Users can only see Custom scripts allowed based on Permissions #11258

New Issue

Closed

opened 2025-12-29 21:42:35 +01:00 by adam · 4 comments

adam commented 2025-12-29 21:42:35 +01:00

Owner

Copy Link

Originally created by @AaronJamesMyers on GitHub (Jun 4, 2025).

NetBox version

4.1.10

Feature type

New functionality

Proposed functionality

Being able to filter which scripts a user can see based on their permissions/permission groups

Use case

We have scripts created to create numerous types of devices, and each device has its own requirements and is managed by a seperate group.

for example. someone who works to install Wireless equipment has a certain set of scripts. A person who installs transport equipment has another set of scripts. Someone in the NOC has another set of scripts.

We have implemented permissions to run those scripts outside of Netbox. but even if a user can't run the script they can still see it. The main issue is that any user may only need a handful of scripts, but they may need to scroll through dozens of scripts to find the small subset of scripts that their group uses/has access to.

Database changes

I dont think DB changes are necessary(I THINK there is a db entry for scripts now?)

External dependencies

No response

Revisions:
Im not exactly sure how it would work, but my thought would be that you create a permission group called "WIRELESS PROVISIONERS" then you add that permission to users A, B, and C.

Then only people in the 'WIRELESS PROVISIONERS" group will be able to see script 1,2,and 6. in the script_list view.

Or Maybe it could be added as a permission. I tried adding this as a JSON in a "permission" but it didnt work.

so you would have a permission that would say have "view/run" access to script_id 10,15,20. then you apply that permission to a group. then anyone in that group would be able to ONLY view scripts with id 10,15,20.

Originally created by @AaronJamesMyers on GitHub (Jun 4, 2025). ### NetBox version 4.1.10 ### Feature type New functionality ### Proposed functionality Being able to filter which scripts a user can see based on their permissions/permission groups ### Use case We have scripts created to create numerous types of devices, and each device has its own requirements and is managed by a seperate group. for example. someone who works to install Wireless equipment has a certain set of scripts. A person who installs transport equipment has another set of scripts. Someone in the NOC has another set of scripts. We have implemented permissions to run those scripts outside of Netbox. but even if a user can't run the script they can still see it. The main issue is that any user may only need a handful of scripts, but they may need to scroll through dozens of scripts to find the small subset of scripts that their group uses/has access to. ### Database changes I dont think DB changes are necessary(I THINK there is a db entry for scripts now?) ### External dependencies _No response_ Revisions: Im not exactly sure how it would work, but my thought would be that you create a permission group called "WIRELESS PROVISIONERS" then you add that permission to users A, B, and C. Then only people in the 'WIRELESS PROVISIONERS" group will be able to see script 1,2,and 6. in the script_list view. Or Maybe it could be added as a permission. I tried adding this as a JSON in a "permission" but it didnt work. so you would have a permission that would say have "view/run" access to script_id 10,15,20. then you apply that permission to a group. then anyone in that group would be able to ONLY view scripts with id 10,15,20.

adam added the type: featurepending closurestatus: revisions needed labels 2025-12-29 21:42:35 +01:00

adam closed this issue 2025-12-29 21:42:35 +01:00

adam commented 2025-12-29 21:42:36 +01:00

Author

Owner

Copy Link

@jnovinger commented on GitHub (Jun 5, 2025):

@AaronJamesMyers , this is an interesting idea, but the information you have provided does not constitute an actionable feature request. How would this be implemented?

Per our contributing guide, a feature request must include a thorough description of the proposed functionality, including any database changes, new views or API endpoints, and so on. If you would like to elaborate on your proposal, please modify your post above. If sufficient detail is not added, this issue will be closed.

@jnovinger commented on GitHub (Jun 5, 2025): @AaronJamesMyers , this is an interesting idea, but the information you have provided does not constitute an actionable feature request. How would this be implemented? Per our [contributing guide](https://github.com/netbox-community/netbox/blob/develop/CONTRIBUTING.md), a feature request must include a thorough description of the proposed functionality, including any database changes, new views or API endpoints, and so on. If you would like to elaborate on your proposal, please modify your post above. If sufficient detail is not added, this issue will be closed.

adam commented 2025-12-29 21:42:36 +01:00

Author

Owner

Copy Link

@AaronJamesMyers commented on GitHub (Jun 6, 2025):

Im not exactly sure how it would work, but my thought would be that you create a permission group called "WIRELESS PROVISIONERS" then you add that permission to users A, B, and C.

Then only people in the 'WIRELESS PROVISIONERS" group will be able to see script 1,2,and 6. in the script_list view.

Or Maybe it could be added as a permission. I tried adding this as a JSON in a "permission" but it didnt work.

so you would have a permission that would say have "view/run" access to script_id 10,15,20. then you apply that permission to a group. then anyone in that group would be able to ONLY view scripts with id 10,15,20.

@AaronJamesMyers commented on GitHub (Jun 6, 2025): Im not exactly sure how it would work, but my thought would be that you create a permission group called "WIRELESS PROVISIONERS" then you add that permission to users A, B, and C. Then only people in the 'WIRELESS PROVISIONERS" group will be able to see script 1,2,and 6. in the script_list view. Or Maybe it could be added as a permission. I tried adding this as a JSON in a "permission" but it didnt work. so you would have a permission that would say have "view/run" access to script_id 10,15,20. then you apply that permission to a group. then anyone in that group would be able to ONLY view scripts with id 10,15,20.

adam commented 2025-12-29 21:42:37 +01:00

Author

Owner

Copy Link

@github-actions[bot] commented on GitHub (Jun 13, 2025):

This is a reminder that additional information is needed in order to further triage this issue. If the requested details are not provided, the issue will soon be closed automatically.

