Fix admin site - Custom admin URL (#5766)

* Update config template file * Add entry to docs * Add INVENTREE_ADMIN_ENABLED to settings.py * Add helper functions for improving admin links * Refactor existing admin links * remove debug statements * Fix custom admin URL * Expand documentation * Fix URL * Improve wording in config_template.yaml * Extend admin_url tag - Allow lookup without pk - Handle case where pk not found
2024-08-30 18:33:04 +00:00 · 2023-10-21 22:12:14 +11:00 · 2023-10-21 22:12:14 +11:00 · b335728e29
commit b335728e29
parent 388b722de1
21 changed files with 130 additions and 53 deletions
--- a/InvenTree/InvenTree/settings.py
+++ b/InvenTree/InvenTree/settings.py
@ -197,7 +197,18 @@ if DBBACKUP_STORAGE_OPTIONS is None:
        'location': config.get_backup_dir(),
    }
-# Application definition
+INVENTREE_ADMIN_ENABLED = get_boolean_setting(
    'INVENTREE_ADMIN_ENABLED',
    config_key='admin_enabled',
    default_value=True
 )
 # Base URL for admin pages (default="admin")
 INVENTREE_ADMIN_URL = get_setting(
    'INVENTREE_ADMIN_URL',
    config_key='admin_url',
    default_value='admin'
 )
 INSTALLED_APPS = [
    # Admin site integration
@ -378,14 +389,6 @@ if DEBUG:
    INSTALLED_APPS.append('sslserver')
 # InvenTree URL configuration
 # Base URL for admin pages (default="admin")
 INVENTREE_ADMIN_URL = get_setting(
    'INVENTREE_ADMIN_URL',
    config_key='admin_url',
    default_value='admin'
 )
 ROOT_URLCONF = 'InvenTree.urls'
 TEMPLATES = [
--- a/InvenTree/InvenTree/urls.py
+++ b/InvenTree/InvenTree/urls.py
@ -209,11 +209,14 @@ classic_frontendpatterns = [
 new_frontendpatterns = platform_urls
-urlpatterns = [
+urlpatterns = []
-    # admin sites
+
-    re_path(f'^{settings.INVENTREE_ADMIN_URL}/error_log/', include('error_report.urls')),
+if settings.INVENTREE_ADMIN_ENABLED:
-    re_path(f'^{settings.INVENTREE_ADMIN_URL}/', admin.site.urls, name='inventree-admin'),
+    admin_url = settings.INVENTREE_ADMIN_URL,
-]
+    urlpatterns += [
        path(f'{admin_url}/error_log/', include('error_report.urls')),
        path(f'{admin_url}/', admin.site.urls, name='inventree-admin'),
    ]
 urlpatterns += backendpatterns
--- a/InvenTree/build/templates/build/build_base.html
+++ b/InvenTree/build/templates/build/build_base.html
@ -29,10 +29,9 @@ src="{% static 'img/blank_image.png' %}"
 {% block actions %}
 <!-- Admin Display -->
-{% if user.is_staff and roles.build.change %}
+{% admin_url user "build.build" build.pk as url %}
 {% url 'admin:build_build_change' build.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if barcodes %}
 <!-- Barcode actions menu -->
 <div class='btn-group' role='group'>
--- a/InvenTree/company/templates/company/company_base.html
+++ b/InvenTree/company/templates/company/company_base.html
@ -14,10 +14,9 @@
 {% block actions %}
 <!-- Admin View -->
-{% if user.is_staff and perms.company.change_company %}
+{% admin_url user "company.company" company.pk as url %}
 {% url 'admin:company_company_change' company.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if company.is_supplier and roles.purchase_order.add %}
 <button type='button' class='btn btn-outline-primary' id='company-order-2' title='{% trans "Create Purchase Order" %}'>
    <span class='fas fa-shopping-cart'/>
--- a/InvenTree/company/templates/company/manufacturer_part.html
+++ b/InvenTree/company/templates/company/manufacturer_part.html
@ -26,10 +26,10 @@
 {% endblock heading %}
 {% block actions %}
-{% if user.is_staff and perms.company.change_company %}
+
-{% url 'admin:company_manufacturerpart_change' part.pk as url %}
+{% admin_url user 'company.manufacturerpart' part.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if roles.purchase_order.change %}
 {% if roles.purchase_order.add and part.part.purchaseable %}
 <button type='button' class='btn btn-outline-secondary' id='order-part' title='{% trans "Order part" %}'>
--- a/InvenTree/company/templates/company/supplier_part.html
+++ b/InvenTree/company/templates/company/supplier_part.html
@ -26,10 +26,9 @@
 {% endblock heading %}
 {% block actions %}
-{% if user.is_staff and perms.company.change_company %}
+{% admin_url user "company.supplierpart" part.pk as url %}
 {% url 'admin:company_supplierpart_change' part.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if barcodes %}
