Merge pull request #244 from ScanPlusGmbH/init-perms-function

Permission handling in external function

startup_scripts/000_users.py

@@ -1,11 +1,10 @@
-from django.contrib.auth.models import Permission, Group, User
-from users.models import Token
-
-from startup_script_utils import load_yaml
 import sys
 
-users = load_yaml('/opt/netbox/initializers/users.yml')
+from django.contrib.auth.models import Group, User
+from startup_script_utils import load_yaml, set_permissions
+from users.models import Token
 
+users = load_yaml('/opt/netbox/initializers/users.yml')
 if users is None:
   sys.exit()
 
@@ -21,17 +20,4 @@ for username, user_details in users.items():
       Token.objects.create(user=user, key=user_details['api_token'])
 
     yaml_permissions = user_details.get('permissions', [])
-    if yaml_permissions:
+    set_permissions(user.user_permissions, yaml_permissions)
-      subject = user.user_permissions
-      subject.clear()
-      for yaml_permission in yaml_permissions:
-        if '*' in yaml_permission:
-          permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
-          permissions = Permission.objects.filter(codename__iregex=permission_filter)
-          print("  ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
-        else:
-          permissions = Permission.objects.filter(codename=yaml_permission)
-          print("  ⚿ Granting permission", yaml_permission)
-
-        for permission in permissions:
-          subject.add(permission)

startup_scripts/010_groups.py

@@ -1,7 +1,8 @@
-from django.contrib.auth.models import Permission, Group, User
-from startup_script_utils import load_yaml
 import sys
 
+from django.contrib.auth.models import Group, User
+from startup_script_utils import load_yaml, set_permissions
+
 groups = load_yaml('/opt/netbox/initializers/groups.yml')
 if groups is None:
   sys.exit()
@@ -19,17 +20,4 @@ for groupname, group_details in groups.items():
       user.groups.add(group)
 
   yaml_permissions = group_details.get('permissions', [])
-  if yaml_permissions:
+  set_permissions(group.permissions, yaml_permissions)
-    subject = group.permissions
-    subject.clear()
-    for yaml_permission in yaml_permissions:
-      if '*' in yaml_permission:
-        permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
-        permissions = Permission.objects.filter(codename__iregex=permission_filter)
-        print("  ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
-      else:
-        permissions = Permission.objects.filter(codename=yaml_permission)
-        print("  ⚿ Granting permission", yaml_permission)
-
-      for permission in permissions:
-        subject.add(permission)

startup_scripts/startup_script_utils/__init__.py

@@ -1 +1,2 @@
 from .load_yaml import load_yaml
+from .permissions import set_permissions

startup_scripts/startup_script_utils/permissions.py

@@ -0,0 +1,18 @@
+from django.contrib.auth.models import Permission
+
+
+def set_permissions(subject, permission_filters):
+  if subject is None or permission_filters is None:
+    return
+  subject.clear()
+  for permission_filter in permission_filters:
+    if "*" in permission_filter:
+      permission_filter_regex = "^" + permission_filter.replace("*", ".*") + "$"
+      permissions = Permission.objects.filter(codename__iregex=permission_filter_regex)
+      print("  ⚿ Granting", permissions.count(), "permissions matching '" + permission_filter + "'")
+    else:
+      permissions = Permission.objects.filter(codename=permission_filter)
+      print("  ⚿ Granting permission", permission_filter)
+
+    for permission in permissions:
+      subject.add(permission)