Permission handling in external function
This move the setting of user and group permissions in the startup script to its own function.
This commit is contained in:
parent
882f7bcaf2
commit
8d3bd48c7a
|
@ -1,11 +1,10 @@
|
|||
from django.contrib.auth.models import Permission, Group, User
|
||||
from users.models import Token
|
||||
|
||||
from startup_script_utils import load_yaml
|
||||
import sys
|
||||
|
||||
users = load_yaml('/opt/netbox/initializers/users.yml')
|
||||
from django.contrib.auth.models import Group, User
|
||||
from startup_script_utils import load_yaml, set_permissions
|
||||
from users.models import Token
|
||||
|
||||
users = load_yaml('/opt/netbox/initializers/users.yml')
|
||||
if users is None:
|
||||
sys.exit()
|
||||
|
||||
|
@ -21,17 +20,4 @@ for username, user_details in users.items():
|
|||
Token.objects.create(user=user, key=user_details['api_token'])
|
||||
|
||||
yaml_permissions = user_details.get('permissions', [])
|
||||
if yaml_permissions:
|
||||
subject = user.user_permissions
|
||||
subject.clear()
|
||||
for yaml_permission in yaml_permissions:
|
||||
if '*' in yaml_permission:
|
||||
permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
|
||||
permissions = Permission.objects.filter(codename__iregex=permission_filter)
|
||||
print(" ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
|
||||
else:
|
||||
permissions = Permission.objects.filter(codename=yaml_permission)
|
||||
print(" ⚿ Granting permission", yaml_permission)
|
||||
|
||||
for permission in permissions:
|
||||
subject.add(permission)
|
||||
set_permissions(user.user_permissions, yaml_permissions)
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
from django.contrib.auth.models import Permission, Group, User
|
||||
from startup_script_utils import load_yaml
|
||||
import sys
|
||||
|
||||
from django.contrib.auth.models import Group, User
|
||||
from startup_script_utils import load_yaml, set_permissions
|
||||
|
||||
groups = load_yaml('/opt/netbox/initializers/groups.yml')
|
||||
if groups is None:
|
||||
sys.exit()
|
||||
|
@ -19,17 +20,4 @@ for groupname, group_details in groups.items():
|
|||
user.groups.add(group)
|
||||
|
||||
yaml_permissions = group_details.get('permissions', [])
|
||||
if yaml_permissions:
|
||||
subject = group.permissions
|
||||
subject.clear()
|
||||
for yaml_permission in yaml_permissions:
|
||||
if '*' in yaml_permission:
|
||||
permission_filter = '^' + yaml_permission.replace('*','.*') + '$'
|
||||
permissions = Permission.objects.filter(codename__iregex=permission_filter)
|
||||
print(" ⚿ Granting", permissions.count(), "permissions matching '" + yaml_permission + "'")
|
||||
else:
|
||||
permissions = Permission.objects.filter(codename=yaml_permission)
|
||||
print(" ⚿ Granting permission", yaml_permission)
|
||||
|
||||
for permission in permissions:
|
||||
subject.add(permission)
|
||||
set_permissions(group.permissions, yaml_permissions)
|
||||
|
|
|
@ -1 +1,2 @@
|
|||
from .load_yaml import load_yaml
|
||||
from .permissions import set_permissions
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
from django.contrib.auth.models import Permission
|
||||
|
||||
|
||||
def set_permissions(subject, permission_filters):
|
||||
if subject is None or permission_filters is None:
|
||||
return
|
||||
subject.clear()
|
||||
for permission_filter in permission_filters:
|
||||
if "*" in permission_filter:
|
||||
permission_filter_regex = "^" + permission_filter.replace("*", ".*") + "$"
|
||||
permissions = Permission.objects.filter(codename__iregex=permission_filter_regex)
|
||||
print(" ⚿ Granting", permissions.count(), "permissions matching '" + permission_filter + "'")
|
||||
else:
|
||||
permissions = Permission.objects.filter(codename=permission_filter)
|
||||
print(" ⚿ Granting permission", permission_filter)
|
||||
|
||||
for permission in permissions:
|
||||
subject.add(permission)
|
Loading…
Reference in New Issue