# Fork from [redzej/graphene-permissions](https://github.com/redzej/graphene-permissions)
Forked from the original repository and modified to run on the latest graphene (3.2~)
# graphene-permissions
**Permission system for graphene-django apps.**
[![Build Status](https://travis-ci.org/redzej/graphene-permissions.svg?branch=master)](https://travis-ci.org/redzej/graphene-permissions)
[![PyPI version](https://badge.fury.io/py/graphene-permissions.svg)](https://badge.fury.io/py/graphene-permissions)
[![Python 3.6](https://img.shields.io/badge/python-3.6-green.svg)](https://www.python.org/downloads/release/python-360/)
[![codecov](https://codecov.io/gh/redzej/graphene-permissions/branch/master/graph/badge.svg)](https://codecov.io/gh/redzej/graphene-permissions)
[![Maintainability](https://api.codeclimate.com/v1/badges/12b39435f888adf2370b/maintainability)](https://codeclimate.com/github/redzej/graphene-permissions/maintainability)
## Overview
DRF-inspired permission system based on classes for graphene-django. Allows easy customization of permission classes for
for queries and mutations.
## Requirements
* Python 3.5+
* Django 2.0+
* graphene-django 2.0+
## Installation
Install using pip:
```commandline
pip install graphene-permissions
```
## Example
To enforce permission system, add appropriate mixin and set attribute `permission_classes`.
```python
### models.py
from django.db import models
class Pet(models.Model):
name = models.CharField(max_length=32)
race = models.CharField(max_length=64)
```
```python
### schema.py
from graphene import relay
from graphene_django import DjangoObjectType
from graphene_permissions.mixins import AuthNode
from graphene_permissions.permissions import AllowAuthenticated
class PetNode(AuthNode, DjangoObjectType):
permission_classes = (AllowAuthenticated,)
class Meta:
model = Pet
filter_fields = ('name',)
interfaces = (relay.Node,)
```
## Docs
### Setting up permission check
For queries use `AuthNode` mixin and inherite from `AuthFilter` class.
```python
class AllowAuthenticatedPetNode(AuthNode, DjangoObjectType):
permission_classes = (AllowAuthenticated,)
class Meta:
model = Pet
filter_fields = ('name',)
interfaces = (relay.Node,)
class AllowAuthenticatedFilter(AuthFilter):
permission_classes = (AllowAuthenticated,)
class PetsQuery:
user_pet = relay.Node.Field(AllowAuthenticatedPetNode)
all_user_pets = AllowAuthenticatedFilter(AllowAuthenticatedPetNode)
```
For mutations use `AuthMutation` mixin.
```python
class AuthenticatedAddPet(AuthMutation, ClientIDMutation):
permission_classes = (AllowAuthenticated,)
pet = graphene.Field(AllowAuthenticatedPetNode)
class Input:
name = graphene.String()
race = graphene.String()
owner = graphene.ID()
@classmethod
def mutate_and_get_payload(cls, root, info, **input):
if cls.has_permission(root, info, input):
owner = User.objects.get(pk=from_global_id(input['owner'])[1])
pet = Pet.objects.create(name=input['name'], race=input['race'], owner=owner)
return AuthenticatedAddPet(pet=pet)
return AuthenticatedAddPet(pet=None)
class PetsMutation:
authenticated_add_pet = AuthenticatedAddPet.Field()
```
### Customizing permission classes
Default permission classes are: `AllowAny`, `AllowAuthenticated`, `AllowStaff`.
You can set up equal permission for both queries and mutations with one class, simply subclass one of these classes
and to limit access for given object, override appropriate method. Remember to return `true` if user should be given
access and `false`, if denied.
```python
class AllowMutationForStaff(AllowAuthenticated):
@staticmethod
def has_node_permission(info, id):
# logic here
# return boolean
@staticmethod
def has_mutation_permission(root, info, input):
if info.request.user.is_staff:
return True
return False
@staticmethod
def has_filter_permission(info):
# logic here
# return boolean
```
### Multiple permissions
You can set up multiple permissions checks, simply adding more classes. Permission is evaluated for every class.
