Add configuration parameter to toggle GraphQL API

2024-05-10 07:54:54 +00:00 · 2021-06-29 13:30:38 -04:00
parent 05ba54b6d3
commit 8d2f79cf24
5 changed files with 26 additions and 1 deletions
--- a/netbox/netbox/configuration.example.py
+++ b/netbox/netbox/configuration.example.py
@ -149,6 +149,9 @@ EXEMPT_VIEW_PERMISSIONS = [
    # 'ipam.prefix',
 ]

+# Enable the GraphQL API
+GRAPHQL_ENABLED = True
+
 # HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
 # HTTP_PROXIES = {
 #     'http': 'http://10.10.1.10:3128',
--- a/netbox/netbox/graphql/views.py
+++ b/netbox/netbox/graphql/views.py
@ -1,6 +1,6 @@
 from django.conf import settings
 from django.contrib.auth.views import redirect_to_login
-from django.http import HttpResponseForbidden
+from django.http import HttpResponseNotFound, HttpResponseForbidden
 from django.urls import reverse
 from graphene_django.views import GraphQLView as GraphQLView_
 from rest_framework.exceptions import AuthenticationFailed
@ -14,6 +14,10 @@ class GraphQLView(GraphQLView_):
    """
    def dispatch(self, request, *args, **kwargs):

+        # Enforce GRAPHQL_ENABLED
+        if not settings.GRAPHQL_ENABLED:
+            return HttpResponseNotFound("The GraphQL API is not enabled.")
+
        # Attempt to authenticate the user using a DRF token, if provided
        if not request.user.is_authenticated:
            authenticator = TokenAuthentication()
--- a/netbox/netbox/settings.py
+++ b/netbox/netbox/settings.py
@ -83,6 +83,7 @@ DOCS_ROOT = getattr(configuration, 'DOCS_ROOT', os.path.join(os.path.dirname(BAS
 EMAIL = getattr(configuration, 'EMAIL', {})
 ENFORCE_GLOBAL_UNIQUE = getattr(configuration, 'ENFORCE_GLOBAL_UNIQUE', False)
 EXEMPT_VIEW_PERMISSIONS = getattr(configuration, 'EXEMPT_VIEW_PERMISSIONS', [])
+GRAPHQL_ENABLED = getattr(configuration, 'GRAPHQL_ENABLED', True)
 HTTP_PROXIES = getattr(configuration, 'HTTP_PROXIES', None)
 INTERNAL_IPS = getattr(configuration, 'INTERNAL_IPS', ('127.0.0.1', '::1'))
 LOGGING = getattr(configuration, 'LOGGING', {})
--- a/netbox/netbox/tests/test_graphql.py
+++ b/netbox/netbox/tests/test_graphql.py
@ -6,6 +6,15 @@ from utilities.testing import disable_warnings, TestCase

 class GraphQLTestCase(TestCase):

+    @override_settings(GRAPHQL_ENABLED=False)
+    def test_graphql_enabled(self):
+        """
+        The /graphql URL should return a 404 when GRAPHQL_ENABLED=False
+        """
+        url = reverse('graphql')
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 404)
+
    @override_settings(LOGIN_REQUIRED=True)
    def test_graphiql_interface(self):
        """