From ca634be7ad750f00011a51052acaa3724e293f5f Mon Sep 17 00:00:00 2001
From: Jeremy Stretch <jstretch@netboxlabs.com>
Date: Sun, 30 Jul 2023 14:32:02 -0400
Subject: [PATCH] Closes #13311: Always use get_permission_for_model() to
 resolve permission names

---
 netbox/netbox/authentication.py        | 2 +-
 netbox/netbox/tables/columns.py        | 3 ++-
 netbox/utilities/templatetags/perms.py | 8 ++++----
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/netbox/netbox/authentication.py b/netbox/netbox/authentication.py
index 61dfe2fdb..e4f9b42c2 100644
--- a/netbox/netbox/authentication.py
+++ b/netbox/netbox/authentication.py
@@ -119,7 +119,7 @@ class ObjectPermissionMixin:
             return True
 
         # Sanity check: Ensure that the requested permission applies to the specified object
-        model = obj._meta.model
+        model = obj._meta.concrete_model
         if model._meta.label_lower != '.'.join((app_label, model_name)):
             raise ValueError(f"Invalid permission {perm} for model {model}")
 
diff --git a/netbox/netbox/tables/columns.py b/netbox/netbox/tables/columns.py
index 26c2d1083..8df3cd1ce 100644
--- a/netbox/netbox/tables/columns.py
+++ b/netbox/netbox/tables/columns.py
@@ -16,6 +16,7 @@ from django_tables2.columns import library
 from django_tables2.utils import Accessor
 
 from extras.choices import CustomFieldTypeChoices
+from utilities.permissions import get_permission_for_model
 from utilities.templatetags.builtins.filters import render_markdown
 from utilities.utils import content_type_identifier, content_type_name, get_viewname
 
@@ -250,7 +251,7 @@ class ActionsColumn(tables.Column):
         dropdown_links = []
         user = getattr(request, 'user', AnonymousUser())
         for idx, (action, attrs) in enumerate(self.actions.items()):
-            permission = f'{model._meta.app_label}.{attrs.permission}_{model._meta.model_name}'
+            permission = get_permission_for_model(model, attrs.permission)
             if attrs.permission is None or user.has_perm(permission):
                 url = reverse(get_viewname(model, action), kwargs={'pk': record.pk})
 
diff --git a/netbox/utilities/templatetags/perms.py b/netbox/utilities/templatetags/perms.py
index 2eef7e580..2c14da9b7 100644
--- a/netbox/utilities/templatetags/perms.py
+++ b/netbox/utilities/templatetags/perms.py
@@ -1,5 +1,7 @@
 from django import template
 
+from utilities.permissions import get_permission_for_model
+
 __all__ = (
     'can_add',
     'can_change',
@@ -12,10 +14,8 @@ register = template.Library()
 
 
 def _check_permission(user, instance, action):
-    return user.has_perm(
-        perm=f'{instance._meta.app_label}.{action}_{instance._meta.model_name}',
-        obj=instance
-    )
+    permission = get_permission_for_model(instance, action)
+    return user.has_perm(perm=permission, obj=instance)
 
 
 @register.filter()