rbac: handle lookup error (#7341)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-10-27 13:38:44 +02:00 committed by GitHub
parent f22daca091
commit 83b84e8d26
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 30 additions and 12 deletions

View File

@ -32,13 +32,19 @@ class PermissionSerializer(ModelSerializer):
def get_app_label_verbose(self, instance: Permission) -> str: def get_app_label_verbose(self, instance: Permission) -> str:
"""Human-readable app label""" """Human-readable app label"""
return apps.get_app_config(instance.content_type.app_label).verbose_name try:
return apps.get_app_config(instance.content_type.app_label).verbose_name
except LookupError:
return f"{instance.content_type.app_label}.{instance.content_type.model}"
def get_model_verbose(self, instance: Permission) -> str: def get_model_verbose(self, instance: Permission) -> str:
"""Human-readable model name""" """Human-readable model name"""
return apps.get_model( try:
instance.content_type.app_label, instance.content_type.model return apps.get_model(
)._meta.verbose_name instance.content_type.app_label, instance.content_type.model
)._meta.verbose_name
except LookupError:
return f"{instance.content_type.app_label}.{instance.content_type.model}"
class Meta: class Meta:
model = Permission model = Permission

View File

@ -28,9 +28,12 @@ class ExtraRoleObjectPermissionSerializer(RoleObjectPermissionSerializer):
def get_model_verbose(self, instance: GroupObjectPermission) -> str: def get_model_verbose(self, instance: GroupObjectPermission) -> str:
"""Get model label from permission's model""" """Get model label from permission's model"""
return apps.get_model( try:
instance.content_type.app_label, instance.content_type.model return apps.get_model(
)._meta.verbose_name instance.content_type.app_label, instance.content_type.model
)._meta.verbose_name
except LookupError:
return f"{instance.content_type.app_label}.{instance.content_type.model}"
def get_object_description(self, instance: GroupObjectPermission) -> Optional[str]: def get_object_description(self, instance: GroupObjectPermission) -> Optional[str]:
"""Get model description from attached model. This operation takes at least """Get model description from attached model. This operation takes at least
@ -38,7 +41,10 @@ class ExtraRoleObjectPermissionSerializer(RoleObjectPermissionSerializer):
view_ permission on the object""" view_ permission on the object"""
app_label = instance.content_type.app_label app_label = instance.content_type.app_label
model = instance.content_type.model model = instance.content_type.model
model_class = apps.get_model(app_label, model) try:
model_class = apps.get_model(app_label, model)
except LookupError:
return None
objects = get_objects_for_group(instance.group, f"{app_label}.view_{model}", model_class) objects = get_objects_for_group(instance.group, f"{app_label}.view_{model}", model_class)
obj = objects.first() obj = objects.first()
if not obj: if not obj:

View File

@ -28,9 +28,12 @@ class ExtraUserObjectPermissionSerializer(UserObjectPermissionSerializer):
def get_model_verbose(self, instance: UserObjectPermission) -> str: def get_model_verbose(self, instance: UserObjectPermission) -> str:
"""Get model label from permission's model""" """Get model label from permission's model"""
return apps.get_model( try:
instance.content_type.app_label, instance.content_type.model return apps.get_model(
)._meta.verbose_name instance.content_type.app_label, instance.content_type.model
)._meta.verbose_name
except LookupError:
return f"{instance.content_type.app_label}.{instance.content_type.model}"
def get_object_description(self, instance: UserObjectPermission) -> Optional[str]: def get_object_description(self, instance: UserObjectPermission) -> Optional[str]:
"""Get model description from attached model. This operation takes at least """Get model description from attached model. This operation takes at least
@ -38,7 +41,10 @@ class ExtraUserObjectPermissionSerializer(UserObjectPermissionSerializer):
view_ permission on the object""" view_ permission on the object"""
app_label = instance.content_type.app_label app_label = instance.content_type.app_label
model = instance.content_type.model model = instance.content_type.model
model_class = apps.get_model(app_label, model) try:
model_class = apps.get_model(app_label, model)
except LookupError:
return None
objects = get_objects_for_user(instance.user, f"{app_label}.view_{model}", model_class) objects = get_objects_for_user(instance.user, f"{app_label}.view_{model}", model_class)
obj = objects.first() obj = objects.first()
if not obj: if not obj: