def add_permissions(self, *names): """ Assign a set of permissions to the test user. Accepts permission names in the form <app>.<action>_<model>. """ for name in names: ct, action = resolve_permission_ct(name) obj_perm = ObjectPermission(name=name, actions=[action]) obj_perm.save() obj_perm.users.add(self.user) obj_perm.object_types.add(ct)
def configure_user(self, request, user): logger = logging.getLogger('netbox.authentication.RemoteUserBackend') if not settings.REMOTE_AUTH_GROUP_SYNC_ENABLED: # Assign default groups to the user group_list = [] for name in settings.REMOTE_AUTH_DEFAULT_GROUPS: try: group_list.append(Group.objects.get(name=name)) except Group.DoesNotExist: logging.error( f"Could not assign group {name} to remotely-authenticated user {user}: Group not found" ) if group_list: user.groups.add(*group_list) logger.debug( f"Assigned groups to remotely-authenticated user {user}: {group_list}" ) # Assign default object permissions to the user permissions_list = [] for permission_name, constraints in settings.REMOTE_AUTH_DEFAULT_PERMISSIONS.items( ): try: object_type, action = resolve_permission_ct( permission_name) # TODO: Merge multiple actions into a single ObjectPermission per content type obj_perm = ObjectPermission(actions=[action], constraints=constraints) obj_perm.save() obj_perm.users.add(user) obj_perm.object_types.add(object_type) permissions_list.append(permission_name) except ValueError: logging.error( f"Invalid permission name: '{permission_name}'. Permissions must be in the form " "<app>.<action>_<model>. (Example: dcim.add_site)") if permissions_list: logger.debug( f"Assigned permissions to remotely-authenticated user {user}: {permissions_list}" ) else: logger.debug( f"Skipped initial assignment of permissions and groups to remotely-authenticated user {user} as Group sync is enabled" ) return user