diff --git a/authentik/rbac/api/rbac.py b/authentik/rbac/api/rbac.py index 3f468f483..2ce5b8d33 100644 --- a/authentik/rbac/api/rbac.py +++ b/authentik/rbac/api/rbac.py @@ -32,13 +32,19 @@ class PermissionSerializer(ModelSerializer): def get_app_label_verbose(self, instance: Permission) -> str: """Human-readable app label""" - return apps.get_app_config(instance.content_type.app_label).verbose_name + try: + return apps.get_app_config(instance.content_type.app_label).verbose_name + except LookupError: + return f"{instance.content_type.app_label}.{instance.content_type.model}" def get_model_verbose(self, instance: Permission) -> str: """Human-readable model name""" - return apps.get_model( - instance.content_type.app_label, instance.content_type.model - )._meta.verbose_name + try: + return apps.get_model( + instance.content_type.app_label, instance.content_type.model + )._meta.verbose_name + except LookupError: + return f"{instance.content_type.app_label}.{instance.content_type.model}" class Meta: model = Permission diff --git a/authentik/rbac/api/rbac_roles.py b/authentik/rbac/api/rbac_roles.py index 162a3225b..1c48169a2 100644 --- a/authentik/rbac/api/rbac_roles.py +++ b/authentik/rbac/api/rbac_roles.py @@ -28,9 +28,12 @@ class ExtraRoleObjectPermissionSerializer(RoleObjectPermissionSerializer): def get_model_verbose(self, instance: GroupObjectPermission) -> str: """Get model label from permission's model""" - return apps.get_model( - instance.content_type.app_label, instance.content_type.model - )._meta.verbose_name + try: + return apps.get_model( + instance.content_type.app_label, instance.content_type.model + )._meta.verbose_name + except LookupError: + return f"{instance.content_type.app_label}.{instance.content_type.model}" def get_object_description(self, instance: GroupObjectPermission) -> Optional[str]: """Get model description from attached model. This operation takes at least @@ -38,7 +41,10 @@ class ExtraRoleObjectPermissionSerializer(RoleObjectPermissionSerializer): view_ permission on the object""" app_label = instance.content_type.app_label model = instance.content_type.model - model_class = apps.get_model(app_label, model) + try: + model_class = apps.get_model(app_label, model) + except LookupError: + return None objects = get_objects_for_group(instance.group, f"{app_label}.view_{model}", model_class) obj = objects.first() if not obj: diff --git a/authentik/rbac/api/rbac_users.py b/authentik/rbac/api/rbac_users.py index 04f3fcabd..636b327f3 100644 --- a/authentik/rbac/api/rbac_users.py +++ b/authentik/rbac/api/rbac_users.py @@ -28,9 +28,12 @@ class ExtraUserObjectPermissionSerializer(UserObjectPermissionSerializer): def get_model_verbose(self, instance: UserObjectPermission) -> str: """Get model label from permission's model""" - return apps.get_model( - instance.content_type.app_label, instance.content_type.model - )._meta.verbose_name + try: + return apps.get_model( + instance.content_type.app_label, instance.content_type.model + )._meta.verbose_name + except LookupError: + return f"{instance.content_type.app_label}.{instance.content_type.model}" def get_object_description(self, instance: UserObjectPermission) -> Optional[str]: """Get model description from attached model. This operation takes at least @@ -38,7 +41,10 @@ class ExtraUserObjectPermissionSerializer(UserObjectPermissionSerializer): view_ permission on the object""" app_label = instance.content_type.app_label model = instance.content_type.model - model_class = apps.get_model(app_label, model) + try: + model_class = apps.get_model(app_label, model) + except LookupError: + return None objects = get_objects_for_user(instance.user, f"{app_label}.view_{model}", model_class) obj = objects.first() if not obj: