Permission handling in external function

This move the setting of user and group permissions in the startup
script to its own function.
This commit is contained in:
Tobias Genannt 2020-02-12 08:34:01 +01:00
parent 882f7bcaf2
commit 8d3bd48c7a
4 changed files with 28 additions and 35 deletions

View File

@ -1,11 +1,10 @@
from django.contrib.auth.models import Permission, Group, User
from users.models import Token
from startup_script_utils import load_yaml
import sys
users = load_yaml('/opt/netbox/initializers/users.yml')
from django.contrib.auth.models import Group, User
from startup_script_utils import load_yaml, set_permissions
from users.models import Token
users = load_yaml('/opt/netbox/initializers/users.yml')
if users is None:
sys.exit()
@ -21,17 +20,4 @@ for username, user_details in users.items():
Token.objects.create(user=user, key=user_details['api_token'])
yaml_permissions = user_details.get('permissions', [])
if yaml_permissions:
subject = user.user_permissions
subject.clear()
for yaml_permission in yaml_permissions:
if '*' in yaml_permission:
permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
permissions = Permission.objects.filter(codename__iregex=permission_filter)
print(" ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
else:
permissions = Permission.objects.filter(codename=yaml_permission)
print(" ⚿ Granting permission", yaml_permission)
for permission in permissions:
subject.add(permission)
set_permissions(user.user_permissions, yaml_permissions)

View File

@ -1,7 +1,8 @@
from django.contrib.auth.models import Permission, Group, User
from startup_script_utils import load_yaml
import sys
from django.contrib.auth.models import Group, User
from startup_script_utils import load_yaml, set_permissions
groups = load_yaml('/opt/netbox/initializers/groups.yml')
if groups is None:
sys.exit()
@ -19,17 +20,4 @@ for groupname, group_details in groups.items():
user.groups.add(group)
yaml_permissions = group_details.get('permissions', [])
if yaml_permissions:
subject = group.permissions
subject.clear()
for yaml_permission in yaml_permissions:
if '*' in yaml_permission:
permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
permissions = Permission.objects.filter(codename__iregex=permission_filter)
print(" ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
else:
permissions = Permission.objects.filter(codename=yaml_permission)
print(" ⚿ Granting permission", yaml_permission)
for permission in permissions:
subject.add(permission)
set_permissions(group.permissions, yaml_permissions)

View File

@ -1 +1,2 @@
from .load_yaml import load_yaml
from .permissions import set_permissions

View File

@ -0,0 +1,18 @@
from django.contrib.auth.models import Permission
def set_permissions(subject, permission_filters):
if subject is None or permission_filters is None:
return
subject.clear()
for permission_filter in permission_filters:
if "*" in permission_filter:
permission_filter_regex = "^" + permission_filter.replace("*", ".*") + "$"
permissions = Permission.objects.filter(codename__iregex=permission_filter_regex)
print(" ⚿ Granting", permissions.count(), "permissions matching '" + permission_filter + "'")
else:
permissions = Permission.objects.filter(codename=permission_filter)
print(" ⚿ Granting permission", permission_filter)
for permission in permissions:
subject.add(permission)