CustomField - user permission

[PeterKnotek]

Hi

Have custom field with name PfSenseTable
This field determines whether the tenant will be in the given table or not.
How can I ensure that, when editing a Tenant with USER XYZ cannot access a specific custom field or, if they attempt to make a change, they won't be allowed to save it?
I tried custom validator.. but unsuccessfully
Or Admin//Permission and set setting inConstraints ??

Thanks for help.

Here is custom_validars.py

class PfSenseTableValidator(CustomValidator):
    def validate(self, instance, *args, **kwargs):
        request = kwargs.get("request")
        user = request.user if request and hasattr(request, "user") else None
        if user and not user.is_superuser:
            if 'PfSenseTable' in instance.custom_field_data and instance.custom_field_data['PfSenseTable'] != instance._original_custom_field_data.get('PfSenseTable'):
                self.fail("XXX , field="PfSenseTable")
                raise ValidationError(_("Only superusers can modify the PfSenseTable field.")) 

[candlerb]

def validate(self, instance, *args, **kwargs):

You need to change this to (as per documentation):

def validate(self, instance, request):

AFAICS, the request appears in the positional arguments, not the keyword arguments:

netbox/extras/validators.py:        self.validate(instance, request)

(therefore would appear in args not kwargs in your version)

[PeterKnotek]

THANKS
I finally solved it like this :

from rest_framework.exceptions import ValidationError

class PfSenseTableValidator(CustomValidator):
    def validate(self, instance, request, *args, **kwargs):
        user = request.user if request and hasattr(request, "user") else None
        allowed_group = 'PfSense Editors'
        if user and not user.is_superuser and not user.groups.filter(name=allowed_group).exists():
            original_data = getattr(instance, '_original_custom_field_data', {}).get('PfSenseTable', None)
            current_data = instance.custom_field_data.get('PfSenseTable', None)
            if original_data != current_data:
                self.fail("Only superusers or users in the 'PfSense Editors' group can modify the PfSenseTable field.")
                raise ValidationError(_("Only superusers or users in the 'PfSense Editors' group can modify the PfSenseTable field."))