 <!-- Barcode actions menu -->
 <div class='btn-group' role='group'>
--- a/InvenTree/config_template.yaml
+++ b/InvenTree/config_template.yaml
@ -58,6 +58,14 @@ database:
 # Use the environment variable INVENTREE_DEBUG
 debug: True
 # Set to False to disable the admin interface (default = True)
 # Or, use the environment variable INVENTREE_ADMIN_ENABLED
 #admin_enabled: True
 # Set the admin URL (default is 'admin')
 # Or, use the environment variable INVENTREE_ADMIN_URL
 #admin_url: 'admin'
 # Set enabled frontends
 # Use the environment variable INVENTREE_CLASSIC_FRONTEND
 # classic_frontend: True
--- a/InvenTree/order/templates/order/order_base.html
+++ b/InvenTree/order/templates/order/order_base.html
@ -19,10 +19,10 @@
 {% endblock heading %}
 {% block actions %}
-{% if user.is_staff and roles.purchase_order.change %}
+
-{% url 'admin:order_purchaseorder_change' order.pk as url %}
+{% admin_url user "order.purchaseorder" order.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if barcodes %}
 <!-- Barcode actions menu -->
 <div class='btn-group' role='group'>
--- a/InvenTree/order/templates/order/return_order_base.html
+++ b/InvenTree/order/templates/order/return_order_base.html
@ -29,10 +29,9 @@ src="{% static 'img/blank_image.png' %}"
 {% endblock heading %}
 {% block actions %}
-{% if user.is_staff and roles.return_order.change %}
+{% admin_url user "order.returnorder" order.pk as url %}
 {% url 'admin:order_returnorder_change' order.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if barcodes %}
 <!-- Barcode actions menu -->
 <div class='btn-group' role='group'>
--- a/InvenTree/order/templates/order/sales_order_base.html
+++ b/InvenTree/order/templates/order/sales_order_base.html
@ -29,10 +29,9 @@ src="{% static 'img/blank_image.png' %}"
 {% endblock heading %}
 {% block actions %}
-{% if user.is_staff and roles.sales_order.change %}
+{% admin_url user "order.salesorder" order.pk as url %}
 {% url 'admin:order_salesorder_change' order.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% if barcodes %}
 <!-- Barcode actions menu -->
 <div class='btn-group' role='group'>
--- a/InvenTree/part/templates/part/category.html
+++ b/InvenTree/part/templates/part/category.html
@ -25,10 +25,11 @@
 {% endblock heading %}
 {% block actions %}
-{% if category and user.is_staff and roles.part_category.change %}
+{% if category %}
-{% url 'admin:part_partcategory_change' category.pk as url %}
+{% admin_url user "part.partcategory" category.pk as url %}
 {% include "admin_button.html" with url=url %}
 {% endif %}
 {% settings_value "STOCKTAKE_ENABLE" as stocktake_enable %}
 {% if stocktake_enable and roles.stocktake.add %}
 <button type='button' class='btn btn-outline-secondary' id='category-stocktake' title='{% trans "Perform stocktake for this part category" %}'>
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@ -18,10 +18,8 @@
 {% block actions %}
 <!-- Admin View -->
-{% if user.is_staff and roles.part.change %}
+{% admin_url user "part.part" part.pk as url %}
 {% url 'admin:part_part_change' part.pk as url %}
 {% include "admin_button.html" with url=url %}
 {% endif %}
 {% if starred_directly %}
 <button type='button' class='btn btn-outline-secondary' id='toggle-starred' title='{% trans "You are subscribed to notifications for this part" %}'>
--- a/InvenTree/part/templatetags/inventree_extras.py
+++ b/InvenTree/part/templatetags/inventree_extras.py
@ -8,7 +8,7 @@ from datetime import date, datetime
 from django import template
 from django.conf import settings as djangosettings
 from django.templatetags.static import StaticNode
-from django.urls import reverse
+from django.urls import NoReverseMatch, reverse
 from django.utils.html import format_html
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
@ -626,3 +626,52 @@ else:  # pragma: no cover
        token.contents = ' '.join(bits)
        return I18nStaticNode.handle_token(parser, token)
@register.simple_tag()
 def admin_index(user):
    """Return a URL for the admin interface"""
    if not djangosettings.INVENTREE_ADMIN_ENABLED:
        return ''
    if not user.is_staff:
        return ''
    return reverse('admin:index')
@register.simple_tag()
 def admin_url(user, table, pk):
    """Generate a link to the admin site for the given model instance.
