fix auditing/perms for webhook testing

2024-07-02 00:17:32 +00:00 · 2024-07-02 00:17:32 +00:00 · 29a4d61e90
parent 2667cdb26c
commit 29a4d61e90
2 changed files with 10 additions and 2 deletions
--- a/api/tacticalrmm/core/permissions.py
+++ b/api/tacticalrmm/core/permissions.py
@ -15,6 +15,8 @@ class URLActionPerms(permissions.BasePermission):
    def has_permission(self, r, view) -> bool:
        if r.method in {"GET", "PATCH"}:
            return _has_perm(r, "can_run_urlactions")
+        elif r.path == "/core/urlaction/run/test/" and r.method == "POST":
+            return _has_perm(r, "can_run_urlactions")

        # TODO make a manage url action perm instead?
        return _has_perm(r, "can_edit_core_settings")
--- a/api/tacticalrmm/logs/models.py
+++ b/api/tacticalrmm/logs/models.py
@ -245,20 +245,26 @@ class AuditLog(models.Model):
        debug_info: Dict[Any, Any] = {},
    ) -> None:
        from agents.models import Agent
+        from clients.models import Client, Site

        debug_info["body"] = body
        debug_info["headers"] = headers

        if instance_type == "agent":
-            instance = Agent.objects.get(pk=instance_id)
+            instance = Agent.objects.get(agent_id=instance_id)

        elif instance_type == "site":
            instance = Site.objects.get(pk=instance_id)

        elif instance_type == "client":
            instance = Client.objects.get(pk=instance_id)
+        else:
+            instance = None

-        name = instance.hostname if isinstance(instance, Agent) else instance.name
+        if instance is not None:
+            name = instance.hostname if isinstance(instance, Agent) else instance.name
+        else:
+            name = "None"
        classname = type(instance).__name__
        AuditLog.objects.create(
            username=username,