Field-Level Permissions for Object Access #11051

New Issue

Closed

opened 2025-12-29 21:39:39 +01:00 by adam · 1 comment

adam commented 2025-12-29 21:39:39 +01:00

Owner

Copy Link

Originally created by @jonasnieberle on GitHub (Apr 17, 2025).

NetBox version

v4.2.7

Feature type

Data model extension

Proposed functionality

Currently, NetBox allows permissions to be assigned at the object level using the existing ObjectPermission model.
For example, a user can be granted the view action on the IPAM > VLANs object, which gives access to the entire object.
This feature proposes extending the permission system to support field-level access control within objects. This means that actions like view or change can be scoped not just to a model, but to specific fields within that model.

For example, an admin could configure a permission such that a user can:
Only view the site, name, and description fields of a VLAN.
Be restricted from viewing or editing other fields such as vid, tenant, status, or role.

The implementation could build on the current ObjectPermission model by adding a fields attribute that lists the allowed fields for that permission.
If no fields are defined, behavior would fall back to current full-object access.

Changes would also need to be reflected in:

• Serializers: to exclude or redact unauthorized fields in API responses.
• UI templates/forms: to hide or disable fields the user lacks permission to view or edit.
• Validation logic: to prevent submission of unauthorized field changes.

I only find the following discussion about the topic: https://github.com/netbox-community/netbox/discussions/15448

Use case

NetBox is used by multiple teams with different responsibilities and levels of data sensitivity. For example, a field technician might need to look up VLAN information when working at a site but only requires access to high-level fields like location and description. They should not be able to see or modify sensitive fields such as VLAN ID, tenant, or status.

By introducing field-level permissions:

• Teams get tailored access aligned with their responsibilities.
• Sensitive information is protected and only visible to authorized roles.
• The user interface becomes cleaner and less cluttered for users with limited scope.
• It enables implementation of least privilege and data minimization policies.

Database changes

This feature could be implemented by extending the existing ObjectPermission model to include an optional fields attribute (e.g., a list of field names the permission applies to). No entirely new models would be required.

External dependencies

No response

Originally created by @jonasnieberle on GitHub (Apr 17, 2025). ### NetBox version v4.2.7 ### Feature type Data model extension ### Proposed functionality Currently, NetBox allows permissions to be assigned at the object level using the existing ObjectPermission model. For example, a user can be granted the view action on the IPAM > VLANs object, which gives access to the entire object. This feature proposes extending the permission system to support field-level access control within objects. This means that actions like view or change can be scoped not just to a model, but to specific fields within that model. For example, an admin could configure a permission such that a user can: Only view the site, name, and description fields of a VLAN. Be restricted from viewing or editing other fields such as vid, tenant, status, or role. The implementation could build on the current ObjectPermission model by adding a fields attribute that lists the allowed fields for that permission. If no fields are defined, behavior would fall back to current full-object access. Changes would also need to be reflected in: - Serializers: to exclude or redact unauthorized fields in API responses. - UI templates/forms: to hide or disable fields the user lacks permission to view or edit. - Validation logic: to prevent submission of unauthorized field changes. I only find the following discussion about the topic: https://github.com/netbox-community/netbox/discussions/15448 ### Use case NetBox is used by multiple teams with different responsibilities and levels of data sensitivity. For example, a field technician might need to look up VLAN information when working at a site but only requires access to high-level fields like location and description. They should not be able to see or modify sensitive fields such as VLAN ID, tenant, or status. By introducing field-level permissions: - Teams get tailored access aligned with their responsibilities. - Sensitive information is protected and only visible to authorized roles. - The user interface becomes cleaner and less cluttered for users with limited scope. - It enables implementation of least privilege and data minimization policies. ### Database changes This feature could be implemented by extending the existing ObjectPermission model to include an optional fields attribute (e.g., a list of field names the permission applies to). No entirely new models would be required. ### External dependencies _No response_

adam added the type: feature label 2025-12-29 21:39:39 +01:00

adam closed this issue 2025-12-29 21:39:39 +01:00

adam commented 2025-12-29 21:39:40 +01:00

Author

Owner

Copy Link

@arthanson commented on GitHub (Apr 17, 2025):

Thank you for submitting your idea. Unfortunately, the proposed feature falls outside the scope of functionality that NetBox aims to provide. As NetBox is an open source application with limited development resources and a persistent backlog of existing work, it is crucial that we limit the scope of development to ensure it remains a maintainable project for many years to come. Thank you for your understanding.

If you want to look into this more, please go ahead and put together a proof of concept and we can take a look at it.