    - If the admin site is disabled, an empty URL is returned
    - If the user is not a staff user, an empty URL is returned
    - If the user does not have the correct permission, an empty URL is returned
    """
    app, model = table.strip().split('.')
    from django.urls import reverse
    if not djangosettings.INVENTREE_ADMIN_ENABLED:
        return ""
    if not user.is_staff:
        return ""
    # Check the user has the correct permission
    perm_string = f"{app}.change_{model}"
    if not user.has_perm(perm_string):
        return ''
    # Fallback URL
    url = reverse(f"admin:{app}_{model}_changelist")
    if pk:
        try:
            url = reverse(f'admin:{app}_{model}_change', args=(pk,))
        except NoReverseMatch:
            pass
    return url
--- a/InvenTree/plugin/registry.py
+++ b/InvenTree/plugin/registry.py
@ -17,7 +17,7 @@ from django.apps import apps
 from django.conf import settings
 from django.contrib import admin
 from django.db.utils import IntegrityError, OperationalError, ProgrammingError
-from django.urls import clear_url_caches, re_path
+from django.urls import clear_url_caches, path
 from django.utils.text import slugify
 from django.utils.translation import gettext_lazy as _
@ -620,13 +620,17 @@ class PluginsRegistry:
            app_name = getattr(url, 'app_name', None)
            admin_url = settings.INVENTREE_ADMIN_URL
            if app_name == 'admin':
-                urlpatterns[index] = re_path(r'^admin/', admin.site.urls, name='inventree-admin')
+                urlpatterns[index] = path(f'{admin_url}/', admin.site.urls, name='inventree-admin')
            if app_name == 'plugin':
                urlpatterns[index] = get_plugin_urls()
        # Refresh the URL cache
        clear_url_caches()
    # endregion
    # region plugin registry hash calculations
--- a/InvenTree/stock/templates/stock/item_base.html
+++ b/InvenTree/stock/templates/stock/item_base.html
@ -25,10 +25,9 @@
 {% block actions %}
-{% if user.is_staff and roles.stock.change %}
+{% admin_url user "stock.stockitem" item.pk as url %}
 {% url 'admin:stock_stockitem_change' item.pk as url %}
 {% include "admin_button.html" with url=url %}
-{% endif %}
+
 {% mixin_available "locate" as locate_available %}
 {% if plugins_enabled and locate_available %}
 <button id='locate-item-button' title='{% trans "Locate stock item" %}' class='btn btn-outline-secondary' typy='button'>
--- a/InvenTree/stock/templates/stock/location.html
+++ b/InvenTree/stock/templates/stock/location.html
@ -28,10 +28,11 @@
 {% block actions %}
 <!-- Admin view -->
-{% if location and user.is_staff and roles.stock_location.change %}
+{% if location %}
-{% url 'admin:stock_stocklocation_change' location.pk as url %}
+{% admin_url user "stock.stocklocation" location.pk as url %}
 {% include "admin_button.html" with url=url %}
 {% endif %}
 {% settings_value "STOCKTAKE_ENABLE" as stocktake_enable %}
 {% if stocktake_enable and roles.stocktake.add %}
 <button type='button' class='btn btn-outline-secondary' id='location-stocktake' title='{% trans "Perform stocktake for this stock location" %}'>
--- a/InvenTree/templates/InvenTree/settings/plugin.html
+++ b/InvenTree/templates/InvenTree/settings/plugin.html
@ -35,7 +35,7 @@
        <h4>{% trans "Plugins" %}</h4>
        {% include "spacer.html" %}
        <div class='btn-group' role='group'>
-            {% url 'admin:plugin_pluginconfig_changelist' as url %}
+            {% admin_url user "plugin.pluginconfig" None as url %}
            {% include "admin_button.html" with url=url %}
            {% if plug %}
