Restrict scripts list based on Script permission instead of ScriptModule

docs/customization/custom-scripts.md

@@ -20,15 +20,6 @@ Custom scripts are Python code which exists outside the NetBox code base, so the
 !!! danger "Only install trusted scripts"
     Custom scripts have unrestricted access to change anything in the database and are inherently unsafe and should only be installed and run from trusted sources.  You should also review and set permissions for who can run scripts if the script can modify any data.
 
-!!! tip "Permissions for Custom Scripts"
-    A user can be granted permissions on all Custom Scripts via the "Managed File" object-level permission. To further restrict a user to only be able to access certain scripts, create an additional permission on the "Script" object type, with appropriate queryset-style constraints matching fields available on Script. For example:
-    ```json
-    {
-        "name__in": [
-            "MyScript"
-        ]
-    }
-    ```
 
 ## Writing Custom Scripts
 

netbox/extras/views.py

@@ -24,11 +24,9 @@ from extras.utils import SharedObjectViewMixin
 from netbox.object_actions import *
 from netbox.views import generic
 from netbox.views.generic.mixins import TableMixin
-from users.models import ObjectPermission
 from utilities.forms import ConfirmationForm, get_field_value
 from utilities.htmx import htmx_partial, htmx_maybe_redirect_current_page
 from utilities.paginator import EnhancedPaginator, get_paginate_count
-from utilities.permissions import qs_filter_from_constraints
 from utilities.query import count_related
 from utilities.querydict import normalize_querydict
 from utilities.request import copy_safe_request
@@ -1443,19 +1441,8 @@ class ScriptListView(ContentTypePermissionRequiredMixin, View):
         return 'extras.view_script'
 
     def get(self, request):
-        # Permissions for the Scripts page are given via the "Managed File" object permission. To further restrict
-        # users to access only specified scripts, create permissions on the "Script" object with appropriate
-        # queryset-style constraints matching fields available on Script.
-        script_modules = ScriptModule.objects.restrict(request.user).prefetch_related(
-            'data_source', 'data_file', 'jobs'
-        )
-        script_ct = ContentType.objects.get_for_model(Script)
-        script_permissions = qs_filter_from_constraints(
-            ObjectPermission.objects.filter(
-                users=self.request.user, object_types=script_ct
-            ).values_list("constraints", flat=True)
-        )
-        available_scripts = Script.objects.filter(script_permissions, module__in=script_modules)
+        available_scripts = Script.objects.restrict(request.user)
+        script_modules = [s.module for s in available_scripts]
 
         context = {
             'model': ScriptModule,

netbox/users/forms/model_forms.py

@@ -325,7 +325,7 @@ class ObjectPermissionForm(forms.ModelForm):
         widget=SplitMultiSelectWidget(
             choices=get_object_types_choices
         ),
-        help_text=_('Select the types of objects to which the permission will appy.')
+        help_text=_('Select the types of objects to which the permission will apply.')
     )
     can_view = forms.BooleanField(
         required=False