@arthanson commented on GitHub (Apr 17, 2025): Thank you for submitting your idea. Unfortunately, the proposed feature falls outside the scope of functionality that NetBox aims to provide. As NetBox is an open source application with limited development resources and a persistent backlog of existing work, it is crucial that we limit the scope of development to ensure it remains a maintainable project for many years to come. Thank you for your understanding. If you want to look into this more, please go ahead and put together a proof of concept and we can take a look at it.

adam referenced this issue 2025-12-29 23:20:30 +01:00

[PR #11051] [MERGED] 11048 fix connected_endpoint refs #13731

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update-changelog-comments-docs

feature-removal-issue-type

20911-dropdown

20239-plugin-menu-classes-mutable-state

21097-graphql-id-lookups

feature

fix_module_substitution

20923-dcim-templates

20044-elevation-stuck-lightmode

feature-ip-prefix-link

v4.5-beta1-release

20068-import-moduletype-attrs

20766-fix-german-translation-code-literals

20378-del-script

7604-filter-modifiers-v3

circuit-swap

12318-case-insensitive-uniqueness

20637-improve-device-q-filter

20660-script-load

19724-graphql

20614-update-ruff

14884-script

02496-max-page

19720-macaddress-interface-generic-relation

19408-circuit-terminations-export-templates

20203-openapi-check

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

v4.5.0

v4.4.10

v4.4.9

v4.5.0-beta1

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.3.7

v4.4.0-beta1

v4.3.6

v4.3.5

v4.3.4

v4.3.3

v4.3.2

v4.3.1

v4.3.0

v4.2.9

v4.3.0-beta2

v4.2.8

v4.3.0-beta1

v4.2.7

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.1.11

v4.1.10

v4.1.9

v4.1.8

v4.2-beta1

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.11

v4.0.10

v4.0.9

v4.1-beta1

v4.0.8

v4.0.7

v4.0.6

v4.0.5

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.7.8

v3.7.7

v4.0-beta2

v3.7.6

v3.7.5

v4.0-beta1

v3.7.4

v3.7.3

v3.7.2

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.7-beta1

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

v3.6.0

v3.5.9

v3.6-beta2

v3.5.8

v3.6-beta1

v3.5.7

v3.5.6

v3.5.5

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.10

v3.4.9

v3.5-beta2

v3.4.8

v3.5-beta1

v3.4.7

v3.4.6

v3.4.5

v3.4.4

v3.4.3

v3.4.2

v3.4.1

v3.4.0

v3.3.10

v3.3.9

v3.4-beta1

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.3-beta2

v3.2.7

v3.3-beta1

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.11

v3.1.10

v3.2-beta2

v3.1.9

v3.2-beta1

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.12

v3.0.11

v3.0.10

v3.1-beta1

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.12

v3.0-beta2

v2.11.11

v2.11.10

v3.0-beta1

v2.11.9

v2.11.8

v2.11.7

v2.11.6

v2.11.5

v2.11.4

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.10

v2.10.9

v2.11-beta1

v2.10.8

v2.10.7

v2.10.6

v2.10.5

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.11

v2.10-beta2

v2.9.10

v2.10-beta1

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.9-beta2

v2.8.9

v2.9-beta1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.12

v2.6.11

v2.6.10

v2.6.9

v2.7-beta1

Solcon-2020-01-06

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.13

v2.5.12

v2.6-beta1

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.9

v2.5-beta2

v2.4.8

v2.5-beta1

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.7

v2.4-beta1

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.10

v2.3-beta2

v2.2.9

v2.3-beta1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.6

v2.2-beta2

v2.1.5

v2.2-beta1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.1-beta1

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0-beta3

v1.9.6

v1.9.5

v2.0-beta2

v1.9.4-r1

v1.9.3

v2.0-beta1

v1.9.2

v1.9.1

v1.9.0-r1

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2-r1

v1.7.1

v1.7.0

v1.6.3

v1.6.2-r1

v1.6.1-r1

1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.7-r1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3-r1

v1.0.3

1.0.0

Labels

Clear labels

beta

breaking change

complexity: high

complexity: low

complexity: medium

needs milestone

netbox

pending closure

plugin candidate

pull-request

Mirrored from GitHub Pull Request

severity: high

severity: low

severity: medium

status: accepted

status: backlog

status: blocked

status: duplicate

status: needs owner

status: needs triage

status: revisions needed

status: under review

topic: GraphQL

topic: Internationalization

topic: OpenAPI

topic: UI/UX

topic: cabling

topic: event rules

topic: htmx navigation

topic: industrialization

topic: migrations

topic: plugins

topic: scripts

topic: templating

topic: testing

type: bug

type: deprecation

type: documentation

type: feature

type: housekeeping

type: translation

No Label type: feature

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/netbox#11051