'auth > group' and 'auth > user' Permissions Not Taking Effect #4706

New Issue

Closed

opened 2025-12-29 19:19:40 +01:00 by adam · 5 comments

adam commented 2025-12-29 19:19:40 +01:00

Owner

Copy Link

Originally created by @coda88 on GitHub (Mar 27, 2021).

Originally assigned to: @jeremystretch on GitHub.

NetBox version

v2.10.8

Python version

3.6

Steps to Reproduce

1. Create a new user 'user01' with 'Active' and 'Staff status' (no 'Superuser status')
2. Create a new permission with 'Can view' action and the following Chosen object types: 'auth > group', 'auth > user', 'users > permission' and 'users > token'
3. Assign the new permission to 'user01'

Expected Behavior

1. Log in as 'user01'
2. Navigate to <netbox_url>/admin
3. 'user01' should see 'Groups', 'Permissions', 'Tokens' and 'Users' under the 'USERS' section on the left menu.

Observed Behavior

1. 'user01' is not able to see 'Groups' and 'Users' under the 'USERS' section on the left menu.
2. 'user01' is only able to see 'Permissions' and 'Tokens' under the 'USERS' section on the left menu.

Originally created by @coda88 on GitHub (Mar 27, 2021). Originally assigned to: @jeremystretch on GitHub. ### NetBox version v2.10.8 ### Python version 3.6 ### Steps to Reproduce 1. Create a new user 'user01' with 'Active' and 'Staff status' (no 'Superuser status') 2. Create a new permission with 'Can view' action and the following Chosen object types: 'auth > group', 'auth > user', 'users > permission' and 'users > token' 3. Assign the new permission to 'user01' ### Expected Behavior 1. Log in as 'user01' 2. Navigate to <netbox_url>/admin 3. 'user01' should see 'Groups', 'Permissions', 'Tokens' and 'Users' under the 'USERS' section on the left menu. ### Observed Behavior 1. 'user01' is not able to see 'Groups' and 'Users' under the 'USERS' section on the left menu. 2. 'user01' is only able to see 'Permissions' and 'Tokens' under the 'USERS' section on the left menu.

adam added the type: bugstatus: accepted labels 2025-12-29 19:19:40 +01:00

adam closed this issue 2025-12-29 19:19:41 +01:00

adam commented 2025-12-29 19:19:41 +01:00

Author

Owner

Copy Link

@coda88 commented on GitHub (Mar 27, 2021):

After going through the API, it seems that the correct object types for 'Groups' and 'Users' are 'users > Group' and 'users > User' respectively instead. But these object types are not exposed in the Web GUI.

Tested by modifying users/model.py, after which, 'users > Group' and 'users > User' appears in the GUI under 'Available object types':

$ diff netbox/users/models.py netbox/users/models.py.original
256c256
<             Q(app_label='users', model__in=['admingroup', 'adminuser', 'objectpermission', 'token'])
---
>             Q(app_label='users', model__in=['objectpermission', 'token'])

@coda88 commented on GitHub (Mar 27, 2021): After going through the API, it seems that the correct object types for 'Groups' and 'Users' are 'users > Group' and 'users > User' respectively instead. But these object types are not exposed in the Web GUI. Tested by modifying users/model.py, after which, 'users > Group' and 'users > User' appears in the GUI under 'Available object types': ``` $ diff netbox/users/models.py netbox/users/models.py.original 256c256 < Q(app_label='users', model__in=['admingroup', 'adminuser', 'objectpermission', 'token']) --- > Q(app_label='users', model__in=['objectpermission', 'token']) ```

adam commented 2025-12-29 19:19:41 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (Mar 31, 2021):

The discrepancy is due to the use of the abstract AdminUser and AdminGroup classes within the admin UI. IIRC these are employed primarily so that the user and group items appear under the "Users" section of the admin UI. There are probably a couple ways to go about tweaking this; I'll need to dig into it some more.

@jeremystretch commented on GitHub (Mar 31, 2021): The discrepancy is due to the use of the abstract AdminUser and AdminGroup classes within the admin UI. IIRC these are employed primarily so that the user and group items appear under the "Users" section of the admin UI. There are probably a couple ways to go about tweaking this; I'll need to dig into it some more.

adam commented 2025-12-29 19:19:42 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (Apr 15, 2021):

We can fix this by simply getting rid of the abstract AdminUser and AdminGroup classes, although these models will end up back under "Authorization and Authentication" (rather than "Users") in Django the admin UI, which is a bit confusing. Would love to come up with an elegant solution but haven't had any luck thus far.

@jeremystretch commented on GitHub (Apr 15, 2021): We can fix this by simply getting rid of the abstract AdminUser and AdminGroup classes, although these models will end up back under "Authorization and Authentication" (rather than "Users") in Django the admin UI, which is a bit confusing. Would love to come up with an elegant solution but haven't had any luck thus far.

adam commented 2025-12-29 19:19:42 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (May 18, 2021):

IMO we should go ahead with ditching the abstract models to fix the bug in the immediate term. Long term, we'll likely move away from Django's admin UI anyway (in favor of our own custom views).

