Closed jogulin closed 3 years ago
I have also tried to get a generic list by leaving off the ID of the specific interface with identical results.
I am unable to reproduce this on our master instance:
* About to connect() to master.netbox.dev port 443 (#0)
* Trying 144.217.88.130...
* Connected to master.netbox.dev (144.217.88.130) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=master.netbox.dev
* start date: Dec 09 16:09:42 2020 GMT
* expire date: Mar 09 16:09:42 2021 GMT
* common name: master.netbox.dev
* issuer: CN=R3,O=Let's Encrypt,C=US
> GET /api/virtualization/interfaces/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: master.netbox.dev
> Authorization: Token 3a1a2280b1c606b8e5e5386e38dcaba522573a66
> Content-Type: application/json
> Accept: application/json; indent=4
>
< HTTP/1.1 200 OK
< Server: nginx/1.16.1
< Date: Mon, 25 Jan 2021 15:27:59 GMT
< Content-Type: application/json
< Content-Length: 4200
< Connection: keep-alive
< Vary: Accept, Cookie, Origin
< Allow: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
< API-Version: 2.10
< X-Content-Type-Options: nosniff
< Referrer-Policy: same-origin
< X-Frame-Options: SAMEORIGIN
<
{
"count": 6,
"next": null,
"previous": null,
"results": [
{
"id": 4,
"url": "https://master.netbox.dev/api/virtualization/interfaces/4/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "Test1",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 5,
"url": "https://master.netbox.dev/api/virtualization/interfaces/5/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "Test2",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 2,
"url": "https://master.netbox.dev/api/virtualization/interfaces/2/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "eth0",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 3,
"url": "https://master.netbox.dev/api/virtualization/interfaces/3/",
"virtual_machine": {
"id": 3,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/3/",
"name": "afdsf"
},
"name": "eth0",
"enabled": true,
"mtu": null,
"mac_address": "00:11:22:33:44:55",
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 6,
"url": "https://master.netbox.dev/api/virtualization/interfaces/6/",
"virtual_machine": {
"id": 9,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/9/",
"name": "test"
},
"name": "ghjgjhghjgh",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": {
"value": "tagged",
"label": "Tagged"
},
"untagged_vlan": null,
"tagged_vlans": [
{
"id": 128,
"url": "https://master.netbox.dev/api/ipam/vlans/128/",
"vid": 2,
"name": "2",
"display_name": "2 (2)"
}
],
"tags": [
{
"id": 3,
"url": "https://master.netbox.dev/api/extras/tags/3/",
"name": "pdu",
"slug": "pdu",
"color": "9e9e9e"
}
]
},
{
"id": 1,
"url": "https://master.netbox.dev/api/virtualization/interfaces/1/",
"virtual_machine": {
"id": 1,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/1/",
"name": "testvm"
},
"name": "ens192",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
}
]
I suspect you have given the users different permissions
Testing with a user that only has "can view" permissions results in the same:
* About to connect() to master.netbox.dev port 443 (#0)
* Trying 144.217.88.130...
* Connected to master.netbox.dev (144.217.88.130) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=master.netbox.dev
* start date: Dec 09 16:09:42 2020 GMT
* expire date: Mar 09 16:09:42 2021 GMT
* common name: master.netbox.dev
* issuer: CN=R3,O=Let's Encrypt,C=US
> GET /api/virtualization/interfaces/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: master.netbox.dev
> Authorization: Token cebeca168bf5483333655dba8b4a6d16c07186e7
> Content-Type: application/json
> Accept: application/json; indent=4
>
< HTTP/1.1 200 OK
< Server: nginx/1.16.1
< Date: Mon, 25 Jan 2021 15:33:21 GMT
< Content-Type: application/json
< Content-Length: 4200
< Connection: keep-alive
< Vary: Accept, Cookie, Origin
< Allow: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
< API-Version: 2.10
< X-Content-Type-Options: nosniff
< Referrer-Policy: same-origin
< X-Frame-Options: SAMEORIGIN
<
{
"count": 6,
"next": null,
"previous": null,
"results": [
{
"id": 4,
"url": "https://master.netbox.dev/api/virtualization/interfaces/4/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "Test1",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 5,
"url": "https://master.netbox.dev/api/virtualization/interfaces/5/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "Test2",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 2,
"url": "https://master.netbox.dev/api/virtualization/interfaces/2/",
"virtual_machine": {
"id": 7,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/7/",
"name": "2r443f"
},
"name": "eth0",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 3,
"url": "https://master.netbox.dev/api/virtualization/interfaces/3/",
"virtual_machine": {
"id": 3,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/3/",
"name": "afdsf"
},
"name": "eth0",
"enabled": true,
"mtu": null,
"mac_address": "00:11:22:33:44:55",
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
},
{
"id": 6,
"url": "https://master.netbox.dev/api/virtualization/interfaces/6/",
"virtual_machine": {
"id": 9,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/9/",
"name": "test"
},
"name": "ghjgjhghjgh",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": {
"value": "tagged",
"label": "Tagged"
},
"untagged_vlan": null,
"tagged_vlans": [
{
"id": 128,
"url": "https://master.netbox.dev/api/ipam/vlans/128/",
"vid": 2,
"name": "2",
"display_name": "2 (2)"
}
],
"tags": [
{
"id": 3,
"url": "https://master.netbox.dev/api/extras/tags/3/",
"name": "pdu",
"slug": "pdu",
"color": "9e9e9e"
}
]
},
{
"id": 1,
"url": "https://master.netbox.dev/api/virtualization/interfaces/1/",
"virtual_machine": {
"id": 1,
"url": "https://master.netbox.dev/api/virtualization/virtual-machines/1/",
"name": "testvm"
},
"name": "ens192",
"enabled": true,
"mtu": null,
"mac_address": null,
"description": "",
"mode": null,
"untagged_vlan": null,
"tagged_vlans": [],
"tags": []
}
]
Is there a permission set on a database table that may need adjusting, possibly? Is there a debug setting that I can turn on to help provide some guidance?
As for users, we use LDAP authentication. Both users are in the group that grants access. One user has a green check under "Write enabled" while the other has a red X. The idea is that we want to have a "read-only service account" that can read information but not alter it for some of our automation scripts.
So for gits and shiggles I tried turning on "write enabled" and it did not resolve the issue. This would indicate some authentication level issue or a permission issue somewhere inside.
How are your permissions structured? Does the read only account have access in the web interface to those interfaces?
OK, so it looks like I had to go into the admin page and add in the permissions and it works now.
Environment
Steps to Reproduce
Replace "$token" with the read-only and read-write tokens from steps 1 and 2, and use an ID for the interface you know exists.
Expected Behavior
Response for both:
(ids and mac address results will vary based on your data)
Observed Behavior
The expected behavior occurred with the read-write id/token. The following occurred with the read-only token/id: