nautobot 3.0.0rc1__py3-none-any.whl → 3.0.1__py3-none-any.whl

nautobot/extras/views.py

@@ -325,7 +325,7 @@ class ApprovalWorkflowUIViewSet(
                 table_title="Responses",
                 table_class=tables.RelatedApprovalWorkflowStageResponseTable,
                 table_filter="approval_workflow_stage__approval_workflow",
-                section=SectionChoices.RIGHT_HALF,
+                section=SectionChoices.FULL_WIDTH,
                 exclude_columns=["approval_workflow"],
                 add_button_route=None,
                 enable_related_link=False,
@@ -412,7 +412,7 @@ class ApprovalWorkflowStageUIViewSet(
                 weight=200,
                 table_class=tables.ApprovalWorkflowStageResponseTable,
                 table_filter="approval_workflow_stage",
-                section=SectionChoices.RIGHT_HALF,
+                section=SectionChoices.FULL_WIDTH,
                 exclude_columns=["approval_workflow_stage"],
                 table_title="Responses",
                 enable_related_link=False,
@@ -420,27 +420,33 @@ class ApprovalWorkflowStageUIViewSet(
         ],
     )
 
-    @action(detail=True, url_path="approve", methods=["get", "post"])
+    @action(
+        detail=True,
+        url_path="approve",
+        methods=["get", "post"],
+        custom_view_base_action="change",
+        custom_view_additional_permissions=["extras.view_approvalworkflowstage"],
+    )
     def approve(self, request, *args, **kwargs):
         """
         Approve the approval workflow stage response.
         """
         instance = self.get_object()
 
-        try:
-            approval_workflow_stage_response = ApprovalWorkflowStageResponse.objects.get(
-                approval_workflow_stage=instance,
-                user=request.user,
-            )
-        except ApprovalWorkflowStageResponse.DoesNotExist:
-            approval_workflow_stage_response = ApprovalWorkflowStageResponse.objects.create(
-                approval_workflow_stage=instance,
-                user=request.user,
-            )
+        if not (
+            request.user.is_superuser
+            or instance.approval_workflow_stage_definition.approver_group.user_set.filter(id=request.user.id).exists()
+        ):
+            messages.error(request, "You are not permitted to approve this workflow stage.")
+            return redirect(self.get_return_url(request, instance))
 
         if request.method == "GET":
-            obj = approval_workflow_stage_response
-            form = ApprovalForm(initial={"comments": obj.comments})
+            if existing_response := ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=instance, user=request.user
+            ).first():
+                form = ApprovalForm(initial={"comments": existing_response.comments})
+            else:
+                form = ApprovalForm()
 
             object_under_review = instance.approval_workflow.object_under_review
             template_name = getattr(object_under_review, "get_approval_template", lambda: None)()
@@ -451,15 +457,19 @@ class ApprovalWorkflowStageUIViewSet(
                 request,
                 template_name,
                 {
-                    "obj": obj.approval_workflow_stage,
-                    "object_under_review": obj.approval_workflow_stage.approval_workflow.object_under_review,
+                    "obj": instance,
+                    "object_under_review": instance.approval_workflow.object_under_review,
                     "form": form,
                     "obj_type": ApprovalWorkflowStage._meta.verbose_name,
-                    "return_url": self.get_return_url(request, obj),
+                    "return_url": self.get_return_url(request, instance),
                     "card_class": "success",
                     "button_class": "success",
                 },
             )
+
+        approval_workflow_stage_response, _ = ApprovalWorkflowStageResponse.objects.get_or_create(
+            approval_workflow_stage=instance, user=request.user
+        )
         approval_workflow_stage_response.comments = request.data.get("comments")
         approval_workflow_stage_response.state = ApprovalWorkflowStateChoices.APPROVED
         approval_workflow_stage_response.save()
@@ -467,40 +477,49 @@ class ApprovalWorkflowStageUIViewSet(
         messages.success(request, f"You approved {instance}.")
         return redirect(self.get_return_url(request))
 
-    @action(detail=True, url_path="deny", methods=["get", "post"])
+    @action(
+        detail=True,
+        url_path="deny",
+        methods=["get", "post"],
+        custom_view_base_action="change",
+        custom_view_additional_permissions=["extras.view_approvalworkflowstage"],
+    )
     def deny(self, request, *args, **kwargs):
         """
         Deny the approval workflow stage response.
         """
         instance = self.get_object()
 
