review feedback:

2026-03-31 14:43:36 +02:00 · 2026-03-30 14:21:31 -07:00
parent df216cc0f1
commit ad2dd3cc85
2 changed files with 16 additions and 8 deletions
--- a/netbox/extras/api/serializers_/scripts.py
+++ b/netbox/extras/api/serializers_/scripts.py
@@ -1,5 +1,5 @@
 from django.core.files.storage import storages
-from django.utils.translation import gettext as _
+from django.utils.translation import gettext_lazy as _
 from drf_spectacular.utils import extend_schema_field
 from rest_framework import serializers

@@ -19,7 +19,7 @@ __all__ = (


 class ScriptModuleSerializer(ValidatedModelSerializer):
-    url = None
+    url = serializers.SerializerMethodField(read_only=True)
    data_source = DataSourceSerializer(nested=True, required=False, allow_null=True)
    data_file = DataFileSerializer(nested=True, required=False, allow_null=True)
    upload_file = serializers.FileField(write_only=True, required=False, allow_null=True)
@@ -28,11 +28,17 @@ class ScriptModuleSerializer(ValidatedModelSerializer):
    class Meta:
        model = ScriptModule
        fields = [
-            'id', 'display', 'file_path', 'upload_file',
+            'id', 'url', 'display', 'file_path', 'upload_file',
            'data_source', 'data_file', 'auto_sync_enabled',
            'created', 'last_updated',
        ]
-        brief_fields = ('id', 'display')
+        brief_fields = ('id', 'url', 'display')
+
+    @extend_schema_field(serializers.URLField())
+    def get_url(self, obj):
+        from rest_framework.reverse import reverse
+        request = self.context.get('request')
+        return reverse('extras-api:script-list', request=request)

    def validate(self, data):
        upload_file = data.pop('upload_file', None)
--- a/netbox/extras/api/views.py
+++ b/netbox/extras/api/views.py
@@ -267,6 +267,8 @@ class ConfigTemplateViewSet(SyncedDataMixin, ConfigTemplateRenderMixin, NetBoxMo

@extend_schema_view(
    create=extend_schema(request=serializers.ScriptModuleSerializer),
+    update=extend_schema(responses=serializers.ScriptSerializer),
+    partial_update=extend_schema(responses=serializers.ScriptSerializer),
 )
 class ScriptViewSet(ModelViewSet):
    permission_classes = [IsAuthenticatedOrLoginNotRequired]
@@ -311,13 +313,13 @@ class ScriptViewSet(ModelViewSet):
        return Response(serializer.data, status=status.HTTP_201_CREATED)

    def update(self, request, *args, **kwargs):
-        if not request.user.has_perm('extras.change_script'):
-            raise PermissionDenied(_("This user does not have permission to modify scripts."))
+        if not request.user.has_perm('extras.change_scriptmodule'):
+            raise PermissionDenied(_("This user does not have permission to modify script modules."))
        return super().update(request, *args, **kwargs)

    def destroy(self, request, *args, **kwargs):
-        if not request.user.has_perm('extras.delete_script'):
-            raise PermissionDenied(_("This user does not have permission to delete scripts."))
+        if not request.user.has_perm('extras.delete_scriptmodule'):
+            raise PermissionDenied(_("This user does not have permission to delete script modules."))
        return super().destroy(request, *args, **kwargs)

    def _get_script(self, pk):