Closed SerhiiZahuba closed 2 years ago
This sort of thing has come up in conversation a few times. It definitely sound like it'd be a cool feature, though we'd need to iron out the implementation.
Presumably, we could save the "proposed" new state of an object in a dedicated ProposedChange model (or something to that effect). A user with the proper permission could then either apply the change, updating the object with the new attributes, or reject it. I would assume that any changes to an object applied in the interim would invalidate the proposed change, to avoid potential issues with data integrity.
How to best handle permissions requires some more though, as this introduces a new concept: We need a way to indicate that a user is allowed to propose creating/modifying a model, but not to actually apply the changes. Or, alternatively, leave the existing permissions unchanged and just offer the option of proposing a change instead of applying it immediately.
In my world, this is getting into the world of ITIL and change management where one should be careful of not getting into a rabbit hole. And this hole is deep...trust me...
In my view, the whole approval process should have been done before the object is even placed in netbox, and to be honest, the definition of permissions in Netbox should be that if you have a permission to add an object to Netbox, you have already been approved.
One way would be to add a status of an object to "Pending" with a permission for the "minions" to only be able to add objects with that status, and by integrations from whatever system to look at this (we do something like this with Remedy).
My point here is not to limit features, but starting to go in this direction will start an journey to process management that will suck the life out of everything..... been there..... never got the t-shirt though:-)
I have an idea for this, but I'm not sure if it's going to be easy to write. I saw an open issue about exporting and importing more object types as YAML and it got me thinking about something like this:
It would be very nice if we could dump an entire site (or tenant, or any other aggregate object) with subobjects as JSON or YAML. At that point it would be a little easier to export and import data from different netbox instances. Then a designer might have their own instance where they do all the planning for a new site. It gets reviewed in another instance and once approved it would be uploaded to a master instance.
There is still some question marks, like how do you handle duplicated data on a merge, and what do you do with circuits which leave a site? But those details might be punted for later.
I think @ziggekatten is right on the money here. While an interesting idea, it's almost certainly not going to be worth the trouble to pursue, at least at this stage in NetBox's development. It might be something to reconsider when/if we amass a larger development team.
NetBox version
v3.0.4
Feature type
New functionality
Proposed functionality
I propose a new functionality, namely confirmation of changes or changes. For example, 5 people work in the infrastructure department (4 juniors and 1 of their leader), if one of the junior makes a change, then his manager must confirm this change. For example, I added new equipment to netbox, it is not immediately displayed in the system, but goes into an application that my manager must confirm.
Use case
Thus, we will be able to check what each employee contributes and whether he did it correctly.
Database changes
No response
External dependencies
No response