-        try:
-            approval_workflow_stage_response = ApprovalWorkflowStageResponse.objects.get(
-                approval_workflow_stage=instance,
-                user=request.user,
-            )
-        except ApprovalWorkflowStageResponse.DoesNotExist:
-            approval_workflow_stage_response = ApprovalWorkflowStageResponse.objects.create(
-                approval_workflow_stage=instance,
-                user=request.user,
-                state=ApprovalWorkflowStateChoices.PENDING,
-            )
+        if not (
+            request.user.is_superuser
+            or instance.approval_workflow_stage_definition.approver_group.user_set.filter(id=request.user.id).exists()
+        ):
+            messages.error(request, "You are not permitted to deny this workflow stage.")
+            return redirect(self.get_return_url(request, instance))
 
         if request.method == "GET":
-            obj = approval_workflow_stage_response
-            form = ApprovalForm(initial={"comments": obj.comments})
+            if existing_response := ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=instance, user=request.user
+            ).first():
+                form = ApprovalForm(initial={"comments": existing_response.comments})
+            else:
+                form = ApprovalForm()
 
             return render(
                 request,
                 "extras/approval_workflow/deny.html",
                 {
-                    "obj": obj.approval_workflow_stage,
-                    "object_under_review": obj.approval_workflow_stage.approval_workflow.object_under_review,
+                    "obj": instance,
+                    "object_under_review": instance.approval_workflow.object_under_review,
                     "form": form,
                     "obj_type": ApprovalWorkflowStage._meta.verbose_name,
-                    "return_url": self.get_return_url(request, obj),
+                    "return_url": self.get_return_url(request, instance),
                 },
             )
+
+        approval_workflow_stage_response, _ = ApprovalWorkflowStageResponse.objects.get_or_create(
+            approval_workflow_stage=instance, user=request.user
+        )
         approval_workflow_stage_response.comments = request.data.get("comments")
         approval_workflow_stage_response.state = ApprovalWorkflowStateChoices.DENIED
         approval_workflow_stage_response.save()
@@ -508,6 +527,61 @@ class ApprovalWorkflowStageUIViewSet(
         messages.success(request, f"You denied {instance}.")
         return redirect(self.get_return_url(request))
 
+    @action(
+        detail=True,
+        url_path="comment",
+        methods=["get", "post"],
+        custom_view_base_action="change",
+        custom_view_additional_permissions=["extras.view_approvalworkflowstage"],
+    )
+    def comment(self, request, *args, **kwargs):
+        """
+        Comment the approval workflow stage response.
+        """
+        instance = self.get_object()
+
+        if not instance.is_not_done_stage:
+            messages.error(
+                request, f"This stage is in {instance.state} state. Can't comment on an approved or denied stage."
+            )
+            return redirect(self.get_return_url(request, instance))
+
+        # We don't enforce approver-group/superuser check here, anyone can comment, not just an approver.
+
+        if request.method == "GET":
+            if existing_response := ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=instance, user=request.user
+            ).first():
+                form = ApprovalForm(initial={"comments": existing_response.comments})
+            else:
+                form = ApprovalForm()
+
+            template_name = "extras/approval_workflow/comment.html"
+
+            return render(
+                request,
+                template_name,
+                {
+                    "obj": instance,
+                    "object_under_review": instance.approval_workflow.object_under_review,
+                    "form": form,
+                    "obj_type": ApprovalWorkflowStage._meta.verbose_name,
+                    "return_url": self.get_return_url(request, instance),
+                },
+            )
+
+        approval_workflow_stage_response, _ = ApprovalWorkflowStageResponse.objects.get_or_create(
+            approval_workflow_stage=instance, user=request.user
+        )
+        approval_workflow_stage_response.comments = request.data.get("comments")
+        # we don't want to change a state if is approved, denied or canceled
+        if approval_workflow_stage_response.state == ApprovalWorkflowStateChoices.PENDING:
+            approval_workflow_stage_response.state = ApprovalWorkflowStateChoices.COMMENT
+        approval_workflow_stage_response.save()
+        instance.refresh_from_db()
+        messages.success(request, f"You commented {instance}.")
+        return redirect(self.get_return_url(request))
+
 
 class ApprovalWorkflowStageResponseUIViewSet(
     ObjectBulkDestroyViewMixin,
@@ -659,6 +733,9 @@ class ObjectApprovalWorkflowView(generic.GenericView):
                 "default_time_zone": get_current_timezone(),
                 "stage_table": stage_table,
                 "response_table": response_table,
+                "view_titles": self.get_view_titles(model=obj, view_type=""),
+                "breadcrumbs": self.get_breadcrumbs(model=obj, view_type=""),
+                "detail": True,
                 **common_detail_view_context(request, obj),
             },
         )
@@ -1516,8 +1593,6 @@ class ObjectDynamicGroupsView(generic.GenericView):
     """
 
     base_template: Optional[str] = None
-    breadcrumbs = Breadcrumbs()
-    view_titles = Titles()
 