If one of the checks fails, access is denied.
```python
class CustomPetNode(AuthNode, DjangoObjectType):
permission_classes = (AllowAuthenticated, AllowStaff, AllowCustom)
class Meta:
model = Pet
interfaces = (relay.Node,)
```
Raw data
{
"_id": null,
"home_page": "https://github.com/vintersnow/graphene-permissions",
"name": "graphene-permissions2",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": "",
"keywords": "graphene django permissions permission system",
"author": "vintersnow",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/4c/4c/41be9e6a108eaf1635f90b5342d7d2aba9bded502f6e65fb22229973c374/graphene-permissions2-1.2.1.tar.gz",
"platform": null,
"description": "# Fork from [redzej/graphene-permissions](https://github.com/redzej/graphene-permissions)\nForked from the original repository and modified to run on the latest graphene (3.2~)\n\n# graphene-permissions\n\n**Permission system for graphene-django apps.**\n\n[![Build Status](https://travis-ci.org/redzej/graphene-permissions.svg?branch=master)](https://travis-ci.org/redzej/graphene-permissions)\n[![PyPI version](https://badge.fury.io/py/graphene-permissions.svg)](https://badge.fury.io/py/graphene-permissions)\n[![Python 3.6](https://img.shields.io/badge/python-3.6-green.svg)](https://www.python.org/downloads/release/python-360/)\n[![codecov](https://codecov.io/gh/redzej/graphene-permissions/branch/master/graph/badge.svg)](https://codecov.io/gh/redzej/graphene-permissions)\n[![Maintainability](https://api.codeclimate.com/v1/badges/12b39435f888adf2370b/maintainability)](https://codeclimate.com/github/redzej/graphene-permissions/maintainability)\n\n\n## Overview\n\nDRF-inspired permission system based on classes for graphene-django. Allows easy customization of permission classes for\nfor queries and mutations.\n\n\n## Requirements\n\n* Python 3.5+\n* Django 2.0+\n* graphene-django 2.0+\n\n## Installation\n\nInstall using pip:\n\n```commandline\npip install graphene-permissions\n```\n\n## Example\n\nTo enforce permission system, add appropriate mixin and set attribute `permission_classes`.\n\n\n```python\n### models.py\nfrom django.db import models\n\n\nclass Pet(models.Model):\n name = models.CharField(max_length=32)\n race = models.CharField(max_length=64)\n```\n```python\n### schema.py\nfrom graphene import relay\nfrom graphene_django import DjangoObjectType\nfrom graphene_permissions.mixins import AuthNode\nfrom graphene_permissions.permissions import AllowAuthenticated\n\n\nclass PetNode(AuthNode, DjangoObjectType):\n permission_classes = (AllowAuthenticated,)\n\n class Meta:\n model = Pet\n filter_fields = ('name',)\n interfaces = (relay.Node,)\n```\n\n## Docs\n\n### Setting up permission check\nFor queries use `AuthNode` mixin and inherite from `AuthFilter` class.\n```python\nclass AllowAuthenticatedPetNode(AuthNode, DjangoObjectType):\n permission_classes = (AllowAuthenticated,)\n\n class Meta:\n model = Pet\n filter_fields = ('name',)\n interfaces = (relay.Node,)\n\n\nclass AllowAuthenticatedFilter(AuthFilter):\n permission_classes = (AllowAuthenticated,)\n\n\nclass PetsQuery:\n user_pet = relay.Node.Field(AllowAuthenticatedPetNode)\n all_user_pets = AllowAuthenticatedFilter(AllowAuthenticatedPetNode)\n```\n\nFor mutations use `AuthMutation` mixin.