Opinionated RBAC for NetBox
Project description
Introduction
This package is an opinionated implementation of role based access control for NetBox.
It completely replaces the default authentication backend, using Active Directory for authentication and determining group membership. A user's roles are updated only on login, and are stored in the database.
Once installed, a user may view their roles.
Installation
$ pip3 install netbox-rbac
Configuration
Add the following to settings.py
.
AUTHENTICATION_BACKENDS = [
'netbox_rbac.backend.Backend',
]
INSTALLED_APPS += (
'netbox_rbac',
)
MIDDLEWARE += (
'netbox_rbac.middleware.Middleware',
)
REST_FRAMEWORK.update({
'DEFAULT_PERMISSION_CLASSES': (
'netbox_rbac.api.TokenPermissions',
'netbox.api.TokenPermissions',
)
})
LOGGING.update({
'loggers': {
'netbox_rbac': {
'handlers': ['console'],
'level': 'INFO',
},
},
})
RBAC = {
'AUTH': {
'LDAP': {
'domain': 'COMPANY.COM',
'server': 'ldap://ldap.company.com:3268',
'search': {
'group': {
'base': 'OU=Groups,DC=company,DC=com',
'filter': '(&(sAMAccountName=%s)(objectClass=group))',
},
'member': {
'base': 'OU=Accounts,DC=company,DC=com',
'filter': '(&(sAMAccountName=%s)(memberOf:1.2.840.113556.1.4.1941:=%s))',
},
'user': {
'base': 'OU=Accounts,DC=company,DC=com',
'filter': '(&(sAMAccountName=%s)(objectClass=user))',
},
},
},
},
'RULE': [
'/opt/netbox-rules/rules.yaml',
'https://rules.company.com/rules.yaml',
],
}
Add the following to urls.py
.
_patterns += [
path('', include('netbox_rbac.urls') ),
]
Database
Generate and apply RBAC model migrations.
$ ./manage.py makemigrations netbox_rbac
$ ./manage.py showmigrations
$ ./manage.py migrate
Rules
See the example rules, and documentation. The rule paths can be local files or URLs, and the backend will try each path in turn until it succeeds.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
netbox-rbac-1.0.3.tar.gz
(10.5 kB
view hashes)
Built Distribution
Close
Hashes for netbox_rbac-1.0.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0c78bc25a1d8ac9da4e58c25b1cbdb9a7b66b7da611a190c9bd720fa64cd6492 |
|
MD5 | d11e66f22fffadc743fa915232a1be90 |
|
BLAKE2b-256 | a4963951ac5665c2ba96f1abf8f45c2bf32103d16bce1028823af518327e203b |