     def get(self, request, model, **kwargs):
         # Handle QuerySet restriction of parent object if needed
@@ -1551,8 +1626,8 @@ class ObjectDynamicGroupsView(generic.GenericView):
                 "table": dynamicgroups_table,
                 "base_template": base_template,
                 "active_tab": "dynamic-groups",
-                "breadcrumbs": self.breadcrumbs,
-                "view_titles": self.view_titles,
+                "view_titles": self.get_view_titles(model=obj, view_type=""),
+                "breadcrumbs": self.get_breadcrumbs(model=obj, view_type=""),
                 "detail": True,
             },
         )

nautobot/ipam/constants.py

@@ -22,8 +22,8 @@ VRF_RD_MAX_LENGTH = 21
 # Prefixes
 #
 
-PREFIX_LENGTH_MIN = 1
-PREFIX_LENGTH_MAX = 127  # IPv6
+PREFIX_LENGTH_MIN = 0
+PREFIX_LENGTH_MAX = 128  # IPv6
 PREFIX_ALLOWED_PARENT_TYPES = {
     PrefixTypeChoices.TYPE_CONTAINER: PrefixTypeChoices.TYPE_CONTAINER,
     PrefixTypeChoices.TYPE_NETWORK: PrefixTypeChoices.TYPE_CONTAINER,

nautobot/ipam/tables.py

@@ -207,10 +207,11 @@ class NamespaceTable(BaseTable):
     name = tables.LinkColumn()
     tenant = TenantColumn()
     tags = TagColumn(url_name="ipam:namespace_list")
+    actions = ButtonsColumn(Namespace)
 
     class Meta(BaseTable.Meta):
         model = Namespace
-        fields = ("pk", "name", "description", "tenant", "location")
+        fields = ("pk", "name", "description", "tenant", "location", "actions")
 
 
 #
@@ -247,11 +248,11 @@ class VRFTable(StatusTableMixin, BaseTable):
 class VRFDeviceAssignmentTable(BaseTable):
     """Table for displaying VRF Device Assignments with RD."""
 
-    vrf = tables.Column(verbose_name="VRF", linkify=lambda record: record.vrf.get_absolute_url(), accessor="vrf.name")
+    vrf = tables.Column(verbose_name="VRF", linkify=lambda record: record.vrf.get_absolute_url(), accessor="vrf__name")
     namespace = tables.Column(
         verbose_name="Namespace",
         linkify=lambda record: record.vrf.namespace.get_absolute_url(),
-        accessor="vrf.namespace.name",
+        accessor="vrf__namespace__name",
     )
     related_object_type = tables.TemplateColumn(
         template_code="""
@@ -287,10 +288,10 @@ class VRFDeviceAssignmentTable(BaseTable):
 class VRFPrefixAssignmentTable(BaseTable):
     """Table for displaying VRF Prefix Assignments."""
 
-    vrf = tables.Column(verbose_name="VRF", linkify=lambda record: record.vrf.get_absolute_url(), accessor="vrf.name")
+    vrf = tables.Column(verbose_name="VRF", linkify=lambda record: record.vrf.get_absolute_url(), accessor="vrf__name")
     prefix = tables.Column(linkify=True)
-    rd = tables.Column(accessor="vrf.rd", verbose_name="RD")
-    tenant = TenantColumn(accessor="vrf.tenant")
+    rd = tables.Column(accessor="vrf__rd", verbose_name="RD")
+    tenant = TenantColumn(accessor="vrf__tenant")
 
     class Meta(BaseTable.Meta):
         model = VRFPrefixAssignment

nautobot/load_balancers/constants.py

@@ -0,0 +1,6 @@
+#
+# TCP/UDP Ports
+#
+
+PORT_VALUE_MIN = 0
+PORT_VALUE_MAX = 65535

nautobot/load_balancers/migrations/0001_initial.py

@@ -3,6 +3,7 @@
 import uuid
 
 import django.core.serializers.json
+import django.core.validators
 from django.db import migrations, models
 import django.db.models.deletion
 
@@ -86,7 +87,12 @@ class Migration(migrations.Migration):
                 ("interval", models.PositiveIntegerField(blank=True, null=True)),
                 ("retry", models.PositiveIntegerField(blank=True, null=True)),
                 ("timeout", models.PositiveIntegerField(blank=True, null=True)),
-                ("port", models.PositiveIntegerField(blank=True, null=True)),
+                (
+                    "port",
+                    models.PositiveIntegerField(
+                        blank=True, null=True, validators=[django.core.validators.MaxValueValidator(65535)]
+                    ),
+                ),
                 ("health_check_type", models.CharField(blank=True, max_length=255)),
                 ("tags", nautobot.core.models.fields.TagsField(through="extras.TaggedItem", to="extras.Tag")),
                 (
@@ -175,7 +181,7 @@ class Migration(migrations.Migration):
                     models.JSONField(blank=True, default=dict, encoder=django.core.serializers.json.DjangoJSONEncoder),
                 ),
                 ("label", models.CharField(blank=True, max_length=255)),
-                ("port", models.PositiveIntegerField()),
+                ("port", models.PositiveIntegerField(validators=[django.core.validators.MaxValueValidator(65535)])),
                 ("ssl_offload", models.BooleanField(default=False)),
             ],
             options={
@@ -203,7 +209,12 @@ class Migration(migrations.Migration):
                     models.JSONField(blank=True, default=dict, encoder=django.core.serializers.json.DjangoJSONEncoder),
                 ),
                 ("name", models.CharField(max_length=255)),
-                ("port", models.PositiveIntegerField(blank=True, null=True)),
+                (
+                    "port",
+                    models.PositiveIntegerField(
+                        blank=True, null=True, validators=[django.core.validators.MaxValueValidator(65535)]
+                    ),
+                ),
                 ("protocol", models.CharField(blank=True, max_length=255)),
                 ("source_nat_type", models.CharField(blank=True, max_length=255)),
                 ("load_balancer_type", models.CharField(blank=True, max_length=255)),

nautobot/load_balancers/models.py

@@ -1,5 +1,6 @@
 """Models for Load Balancer Models."""
 
+from django.core.validators import MaxValueValidator
 from django.db import models
 
 from nautobot.core.constants import CHARFIELD_MAX_LENGTH
@@ -7,7 +8,7 @@ from nautobot.core.models import BaseModel
 from nautobot.core.models.generics import PrimaryModel
 from nautobot.extras.models import StatusField
 from nautobot.extras.utils import extras_features
-from nautobot.load_balancers import choices
+from nautobot.load_balancers import choices, constants
 
 
 @extras_features("custom_links", "custom_validators", "export_templates", "graphql", "webhooks")
@@ -18,7 +19,7 @@ class VirtualServer(PrimaryModel):  # pylint: disable=too-many-ancestors
         to="ipam.IPAddress", on_delete=models.PROTECT, related_name="virtual_servers", verbose_name="VIP"
     )
     name = models.CharField(max_length=CHARFIELD_MAX_LENGTH)
-    port = models.PositiveIntegerField(blank=True, null=True)
+    port = models.PositiveIntegerField(blank=True, null=True, validators=[MaxValueValidator(constants.PORT_VALUE_MAX)])
     protocol = models.CharField(max_length=CHARFIELD_MAX_LENGTH, blank=True, choices=choices.ProtocolChoices)
     source_nat_pool = models.ForeignKey(
         to="ipam.Prefix",
@@ -200,7 +201,7 @@ class LoadBalancerPoolMember(PrimaryModel):  # pylint: disable=too-many-ancestor
         related_name="load_balancer_pool_members",
         on_delete=models.PROTECT,
     )
-    port = models.PositiveIntegerField()
+    port = models.PositiveIntegerField(validators=[MaxValueValidator(constants.PORT_VALUE_MAX)])
     ssl_offload = models.BooleanField(
         default=False,
         verbose_name="SSL Offload",
@@ -262,7 +263,7 @@ class HealthCheckMonitor(PrimaryModel):  # pylint: disable=too-many-ancestors
     interval = models.PositiveIntegerField(blank=True, null=True)
     retry = models.PositiveIntegerField(blank=True, null=True, help_text="Number of retries before marking as down")
     timeout = models.PositiveIntegerField(blank=True, null=True)
-    port = models.PositiveIntegerField(blank=True, null=True)
+    port = models.PositiveIntegerField(blank=True, null=True, validators=[MaxValueValidator(constants.PORT_VALUE_MAX)])
     health_check_type = models.CharField(
         max_length=CHARFIELD_MAX_LENGTH,
         choices=choices.HealthCheckTypeChoices,

nautobot/load_balancers/tables.py

@@ -64,6 +64,7 @@ class VirtualServerTable(BaseTable):
             "ssl_offload",
             "certificate_profiles_count",
             "tags",
+            "actions",
         )
 
         default_columns = (
@@ -108,6 +109,7 @@ class LoadBalancerPoolTable(BaseTable):
             "load_balancer_pool_member_count",
             "health_check_monitor",
             "tenant",
+            "actions",
         )
         default_columns = (
             "pk",
@@ -153,6 +155,7 @@ class LoadBalancerPoolMemberTable(StatusTableMixin, BaseTable):
             "health_check_monitor",
             "certificate_profiles_count",
             "tenant",
+            "actions",
         )
         default_columns = (
             "pk",
@@ -206,6 +209,7 @@ class HealthCheckMonitorTable(BaseTable):
             "load_balancer_pool_count",
             "load_balancer_pool_member_count",
             "tenant",
+            "actions",
         )
         default_columns = (
             "pk",
@@ -243,6 +247,7 @@ class CertificateProfileTable(BaseTable):
             "expiration_date",
             "cipher",
             "tenant",
+            "actions",
         )
         default_columns = (
             "pk",