mirror/netbox-community-netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2024-05-10 07:54:54 +00:00
Code Activity

Implement ObjectPermissionManager

Browse Source
This commit is contained in:
Jeremy Stretch
2020-05-11 14:32:10 -04:00
parent 06aca2e1d5
commit 63f842c7db
5 changed files with 85 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
netbox/netbox/authentication.py
View File

@ -14,22 +14,14 @@ class ObjectPermissionRequiredMixin(AccessMixin):
if self.request.user.has_perm(self.permission_required):
return True
# If not, check for an object-level permission
# If not, check for object-level permissions
app, codename = self.permission_required.split('.')
action, model_name = codename.split('_')
model = self.queryset.model
obj_permissions = ObjectPermission.objects.filter(
Q(users=self.request.user) | Q(groups__user=self.request.user),
model=ContentType.objects.get_for_model(model),
**{f'can_{action}': True}
)
if obj_permissions:
attrs = ObjectPermission.objects.get_attr_constraints(self.request.user, model, action)
if attrs:
# Update the view's QuerySet to filter only the permitted objects
# TODO: Do this more efficiently
for perm in obj_permissions:
self.queryset = self.queryset.filter(**perm.attrs)
self.queryset = self.queryset.filter(**attrs)
return True
return False