\n```python\nclass AuthenticatedAddPet(AuthMutation, ClientIDMutation):\n permission_classes = (AllowAuthenticated,)\n pet = graphene.Field(AllowAuthenticatedPetNode)\n\n class Input:\n name = graphene.String()\n race = graphene.String()\n owner = graphene.ID()\n\n @classmethod\n def mutate_and_get_payload(cls, root, info, **input):\n if cls.has_permission(root, info, input):\n owner = User.objects.get(pk=from_global_id(input['owner'])[1])\n pet = Pet.objects.create(name=input['name'], race=input['race'], owner=owner)\n return AuthenticatedAddPet(pet=pet)\n return AuthenticatedAddPet(pet=None)\n\n\nclass PetsMutation:\n authenticated_add_pet = AuthenticatedAddPet.Field()\n```\n\n### Customizing permission classes\nDefault permission classes are: `AllowAny`, `AllowAuthenticated`, `AllowStaff`.\nYou can set up equal permission for both queries and mutations with one class, simply subclass one of these classes\nand to limit access for given object, override appropriate method. Remember to return `true` if user should be given\naccess and `false`, if denied.\n\n```python\nclass AllowMutationForStaff(AllowAuthenticated):\n @staticmethod\n def has_node_permission(info, id):\n # logic here\n # return boolean\n\n @staticmethod\n def has_mutation_permission(root, info, input):\n if info.request.user.is_staff:\n return True\n return False\n\n @staticmethod\n def has_filter_permission(info):\n # logic here\n # return boolean\n```\n\n### Multiple permissions\nYou can set up multiple permissions checks, simply adding more classes. Permission is evaluated for every class.\nIf one of the checks fails, access is denied.\n\n```python\nclass CustomPetNode(AuthNode, DjangoObjectType):\n permission_classes = (AllowAuthenticated, AllowStaff, AllowCustom)\n\n class Meta:\n model = Pet\n interfaces = (relay.Node,)\n```\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Simple graphene-django permission system.",
"version": "1.2.1",
"project_urls": {
"Homepage": "https://github.com/vintersnow/graphene-permissions"
},
"split_keywords": [
"graphene",
"django",
"permissions",
"permission",
"system"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "bb9a1a80034ad1f6f212832ffd0732d1010022d02029bf5c651cadf72d39efe0",
"md5": "fd6eda5fdf748c5b2494601d19e30cfe",
"sha256": "98097bb0fea383aaed859af49cfd0b23abce9b0c08144164227cded4d177b0d8"
},
"downloads": -1,
"filename": "graphene_permissions2-1.2.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "fd6eda5fdf748c5b2494601d19e30cfe",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 5830,
"upload_time": "2024-01-04T03:09:35",
"upload_time_iso_8601": "2024-01-04T03:09:35.532553Z",
"url": "https://files.pythonhosted.org/packages/bb/9a/1a80034ad1f6f212832ffd0732d1010022d02029bf5c651cadf72d39efe0/graphene_permissions2-1.2.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "4c4c41be9e6a108eaf1635f90b5342d7d2aba9bded502f6e65fb22229973c374",
"md5": "b75c49d23f87fa0df9dd45948c40b669",
"sha256": "504a43eb1bfc73b65c5c90c6a860597e41550e254d16b3c48e7ec8dc8501188d"
},
"downloads": -1,
"filename": "graphene-permissions2-1.2.1.tar.gz",
"has_sig": false,
"md5_digest": "b75c49d23f87fa0df9dd45948c40b669",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 5209,
"upload_time": "2024-01-04T03:09:36",
"upload_time_iso_8601": "2024-01-04T03:09:36.873492Z",
"url": "https://files.pythonhosted.org/packages/4c/4c/41be9e6a108eaf1635f90b5342d7d2aba9bded502f6e65fb22229973c374/graphene-permissions2-1.2.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-04 03:09:36",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "vintersnow",
"github_project": "graphene-permissions",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "graphene-permissions2"
}