Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API Requests Via Token WITH "Allowed IPs" Set Broken After Upgrade to 3.6.5 #14249

Closed
bnerickson opened this issue Nov 10, 2023 · 1 comment · Fixed by #14456
Closed

API Requests Via Token WITH "Allowed IPs" Set Broken After Upgrade to 3.6.5 #14249

bnerickson opened this issue Nov 10, 2023 · 1 comment · Fixed by #14456
Assignees
Labels
severity: medium Results in substantial degraded or broken functionality for specfic workflows status: accepted This issue has been accepted for implementation type: bug A confirmed report of unexpected behavior in the application

Comments

@bnerickson
Copy link

bnerickson commented Nov 10, 2023

NetBox version

v3.6.5

Python version

3.9

Steps to Reproduce

Unless otherwise noted, leave everything else default:

  1. Create a permission with "can view" selected and select every object type.
  2. Create a user with a password and the newly created permission assigned.
  3. Create an API token assigned to the new user with "Allowed IPs" set to ::/0,0.0.0.0/0 to allow all.
  4. Perform an API get request using the new token (should fail).
  5. Remove the "Allowed IPs" setting on the API token and retry the request (should succeed).

Expected Behavior

Setting AllowedIPs should not throw a 500 Internal Server Error.

Observed Behavior

500: Internal Server Error is raised. Setting debug logging for django and netbox yield the following:

2023-11-10 18:01:57,367 netbox.config DEBUG: No previous configuration found in database; proceeding with default values
2023-11-10 18:01:57,368 netbox.config DEBUG: Initialized configuration
2023-11-10 18:01:57,402 netbox.config DEBUG: Cleared configuration
2023-11-10 18:01:57,402 django.request ERROR: Internal Server Error: /api/ipam/vlans/
@bnerickson bnerickson added the type: bug A confirmed report of unexpected behavior in the application label Nov 10, 2023
@bnerickson bnerickson changed the title API Requests Via Token WITH "Allowed IPs" Broken After Upgrade to 3.6.5 API Requests Via Token WITH "Allowed IPs" Set Broken After Upgrade to 3.6.5 Nov 10, 2023
@tomryder-inspirenet
Copy link

tomryder-inspirenet commented Nov 12, 2023

Observed a similar problem here, with IPv6 connections being denied (HTTP 403) for tokens with an ACL. I strongly suspect #14235 fixing #14085 is the culprit; it looks like it needs to be adjusted to handle parsing out the port for IPv6 connections.

@abhi1693 abhi1693 added the severity: medium Results in substantial degraded or broken functionality for specfic workflows label Nov 13, 2023
@abhi1693 abhi1693 self-assigned this Nov 13, 2023
@abhi1693 abhi1693 added the status: accepted This issue has been accepted for implementation label Nov 13, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
severity: medium Results in substantial degraded or broken functionality for specfic workflows status: accepted This issue has been accepted for implementation type: bug A confirmed report of unexpected behavior in the application
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants