From 4053a714f8dee44366b3120f57e0b19fa6450871 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 13 Oct 2018 17:44:01 +0200 Subject: [PATCH] Add permissions to user/group initializers Thank you @bdlamprecht for researching how to add permissions to users and groups in #92. Fixes #92 --- README.md | 9 +++++++++ initializers/groups.yml | 7 +++++++ initializers/users.yml | 7 +++++++ startup_scripts/00_users.py | 10 +++++++++- startup_scripts/10_groups.py | 12 ++++++++++-- 5 files changed, 42 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b8b541c..36faed4 100644 --- a/README.md +++ b/README.md @@ -188,6 +188,15 @@ text_field: [netbox-docker-initializers]: https://github.com/ninech/netbox-docker/tree/master/initializers [netbox-docker-compose]: https://github.com/ninech/netbox-docker/blob/master/docker-compose.yml +##### Available Groups for User/Group initializers + +To get an up-to-date list about all the available permissions, run the following command. + +```bash +# Make sure the 'netbox' container is already running! If unsure, run `docker-compose up -d` +echo "from django.contrib.auth.models import Permission\nfor p in Permission.objects.all():\n print(p.codename);" | docker-compose exec -T netbox ./manage.py shell +``` + #### Custom Docker Image You can also build your own NetBox Docker image containing your own startup scripts, custom fields, users and groups diff --git a/initializers/groups.yml b/initializers/groups.yml index 1f4a5a7..7bdd0a7 100644 --- a/initializers/groups.yml +++ b/initializers/groups.yml @@ -7,3 +7,10 @@ # writers: # users: # - writer +# permissions: +# - add_device +# - change_device +# - delete_device +# - add_virtualmachine +# - change_virtualmachine +# - delete_virtualmachine diff --git a/initializers/users.yml b/initializers/users.yml index ed57fef..64c005c 100644 --- a/initializers/users.yml +++ b/initializers/users.yml @@ -4,3 +4,10 @@ # password: reader # writer: # password: writer +# permissions: +# - add_device +# - change_device +# - delete_device +# - add_virtualmachine +# - change_virtualmachine +# - delete_virtualmachine diff --git a/startup_scripts/00_users.py b/startup_scripts/00_users.py index 1db0ebe..d8f6b65 100644 --- a/startup_scripts/00_users.py +++ b/startup_scripts/00_users.py @@ -1,4 +1,4 @@ -from django.contrib.auth.models import Group, User +from django.contrib.auth.models import Permission, Group, User from users.models import Token from ruamel.yaml import YAML @@ -18,3 +18,11 @@ with open('/opt/netbox/initializers/users.yml', 'r') as stream: if user_details.get('api_token', 0): Token.objects.create(user=user, key=user_details['api_token']) + + user_permissions = user_details.get('permissions', []) + if user_permissions: + user.user_permissions.clear() + for permission_codename in user_details.get('permissions', []): + permission = Permission.objects.get(codename=permission_codename) + user.user_permissions.add(permission) + user.save() diff --git a/startup_scripts/10_groups.py b/startup_scripts/10_groups.py index 7932874..850094c 100644 --- a/startup_scripts/10_groups.py +++ b/startup_scripts/10_groups.py @@ -1,4 +1,4 @@ -from django.contrib.auth.models import Group, User +from django.contrib.auth.models import Permission, Group, User from ruamel.yaml import YAML with open('/opt/netbox/initializers/groups.yml', 'r') as stream: @@ -12,8 +12,16 @@ with open('/opt/netbox/initializers/groups.yml', 'r') as stream: if created: print("👥 Created group", groupname) - for username in group_details['users']: + for username in group_details.get('users', []): user = User.objects.get(username=username) if user: user.groups.add(group) + + group_permissions = group_details.get('permissions', []) + if group_permissions: + group.permissions.clear() + print("Permissions:", group.permissions.all()) + for permission_codename in group_details.get('permissions', []): + permission = Permission.objects.get(codename=permission_codename) + group.permissions.add(permission)