Add permissions to user/group initializers

Thank you @bdlamprecht for researching how to add permissions to users and groups in #92. Fixes #92
2018-10-13 17:44:01 +02:00 · 2018-10-13 17:44:01 +02:00 · 4053a714f8
parent f1ebd4d246
commit 4053a714f8
5 changed files with 42 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -188,6 +188,15 @@ text_field:
 [netbox-docker-initializers]: https://github.com/ninech/netbox-docker/tree/master/initializers
 [netbox-docker-compose]: https://github.com/ninech/netbox-docker/blob/master/docker-compose.yml

+##### Available Groups for User/Group initializers
+
+To get an up-to-date list about all the available permissions, run the following command.
+
+```bash
+# Make sure the 'netbox' container is already running! If unsure, run `docker-compose up -d`
+echo "from django.contrib.auth.models import Permission\nfor p in Permission.objects.all():\n  print(p.codename);" | docker-compose exec -T netbox ./manage.py shell
+```
+
 #### Custom Docker Image

 You can also build your own NetBox Docker image containing your own startup scripts, custom fields, users and groups
--- a/initializers/groups.yml
+++ b/initializers/groups.yml
@ -7,3 +7,10 @@
 # writers:
 #   users:
 #   - writer
+#   permissions:
+#   - add_device
+#   - change_device
+#   - delete_device
+#   - add_virtualmachine
+#   - change_virtualmachine
+#   - delete_virtualmachine
--- a/initializers/users.yml
+++ b/initializers/users.yml
@ -4,3 +4,10 @@
 #   password: reader
 # writer:
 #   password: writer
+#   permissions:
+#   - add_device
+#   - change_device
+#   - delete_device
+#   - add_virtualmachine
+#   - change_virtualmachine
+#   - delete_virtualmachine
--- a/startup_scripts/00_users.py
+++ b/startup_scripts/00_users.py
@ -1,4 +1,4 @@
-from django.contrib.auth.models import Group, User
+from django.contrib.auth.models import Permission, Group, User
 from users.models import Token

 from ruamel.yaml import YAML
@ -18,3 +18,11 @@ with open('/opt/netbox/initializers/users.yml', 'r') as stream:

        if user_details.get('api_token', 0):
          Token.objects.create(user=user, key=user_details['api_token'])
+
+        user_permissions = user_details.get('permissions', [])
+        if user_permissions:
+          user.user_permissions.clear()
+          for permission_codename in user_details.get('permissions', []):
+            permission = Permission.objects.get(codename=permission_codename)
+            user.user_permissions.add(permission)
+          user.save()
--- a/startup_scripts/10_groups.py
+++ b/startup_scripts/10_groups.py
@ -1,4 +1,4 @@
-from django.contrib.auth.models import Group, User
+from django.contrib.auth.models import Permission, Group, User
 from ruamel.yaml import YAML

 with open('/opt/netbox/initializers/groups.yml', 'r') as stream:
@ -12,8 +12,16 @@ with open('/opt/netbox/initializers/groups.yml', 'r') as stream:
      if created:
        print("👥 Created group", groupname)

-      for username in group_details['users']:
+      for username in group_details.get('users', []):
        user = User.objects.get(username=username)

        if user:
          user.groups.add(group)
+
+      group_permissions = group_details.get('permissions', [])
+      if group_permissions:
+        group.permissions.clear()
+        print("Permissions:", group.permissions.all())
+        for permission_codename in group_details.get('permissions', []):
+          permission = Permission.objects.get(codename=permission_codename)
+          group.permissions.add(permission)