda v: tokens.get(v, v), value)) User = apps.get_model('users.User') - if value == CONSTRAINT_TOKEN_USER and type(tokens[CONSTRAINT_TOKEN_USER] is User): + if value == CONSTRAINT_TOKEN_USER and isinstance(tokens.get(CONSTRAINT_TOKEN_USER), User): return tokens[CONSTRAINT_TOKEN_USER].id return tokens.get(value, value) From 5e6aab33a6b7dd22471cdb7d3bd7f64b9b571a33 Mon Sep 17 00:00:00 2001 From: Brian Tiemann Date: Mon, 26 Aug 2024 15:12:05 -0400 Subject: [PATCH 3/3] Simplify User object check by updating tokens instead of resolved values --- netbox/utilities/permissions.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/netbox/utilities/permissions.py b/netbox/utilities/permissions.py index 321d065cf92..ba245dae159 100644 --- a/netbox/utilities/permissions.py +++ b/netbox/utilities/permissions.py @@ -93,12 +93,14 @@ def qs_filter_from_constraints(constraints, tokens=None): if tokens is None: tokens = {} + User = apps.get_model('users.User') + for token, value in tokens.items(): + if token == CONSTRAINT_TOKEN_USER and isinstance(value, User): + tokens[token] = value.id + def _replace_tokens(value, tokens): if type(value) is list: return list(map(lambda v: tokens.get(v, v), value)) - User = apps.get_model('users.User') - if value == CONSTRAINT_TOKEN_USER and isinstance(tokens.get(CONSTRAINT_TOKEN_USER), User): - return tokens[CONSTRAINT_TOKEN_USER].id return tokens.get(value, value) params = Q()