            <button class="btn btn-success" id="install-plugin" title="{% trans 'Install Plugin' %}"><span class='fas fa-plus-circle'></span> {% trans "Install Plugin" %}</button>
--- a/InvenTree/templates/admin_button.html
+++ b/InvenTree/templates/admin_button.html
@ -3,7 +3,7 @@
 {% inventree_customize 'hide_admin_link' as hidden %}
-{% if not hidden and user.is_staff %}
+{% if url and not hidden and user.is_staff %}
 <a href='{{ url }}'>
    <button id='admin-button' href='{{ url }}' title='{% trans "View in administration panel" %}' type='button' class='btn btn-primary admin-button'>
        <span class='fas fa-user-shield'></span>
--- a/InvenTree/templates/navbar.html
+++ b/InvenTree/templates/navbar.html
@ -139,7 +139,10 @@
        <ul class='dropdown-menu dropdown-menu-end inventree-navbar-menu'>
          {% if user.is_authenticated %}
          {% if user.is_staff and not hide_admin_link %}
-          <li><a class='dropdown-item' href="{% url 'admin:index' %}"><span class="fas fa-user-shield"></span> {% trans "Admin" %}</a></li>
+          {% admin_index user as admin_idx %}
          {% if admin_idx %}
          <li><a class='dropdown-item' href="{{ admin_idx }}"><span class="fas fa-user-shield"></span> {% trans "Admin" %}</a></li>
          {% endif %}
          {% endif %}
          <li><a class='dropdown-item' href="{% url 'settings' %}"><span class="fas fa-cog"></span> {% trans "Settings" %}</a></li>
          <li><a class='dropdown-item' href="{% url 'account_logout' %}"><span class="fas fa-sign-out-alt"></span> {% trans "Logout" %}</a></li>
--- a/InvenTree/templates/registration/logged_out.html
+++ b/InvenTree/templates/registration/logged_out.html
@ -1,10 +1,11 @@
 {% extends "registration/logged_out.html" %}
 {% load i18n %}
 {% load inventree_extras %}
 {% block content %}
 <p>{% translate "You were logged out successfully." %}</p>
-<p><a href="{% url 'admin:index' %}">{% translate 'Log in again' %}</a></p>
+<p><a href="{% url 'index' %}">{% translate 'Log in again' %}</a></p>
 {% endblock content %}
--- a/docs/docs/start/config.md
+++ b/docs/docs/start/config.md
@ -55,10 +55,22 @@ The following basic options are available:
 | INVENTREE_LOG_LEVEL | log_level | Set level of logging to terminal | WARNING |
 | INVENTREE_DB_LOGGING | db_logging | Enable logging of database messages | False |
 | INVENTREE_TIMEZONE | timezone | Server timezone | UTC |
-| ADMIN_URL | admin_url | URL for accessing [admin interface](../settings/admin.md) | admin |
+| INVENTREE_ADMIN_ENABLED | admin_enabled | Enable the [django administrator interface](https://docs.djangoproject.com/en/4.2/ref/contrib/admin/) | True |
 | INVENTREE_ADMIN_URL | admin_url | URL for accessing [admin interface](../settings/admin.md) | admin |
 | INVENTREE_LANGUAGE | language | Default language | en-us |
 | INVENTREE_BASE_URL | base_url | Server base URL | *Not specified* |
 ### Admin Site
 Django provides a powerful [administrator interface](https://docs.djangoproject.com/en/4.2/ref/contrib/admin/) which can be used to manage the InvenTree database. This interface is enabled by default, but can be disabled by setting `INVENTREE_ADMIN_ENABLED` to `False`.
 #### Custom Admin URL
 By default, the admin interface is available at the `/admin/` URL. This can be changed by setting the `INVENTREE_ADMIN_URL` environment variable.
 !!! warning "Security"
    Changing the admin URL is a simple way to improve security, but it is not a substitute for proper security practices.
 ### Base URL Configuration
 The base URL of the InvenTree site is required for constructing absolute URLs in a number of circumstances. To construct a URL, the InvenTree iterates through the following options in decreasing order of importance: