-
Notifications
You must be signed in to change notification settings - Fork 33
Closes #72 - Assign ACLs to multiple devices via unified ACLAssignment model #276
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Draft
pheus
wants to merge
36
commits into
netbox-community:dev
Choose a base branch
from
pheus:72-allow-acl-assignment-to-multiple-devices
base: dev
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Closes #72 - Assign ACLs to multiple devices via unified ACLAssignment model #276
pheus
wants to merge
36
commits into
netbox-community:dev
from
pheus:72-allow-acl-assignment-to-multiple-devices
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Refactors ACLStandardRule and ACLExtendedRule to support generic source and destination fields. Introduces GenericForeignKey and related caching for improved flexibility and performance. BREAKING CHANGE: Updates source/destination field structures; existing ACL data require migration.
Renames and updates fields in ACLStandardRule and ACLExtendedRule to support generic source and destination objects. Introduces new fields, indices, and foreign key relationships for improved flexibility and query performance. BREAKING CHANGE: Requires migration of existing ACL data to the new field structure.
Introduces a data migration to copy source and destination prefix IDs to the newly added GenericForeignKey fields in ACLStandardRule and ACLExtendedRule. Ensures existing prefix assignments are preserved during schema updates.
Extend test coverage for ACLStandardRule and ACLExtendedRule to include validation of generic source and destination objects. Add scenarios for aggregates, IP addresses, IP ranges, and validation of invalid objects. Test updates ensure the robustness and accuracy of the new field structure.
Introduces new columns for source and destination with support for generic objects in ACLStandardRule and ACLExtendedRule tables. Updates field and default column configurations for improved flexibility and alignment with the new data model.
Adds support for filtering by aggregates, IP addresses, and IP ranges in both source and destination fields. Updates filter fields for better alignment with the extended ACL rules model.
Integrates generic object handling for source and destination fields in ACLStandardRuleForm and ACLExtendedRuleForm. Introduces support for content types, dynamic queries, and enhanced validation. Improves alignment with the generic source/destination model update.
Rename labels for source and destination fields in ACL templates to reflect the updated generic model structure. Improves clarity and consistency with recent data model changes.
Replaces source_prefix and destination_prefix with generic source and destination prefetches in views for ACLStandardRule and ACLExtendedRule. Aligns view logic with the updated generic source/destination model for better flexibility and consistency.
Replaces source_prefix and destination_prefix with generic source and destination fields in ACL serializers. Introduces support for content types, dynamic querying, and enhanced validation in ACLStandardRule and ACLExtendedRule. Aligns serializers with the generic source/destination model for improved flexibility and consistency.
Updated docstrings for clarity by replacing "&" with "and" in multiple view classes. Revised prefetch fields in ACLStandardRule and ACLExtendedRule to align with the new generic source/destination model changes for better consistency.
Introduces generic source and destination fields in GraphQL types for ACLStandardRule and ACLExtendedRule. Adds support for ContentType relationships, caching related objects, and enhanced flexibility in object handling. Aligns GraphQL implementation with the updated generic model structure for consistency.
Introduces ContentType filtering for generic source and destination fields in ACLStandardRule and ACLExtendedRule GraphQL filters. Adds source_type, source_id, destination_type, and destination_id fields to enhance filtering flexibility and alignment with generic models.
Replaces `source_prefix` and `destination_prefix` with generic `source` and `destination` fields in ACL rule tests. Updates test cases to include `source_type`, `source_id`, `destination_type`, and `destination_id` for better alignment with the updated generic model.
Fixes multiple instances of "availble" to "available" in docstrings for ACL action, rule action, type, and protocol choices. Ensures documentation accuracy and readability.
Refines field names and query attributes for source and destination filters. Ensures consistency with related models and improves filtering accuracy for aggregates, IP ranges, and IP addresses.
Introduces `remark`, `source_port`, and `destination_port` fields to ACL filtersets for enhanced filtering capabilities. Aligns with the generic source/destination model updates and improves flexibility in rule definition.
Adds `using(db_alias)` to queries for ACLStandardRule and ACLExtendedRule to ensure the correct database alias is used during migration. Also adjusts formatting for dependency tuples to enhance consistency.
Consolidates ACLInterfaceAssignment into a single ACLAssignment model, ensuring support for devices, virtual chassis, VMs, and interfaces. Improves validation logic by enforcing unique constraints per object type and direction. Also enhances maintainability by centralizing assignment-related logic. BREAKING CHANGE: Legacy ACLInterfaceAssignment is replaced with ACLAssignment.
Renames `ACLInterfaceAssignment` to `ACLAssignment` and adjusts related model fields and constraints. Removes legacy `assigned_object_id` and `assigned_object_type` fields from `AccessList`. Adds data migration for copying over existing host assignments to the updated model.
Removes tests for `assigned_object` in AccessList, aligning with the migration to centralized ACLAssignment. Updates tests to focus on ACLAssignment validation scenarios across different object types.
Replaces `ACLInterfaceAssignment` with `ACLAssignment` across table definitions. Updates associated columns to use the centralized model fields and modern column types from `netbox.tables`.
Replaces `ACLInterfaceAssignmentFilterSet` with `ACLAssignmentFilterSet` to align with the consolidated ACLAssignment model. Updates filtersets to support devices, virtual chassis, VMs, and interfaces using new fields. Enhances query and filter logic for improved maintainability and functionality.
Replaces `ACLInterfaceAssignmentForm` with `ACLAssignmentForm` across forms to align with the unified ACLAssignment model. Removes legacy fields and validation logic, introducing centralized validation for assigned objects and directions. Simplifies fieldsets and enhances maintainability by leveraging the consolidated model structure.
Replaces references to `ACLInterfaceAssignment` with `ACLAssignment` in templates, aligning with the unified model. Updates template structure to streamline assigned object display and improve maintainability. Removes legacy elements no longer applicable after the migration.
Replaces `ACLInterfaceAssignment` views with updated `ACLAssignment` views. Introduces unified children views for devices, interfaces, VMs, and virtual chassis, improving maintainability and consistency. Enhances tab logic and table configurations to reflect the consolidated model structure.
Replaces `ACLInterfaceAssignment` routes with `ACLAssignment` routes in URLs. Shortens path names for clarity and consistency with the unified model.
Replaces `ACLInterfaceAssignmentSerializer` with `ACLAssignmentSerializer` to align with the unified ACLAssignment model. Removes legacy fields and validation logic that depended on outdated models. Enhances maintainability by consolidating serializers under the updated model structure. BREAKING CHANGE: Legacy ACLInterfaceAssignmentSerializer is replaced with ACLAssignmentSerializer.
Renames `ACLInterfaceAssignmentViewSet` to `ACLAssignmentViewSet` and updates associated classes, serializers, and queryset references. Aligns with the unified `ACLAssignment` model for improved consistency and maintainability.
Replaces `interface-assignments` route with `assignments` to align with the unified `ACLAssignment` model. Enhances consistency and maintainability across the API by simplifying route names.
Renames `ACLInterfaceAssignmentFilter` to `ACLAssignmentFilter` and updates related imports and fields. Removes legacy fields from the filter and adjusts field placement for consistency with the unified model structure.
Updates GraphQL types to use the unified `ACLAssignment` model, removing legacy fields and adding support for additional object types like virtual chassis. Enhances alignment with the consolidated model structure for improved maintainability and consistency.
Updates GraphQL schema to rename `ACLInterfaceAssignmentType` to `ACLAssignmentType`. Adjusts related fields and lists to align with the unified `ACLAssignment` model. Enhances consistency and maintainability within the GraphQL layer.
Replaces `ACLInterfaceAssignment` with `ACLAssignment` in test cases for access lists. Removes legacy object creation for sites, devices, and VMs, simplifying test data setup. Enhances test maintainability by aligning with the unified model structure.
Updates navigation to use the unified `ACLAssignment` model. Replaces `Interface Assignments` menu items with `Assignments`, aligning with the consolidated model structure. Enhances consistency and maintainability across the plugin interface.
b5b3d66
to
186093d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request
Related Issue
Fixes #72 - [Feature]: Assign a ACL to multiple devices
Fixes #41 - [Feature]: Add assigned_object models in GraphQL API similar to the REST API
Fixes #156 - [Housekeeping]: Move forms to use selector in place of various params
New Behavior
This PR introduces a unified assignment model,
ACLAssignment
, that supports applying a singleAccessList
to:Device
,VirtualChassis
,VirtualMachine
Interface
,VMInterface
Key behavior:
ingress | egress | none
direction
is set to"none"
and disabled in forms.ingress
oregress
is required.Contrast to Current Behavior
Device
orVirtualMachine
, and interface assignments were managed viaACLInterfaceAssignment
.ACLAssignment
) and allows reusing the same ACL across many targets.Discussion: Benefits and Drawbacks
Benefits
ingress | egress | none
) across all assignment types.Drawbacks / Notes
ACLInterfaceAssignment
is replaced byACLAssignment
.interface-assignments
→assignments
.Backwards compatibility
Changes to the Documentation
ACLAssignment
model, supported object types, and direction tri‑state.ACLInterfaceAssignment
withACLAssignment
in README/Wiki/API/GraphQL sections."none"
for host assignments)Proposed Release Note Entry
ACLAssignment
model ([Feature]: Assign a ACL to multiple devices #72).ACLInterfaceAssignment
replaced byACLAssignment
; API route renamedinterface-assignments
→assignments
; GraphQL types/filters renamed. Includes data migration for existing assignments.Double Check
dev
branch.Thanks for reviewing!