@github-actions[bot] commented on GitHub (Jun 13, 2025): This is a reminder that additional information is needed in order to further triage this issue. If the requested details are not provided, the issue will soon be closed automatically.

adam commented 2025-12-29 21:42:37 +01:00

Author

Owner

Copy Link

@github-actions[bot] commented on GitHub (Jun 21, 2025):

This issue is being closed as no further information has been provided. If you would like to revisit this topic, please first modify your original post to include all the requested detail, and then ask that the issue be reopened.

@github-actions[bot] commented on GitHub (Jun 21, 2025): This issue is being closed as no further information has been provided. If you would like to revisit this topic, please first modify your original post to include all the requested detail, and then ask that the issue be reopened.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update-changelog-comments-docs

feature-removal-issue-type

20911-dropdown

20239-plugin-menu-classes-mutable-state

21097-graphql-id-lookups

feature

fix_module_substitution

20923-dcim-templates

20044-elevation-stuck-lightmode

feature-ip-prefix-link

v4.5-beta1-release

20068-import-moduletype-attrs

20766-fix-german-translation-code-literals

20378-del-script

7604-filter-modifiers-v3

circuit-swap

12318-case-insensitive-uniqueness

20637-improve-device-q-filter

20660-script-load

19724-graphql

20614-update-ruff

14884-script

02496-max-page

19720-macaddress-interface-generic-relation

19408-circuit-terminations-export-templates

20203-openapi-check

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

v4.5.0

v4.4.10

v4.4.9

v4.5.0-beta1

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.3.7

v4.4.0-beta1

v4.3.6

v4.3.5

v4.3.4

v4.3.3

v4.3.2

v4.3.1

v4.3.0

v4.2.9

v4.3.0-beta2

v4.2.8

v4.3.0-beta1

v4.2.7

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.1.11

v4.1.10

v4.1.9

v4.1.8

v4.2-beta1

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.11

v4.0.10

v4.0.9

v4.1-beta1

v4.0.8

v4.0.7

v4.0.6

v4.0.5

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.7.8

v3.7.7

v4.0-beta2

v3.7.6

v3.7.5

v4.0-beta1

v3.7.4

v3.7.3

v3.7.2

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.7-beta1

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

v3.6.0

v3.5.9

v3.6-beta2

v3.5.8

v3.6-beta1

v3.5.7

v3.5.6

v3.5.5

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.10

v3.4.9

v3.5-beta2

v3.4.8

v3.5-beta1

v3.4.7

v3.4.6

v3.4.5

v3.4.4

v3.4.3

v3.4.2

v3.4.1

v3.4.0

v3.3.10

v3.3.9

v3.4-beta1

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.3-beta2

v3.2.7

v3.3-beta1

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.11

v3.1.10

v3.2-beta2

v3.1.9

v3.2-beta1

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.12

v3.0.11

v3.0.10

v3.1-beta1

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.12

v3.0-beta2

v2.11.11

v2.11.10

v3.0-beta1

v2.11.9

v2.11.8

v2.11.7

v2.11.6

v2.11.5

v2.11.4

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.10

v2.10.9

v2.11-beta1

v2.10.8

v2.10.7

v2.10.6

v2.10.5

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.11

v2.10-beta2

v2.9.10

v2.10-beta1

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.9-beta2

v2.8.9

v2.9-beta1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.12

v2.6.11

v2.6.10

v2.6.9

v2.7-beta1

Solcon-2020-01-06

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.13

v2.5.12

v2.6-beta1

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.9

v2.5-beta2

v2.4.8

v2.5-beta1

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.7

v2.4-beta1

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.10

v2.3-beta2

v2.2.9

v2.3-beta1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.6

v2.2-beta2

v2.1.5

v2.2-beta1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.1-beta1

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0-beta3

v1.9.6

v1.9.5

v2.0-beta2

v1.9.4-r1

v1.9.3

v2.0-beta1

v1.9.2

v1.9.1

v1.9.0-r1

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2-r1

v1.7.1

v1.7.0

v1.6.3

v1.6.2-r1

v1.6.1-r1

1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.7-r1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3-r1

v1.0.3

1.0.0

Labels

Clear labels

beta

breaking change

complexity: high

complexity: low

complexity: medium

needs milestone

netbox

pending closure

plugin candidate

pull-request

Mirrored from GitHub Pull Request

severity: high

severity: low

severity: medium

status: accepted

status: backlog

status: blocked

status: duplicate

status: needs owner

status: needs triage

status: revisions needed

status: under review

topic: GraphQL

topic: Internationalization

topic: OpenAPI

topic: UI/UX

topic: cabling

topic: event rules

topic: htmx navigation

topic: industrialization

topic: migrations

topic: plugins

topic: scripts

topic: templating

topic: testing

type: bug

type: deprecation

type: documentation

type: feature

type: housekeeping

type: translation

No Label pending closure status: revisions needed type: feature

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/netbox#11258