Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config Compliance Table Doesn't Filter properly based on permissions. #863

Open
jeffkala opened this issue Jan 15, 2025 · 0 comments · May be fixed by #864
Open

Config Compliance Table Doesn't Filter properly based on permissions. #863

jeffkala opened this issue Jan 15, 2025 · 0 comments · May be fixed by #864

Comments

@jeffkala
Copy link
Contributor

Environment

  • Python version: 3.11
  • Nautobot version: 2.3
  • nautobot-golden-config version: 2.2

Expected Behavior

Set up permissions based on device tenant, should restrict the view on all GC views.

Observed Behavior

All restrictions work, except for Config Compliance list view, where it keeps all GC in scope devices listed.

Steps to Reproduce

  1. Setup GC with demo data and run compliance job
  2. Create a permission for one of the devices / attributes on the device (e.g tenant)
  3. Login with the user that has that permission assigned. Notice that the view is not restricted based on permissions.

The issue comes down to the viewset and the alter_queryset specifically.

Current

      def alter_queryset(self, request):
         """Build actual runtime queryset as the build time queryset of table `pivoted`."""
         return pivot(
             self.queryset,
             ["device", "device__name"],
             "rule__feature__slug",
             "compliance_int",
             aggregation=Max,
         )

Tested solution

    def alter_queryset(self, request):
        """Build actual runtime queryset as the build time queryset of table `pivoted`."""
        self.queryset = super().alter_queryset(request)  # <=========
        return pivot(
            self.queryset,
            ["device", "device__name"],
            "rule__feature__slug",
            "compliance_int",
            aggregation=Max,
        )
jeffkala added a commit that referenced this issue Jan 15, 2025
@jeffkala
fix permissions of views based on rbac, fixes #863
ec91616
@jeffkala jeffkala linked a pull request Jan 15, 2025 that will close this issue
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix permissions of views based on rbac, fixes #863 nautobot/nautobot-app-golden-config
1 participant
@jeffkala