@jeremystretch commented on GitHub (May 18, 2021): IMO we should go ahead with ditching the abstract models to fix the bug in the immediate term. Long term, we'll likely move away from Django's admin UI anyway (in favor of our own custom views).

adam commented 2025-12-29 19:19:42 +01:00

Author

Owner

Copy Link

@jeremystretch commented on GitHub (May 28, 2021):

Long term, we'll likely move away from Django's admin UI anyway (in favor of our own custom views).

Just following up on this: see #6466.

@jeremystretch commented on GitHub (May 28, 2021): > Long term, we'll likely move away from Django's admin UI anyway (in favor of our own custom views). Just following up on this: see #6466.

adam referenced this issue 2025-12-29 22:24:17 +01:00

[PR #4706] [MERGED] 4708: more flexible checks on RearPort usage #12904

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update-changelog-comments-docs

feature-removal-issue-type

20911-dropdown

20239-plugin-menu-classes-mutable-state

21097-graphql-id-lookups

feature

fix_module_substitution

20923-dcim-templates

20044-elevation-stuck-lightmode

feature-ip-prefix-link

v4.5-beta1-release

20068-import-moduletype-attrs

20766-fix-german-translation-code-literals

20378-del-script

7604-filter-modifiers-v3

circuit-swap

12318-case-insensitive-uniqueness

20637-improve-device-q-filter

20660-script-load

19724-graphql

20614-update-ruff

14884-script

02496-max-page

19720-macaddress-interface-generic-relation

19408-circuit-terminations-export-templates

20203-openapi-check

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

v4.5.0

v4.4.10

v4.4.9

v4.5.0-beta1

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.3.7

v4.4.0-beta1

v4.3.6

v4.3.5

v4.3.4

v4.3.3

v4.3.2

v4.3.1

v4.3.0

v4.2.9

v4.3.0-beta2

v4.2.8

v4.3.0-beta1

v4.2.7

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.1.11

v4.1.10

v4.1.9

v4.1.8

v4.2-beta1

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.11

v4.0.10

v4.0.9

v4.1-beta1

v4.0.8

v4.0.7

v4.0.6

v4.0.5

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.7.8

v3.7.7

v4.0-beta2

v3.7.6

v3.7.5

v4.0-beta1

v3.7.4

v3.7.3

v3.7.2

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.7-beta1

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

v3.6.0

v3.5.9

v3.6-beta2

v3.5.8

v3.6-beta1

v3.5.7

v3.5.6

v3.5.5

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.10

v3.4.9

v3.5-beta2

v3.4.8

v3.5-beta1

v3.4.7

v3.4.6

v3.4.5

v3.4.4

v3.4.3

v3.4.2

v3.4.1

v3.4.0

v3.3.10

v3.3.9

v3.4-beta1

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.3-beta2

v3.2.7

v3.3-beta1

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.11

v3.1.10

v3.2-beta2

v3.1.9

v3.2-beta1

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.12

v3.0.11

v3.0.10

v3.1-beta1

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.12

v3.0-beta2

v2.11.11

v2.11.10

v3.0-beta1

v2.11.9

v2.11.8

v2.11.7

v2.11.6

v2.11.5

v2.11.4

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.10

v2.10.9

v2.11-beta1

v2.10.8

v2.10.7

v2.10.6

v2.10.5

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.11

v2.10-beta2

v2.9.10

v2.10-beta1

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.9-beta2

v2.8.9

v2.9-beta1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.12

v2.6.11

v2.6.10

v2.6.9

v2.7-beta1

Solcon-2020-01-06

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.13

v2.5.12

v2.6-beta1

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.9

v2.5-beta2

v2.4.8

v2.5-beta1

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.7

v2.4-beta1

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.10

v2.3-beta2

v2.2.9

v2.3-beta1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.6

v2.2-beta2

v2.1.5

v2.2-beta1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.1-beta1

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0-beta3

v1.9.6

v1.9.5

v2.0-beta2

v1.9.4-r1

v1.9.3

v2.0-beta1

v1.9.2

v1.9.1

v1.9.0-r1

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2-r1

v1.7.1

v1.7.0

v1.6.3

v1.6.2-r1

v1.6.1-r1

1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.7-r1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3-r1

v1.0.3

1.0.0

Labels

Clear labels

beta

breaking change

complexity: high

complexity: low

complexity: medium

needs milestone

netbox

pending closure

plugin candidate

pull-request

Mirrored from GitHub Pull Request

severity: high

severity: low

severity: medium

status: accepted

status: backlog

status: blocked

status: duplicate

status: needs owner

status: needs triage

status: revisions needed

status: under review

topic: GraphQL

topic: Internationalization

topic: OpenAPI

topic: UI/UX

topic: cabling

topic: event rules

topic: htmx navigation

topic: industrialization

topic: migrations

topic: plugins

topic: scripts

topic: templating

topic: testing

type: bug

type: deprecation

type: documentation

type: feature

type: housekeeping

type: translation

No Label status: accepted type: bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/netbox#4706