Add configuration parameter to toggle GraphQL API

docs/configuration/optional-settings.md

@@ -201,6 +201,14 @@ EXEMPT_VIEW_PERMISSIONS = ['*']
 
 ---
 
+## GRAPHQL_ENABLED
+
+Default: True
+
+Setting this to False will disable the GraphQL API.
+
+---
+
 ## HTTP_PROXIES
 
 Default: None

netbox/netbox/configuration.example.py

@@ -149,6 +149,9 @@ EXEMPT_VIEW_PERMISSIONS = [
     # 'ipam.prefix',
 ]
 
+# Enable the GraphQL API
+GRAPHQL_ENABLED = True
+
 # HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
 # HTTP_PROXIES = {
 #     'http': 'http://10.10.1.10:3128',

netbox/netbox/graphql/views.py

@@ -1,6 +1,6 @@
 from django.conf import settings
 from django.contrib.auth.views import redirect_to_login
-from django.http import HttpResponseForbidden
+from django.http import HttpResponseNotFound, HttpResponseForbidden
 from django.urls import reverse
 from graphene_django.views import GraphQLView as GraphQLView_
 from rest_framework.exceptions import AuthenticationFailed
@@ -14,6 +14,10 @@ class GraphQLView(GraphQLView_):
     """
     def dispatch(self, request, *args, **kwargs):
 
+        # Enforce GRAPHQL_ENABLED
+        if not settings.GRAPHQL_ENABLED:
+            return HttpResponseNotFound("The GraphQL API is not enabled.")
+
         # Attempt to authenticate the user using a DRF token, if provided
         if not request.user.is_authenticated:
             authenticator = TokenAuthentication()

netbox/netbox/settings.py

@@ -83,6 +83,7 @@ DOCS_ROOT = getattr(configuration, 'DOCS_ROOT', os.path.join(os.path.dirname(BAS
 EMAIL = getattr(configuration, 'EMAIL', {})
 ENFORCE_GLOBAL_UNIQUE = getattr(configuration, 'ENFORCE_GLOBAL_UNIQUE', False)
 EXEMPT_VIEW_PERMISSIONS = getattr(configuration, 'EXEMPT_VIEW_PERMISSIONS', [])
+GRAPHQL_ENABLED = getattr(configuration, 'GRAPHQL_ENABLED', True)
 HTTP_PROXIES = getattr(configuration, 'HTTP_PROXIES', None)
 INTERNAL_IPS = getattr(configuration, 'INTERNAL_IPS', ('127.0.0.1', '::1'))
 LOGGING = getattr(configuration, 'LOGGING', {})

netbox/netbox/tests/test_graphql.py

@@ -6,6 +6,15 @@ from utilities.testing import disable_warnings, TestCase
 
 class GraphQLTestCase(TestCase):
 
+    @override_settings(GRAPHQL_ENABLED=False)
+    def test_graphql_enabled(self):
+        """
+        The /graphql URL should return a 404 when GRAPHQL_ENABLED=False
+        """
+        url = reverse('graphql')
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 404)
+
     @override_settings(LOGIN_REQUIRED=True)
     def test_graphiql_interface(self):
         """