New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remote users (LDAP backend) with limited rights lost ability to use RestAPI #12849
Labels
status: accepted
This issue has been accepted for implementation
type: bug
A confirmed report of unexpected behavior in the application
Comments
stavr666
added
the
type: bug
A confirmed report of unexpected behavior in the application
label
Jun 9, 2023
stavr666
changed the title
Remove users (LDAP backend) with limited rights lost ability to use RestAPI
Remote users (LDAP backend) with limited rights lost ability to use RestAPI
Jun 9, 2023
To verify the cause, please try to install django-auth-ldap==4.1.0 |
jeremystretch
added
the
status: under review
Further discussion is needed to determine this issue's scope and/or implementation
label
Jun 12, 2023
Hello, I tried using django-auth-ldap==4.1.0. Same behaviour as with 4.3.0. |
kkthxbye-code
added
status: accepted
This issue has been accepted for implementation
and removed
status: under review
Further discussion is needed to determine this issue's scope and/or implementation
labels
Jun 26, 2023
@rmanyari - figured out what's wrong in the linked duplicate issue above. When he responds here, he should be assigned this issue. |
Happy to contribute, feel free to assign this to me |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
status: accepted
This issue has been accepted for implementation
type: bug
A confirmed report of unexpected behavior in the application
NetBox version
v3.5.3
Python version
3.10
Steps to Reproduce
Perquisite
configuration.py contains:
ldap_config.py contains:
can add full files with masked data paths, if needed.
Our config allow us to have users with rights, assigned by AD group membership. But when checking django group membership, there is none (we ok with it, we have no issues before):
If we tun on mirroring, whole bunch 10th thousands groups from AD will be loaded to netbox.
Issue steps
Expected Behavior
Tokens must work anywhere and return any data for both users.
Observed Behavior
Both users can use UI, /api/ and /api/schema/swagger-ui/ endpoints while logged in.
Both of them also receive correct answer in Swager, with token used (it's ignored, likely, coz return correct answer with wrong token).
Outside of Netbox app (from Curl, PoSh, Grafana requests) it returns "You do not have permission to perform this action." error.
Problem not existed in 3.0 and 3.1. I used several accounts in Grafana tests before moving Netbox to production, it worked.
Now I must explicitly define group membership of user for API only.
The text was updated successfully, but these errors were encountered: