starred/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-11 21:10:29 +01:00
Code Issues 273 Packages Projects Releases 10 Wiki Activity

[PR #20555] [MERGED] Closes #16681: Introduce render_config permission for configuration rendering #15965

New Issue
Closed
opened 2025-12-30 00:25:03 +01:00 by adam · 0 comments
adam commented 2025-12-30 00:25:03 +01:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/netbox-community/netbox/pull/20555
Author: @jnovinger
Created: 10/13/2025
Status: Merged
Merged: 10/21/2025
Merged by: @jeremystretch

Base: featureHead: 16681-add-render_config-custom-permission-action

📝 Commits (7)

  • 7de6241 Closes #16681: Introduce render_config permission for configuration rendering
  • 196297c Correct permission denied message and enable translation
  • 8e72e75 Remove add permission requirement for render_config endpoint
  • e57f9be Add render_config permission to ConfigTemplate render endpoint
  • 9967b20 Address PR feedback on render_config permissions
  • 2dd1b97 Address second round of PR feedback on render_config permissions
  • 794d8aa Misc cleanup

📊 Changes

7 files changed (+190 additions, -8 deletions)

View changed files

📝 docs/features/configuration-rendering.md (+7 -0)
📝 netbox/dcim/tests/test_api.py (+50 -4)
📝 netbox/extras/api/mixins.py (+13 -0)
📝 netbox/extras/api/views.py (+10 -1)
📝 netbox/extras/tests/test_api.py (+44 -1)
📝 netbox/netbox/api/authentication.py (+14 -0)
📝 netbox/virtualization/tests/test_api.py (+52 -2)

📄 Description

Closes: #16681

Add render_config permission action for rendering device, virtual machine, and config template configurations via the REST API.

Changes:

  • Add permission checks to /api/dcim/devices/{id}/render-config/, /api/virtualization/virtual-machines/{id}/render-config/, and /api/extras/config-templates/{id}/render/
  • Introduce TokenWritePermission to enforce token write ability independent of model permissions
  • Replace POST='add' requirement with render_config permission
  • Add test coverage and documentation

Per #16681: rendering configs requires accepting arbitrary user data (requiring write-enabled tokens), but doesn't require permission to create devices/VMs. The render_config permission separates these concerns.

Note: Optional data migration could grant render_config to existing users with view or add permissions to ease upgrade path. Can add if desired.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/netbox-community/netbox/pull/20555 **Author:** [@jnovinger](https://github.com/jnovinger) **Created:** 10/13/2025 **Status:** ✅ Merged **Merged:** 10/21/2025 **Merged by:** [@jeremystretch](https://github.com/jeremystretch) **Base:** `feature` ← **Head:** `16681-add-render_config-custom-permission-action` --- ### 📝 Commits (7) - [`7de6241`](https://github.com/netbox-community/netbox/commit/7de62418c59b0ae691bca98cb354519878031aaa) Closes #16681: Introduce render_config permission for configuration rendering - [`196297c`](https://github.com/netbox-community/netbox/commit/196297c33817198041a1693751f189810eb8837e) Correct permission denied message and enable translation - [`8e72e75`](https://github.com/netbox-community/netbox/commit/8e72e75d61790e455a5a917068f6c29e9f5c6a81) Remove add permission requirement for render_config endpoint - [`e57f9be`](https://github.com/netbox-community/netbox/commit/e57f9beced579eb024454a887bc41fa03b6b6437) Add render_config permission to ConfigTemplate render endpoint - [`9967b20`](https://github.com/netbox-community/netbox/commit/9967b206634ad9159a72d14a1d2b58f8d11fcf2d) Address PR feedback on render_config permissions - [`2dd1b97`](https://github.com/netbox-community/netbox/commit/2dd1b97afb3db325f0ec125e13305e9665a82baf) Address second round of PR feedback on render_config permissions - [`794d8aa`](https://github.com/netbox-community/netbox/commit/794d8aaafebc00237b9ca4b944bb8b6090197f1f) Misc cleanup ### 📊 Changes **7 files changed** (+190 additions, -8 deletions) <details> <summary>View changed files</summary> 📝 `docs/features/configuration-rendering.md` (+7 -0) 📝 `netbox/dcim/tests/test_api.py` (+50 -4) 📝 `netbox/extras/api/mixins.py` (+13 -0) 📝 `netbox/extras/api/views.py` (+10 -1) 📝 `netbox/extras/tests/test_api.py` (+44 -1) 📝 `netbox/netbox/api/authentication.py` (+14 -0) 📝 `netbox/virtualization/tests/test_api.py` (+52 -2) </details> ### 📄 Description ### Closes: #16681 Add `render_config` permission action for rendering device, virtual machine, and config template configurations via the REST API. **Changes:** - Add permission checks to `/api/dcim/devices/{id}/render-config/`, `/api/virtualization/virtual-machines/{id}/render-config/`, and `/api/extras/config-templates/{id}/render/` - Introduce `TokenWritePermission` to enforce token write ability independent of model permissions - Replace POST='add' requirement with `render_config` permission - Add test coverage and documentation Per #16681: rendering configs requires accepting arbitrary user data (requiring write-enabled tokens), but doesn't require permission to create devices/VMs. The `render_config` permission separates these concerns. **Note:** Optional data migration could grant `render_config` to existing users with `view` or `add` permissions to ease upgrade path. Can add if desired. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
adam added the pull-request label 2025-12-30 00:25:03 +01:00
adam closed this issue 2025-12-30 00:25:03 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
beta
breaking change
complexity: high
complexity: low
complexity: medium
needs milestone
netbox
pending closure
plugin candidate
pull-request
Mirrored from GitHub Pull Request
 severity: high
severity: low
severity: medium
status: accepted
status: backlog
status: blocked
status: duplicate
status: needs owner
status: needs triage
status: revisions needed
status: under review
topic: GraphQL
topic: Internationalization
topic: OpenAPI
topic: UI/UX
topic: cabling
topic: event rules
topic: htmx navigation
topic: industrialization
topic: migrations
topic: plugins
topic: scripts
topic: templating
topic: testing
type: bug
type: deprecation
type: documentation
type: feature
type: housekeeping
type: translation
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/netbox#15965
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?