# 👮 Role-Based-Access-Control module for Orwynn framework
Gives controls to roles and their permissions in your backend application.
## Installation
Via Poetry:
```sh
poetry add orwynn_rbac
```
## Usage
Define default roles in your application:
```python
DefaultRoles = [
DefaultRole(
name="sergeant",
title="Sergeant",
description="Flexible policeman",
permission_names=set(
"yourcompany.yourproject.citizen.permission.citizen:get",
"yourcompany.yourproject.tax.permission.tax:create",
"yourcompany.yourproject.pursue.permission.start:do"
)
),
...
]
```
> NOTE: Default roles are initialized only once per fresh database.
In your Boot setup, initialize a RBACBoot class and get a bootscript from it:
```python
from orwynn_rbac import RBACBoot
Boot(
...,
bootscripts=[
...,
RBACBoot(
default_roles=DefaultRoles
).get_bootscript()
]
)
```
In any module, where RBAC functionality is required (e.g. user access
checkers), import `orwynn_rbac.module`:
```python
import orwynn_rbac
your_module = Module(
...,
imports=[
...,
orwynn_rbac.module
]
)
```
### Checking access
To check an access to your controller you are free to implement own middleware,
retrieve an user id, e.g. from HTTP authorization header, and pass it to our
`AccessService.check_user()` method. A minimal middleware might look like this:
```python
class AccessMiddleware(HttpMiddleware):
def __init__(
self,
covered_routes: list[str],
service: AccessService,
) -> None:
super().__init__(covered_routes)
self.service: AccessService = service
async def process(
self,
request: HttpRequest,
call_next: Callable,
) -> HttpResponse:
user_id: str | None = request.headers.get("user-id", None)
self.service.check_user(
user_id, str(request.url.components.path), request.method
)
response: HttpResponse = await call_next(request)
return response
```
The method `AccessService.check_user()` will raise a `ForbiddenError` if an
user with given id has no access to the route and method, so you just need to
call it with these arguments.
Raw data
{
"_id": null,
"home_page": "https://github.com/slimebones/orwynn_rbac",
"name": "orwynn-rbac",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.11,<4.0",
"maintainer_email": "",
"keywords": "framework,rbac,role-based-access-control,role,permission",
"author": "ryzhovalex",
"author_email": "thed4rkof@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/71/0f/c762f0245a50b3a07e7630efe9d9d3eb318bdcc6ba6c063fd03279934917/orwynn_rbac-0.1.3.tar.gz",
"platform": null,
"description": "# \ud83d\udc6e Role-Based-Access-Control module for Orwynn framework\n\nGives controls to roles and their permissions in your backend application.\n\n\n## Installation\n\nVia Poetry:\n```sh\npoetry add orwynn_rbac\n```\n\n## Usage\n\nDefine default roles in your application:\n```python\nDefaultRoles = [\n DefaultRole(\n name=\"sergeant\",\n title=\"Sergeant\",\n description=\"Flexible policeman\",\n permission_names=set(\n \"yourcompany.yourproject.citizen.permission.citizen:get\",\n \"yourcompany.yourproject.tax.permission.tax:create\",\n \"yourcompany.yourproject.pursue.permission.start:do\"\n )\n ),\n ...\n]\n```\n\n> NOTE: Default roles are initialized only once per fresh database.\n\nIn your Boot setup, initialize a RBACBoot class and get a bootscript from it:\n```python\nfrom orwynn_rbac import RBACBoot\n\nBoot(\n ...,\n bootscripts=[\n ...,\n RBACBoot(\n default_roles=DefaultRoles\n ).get_bootscript()\n ]\n)\n```\n\nIn any module, where RBAC functionality is required (e.g. user access\ncheckers), import `orwynn_rbac.module`:\n```python\nimport orwynn_rbac\n\nyour_module = Module(\n ...,\n imports=[\n ...,\n orwynn_rbac.module\n ]\n)\n```\n\n### Checking access\n\nTo check an access to your controller you are free to implement own middleware,\nretrieve an user id, e.g. from HTTP authorization header, and pass it to our\n`AccessService.check_user()` method. A minimal middleware might look like this:\n\n```python\nclass AccessMiddleware(HttpMiddleware):\n def __init__(\n self,\n covered_routes: list[str],\n service: AccessService,\n ) -> None:\n super().__init__(covered_routes)\n self.service: AccessService = service\n\n async def process(\n self,\n request: HttpRequest,\n call_next: Callable,\n ) -> HttpResponse:\n user_id: str | None = request.headers.get(\"user-id\", None)\n self.service.check_user(\n user_id, str(request.url.components.path), request.method\n )\n\n response: HttpResponse = await call_next(request)\n\n return response\n```\n\nThe method `AccessService.check_user()` will raise a `ForbiddenError` if an\nuser with given id has no access to the route and method, so you just need to\ncall it with these arguments.\n",
"bugtrack_url": null,
"license": "",
"summary": "\ud83d\udc6e Role-Based-Access-Control module for Orwynn framework",
"version": "0.1.3",
"project_urls": {
"Documentation": "https://github.com/slimebones/orwynn_rbac",
"Homepage": "https://github.com/slimebones/orwynn_rbac",
"Repository": "https://github.com/slimebones/orwynn_rbac"
},
"split_keywords": [
"framework",
"rbac",
"role-based-access-control",
"role",
"permission"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f10e56d029b84a3731d89aec2ab038427c3c7d2d1a38a84e32fc0330dfec5aa8",
"md5": "fc3828186998c4358061920b9516475c",
"sha256": "75ec70d007717d4334eff467ceca9504afeddd83ab9ea791f26962dcdb157a4f"
},
"downloads": -1,
"filename": "orwynn_rbac-0.1.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "fc3828186998c4358061920b9516475c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11,<4.0",
"size": 21737,
"upload_time": "2023-12-12T10:39:57",
"upload_time_iso_8601": "2023-12-12T10:39:57.463184Z",
"url": "https://files.pythonhosted.org/packages/f1/0e/56d029b84a3731d89aec2ab038427c3c7d2d1a38a84e32fc0330dfec5aa8/orwynn_rbac-0.1.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "710fc762f0245a50b3a07e7630efe9d9d3eb318bdcc6ba6c063fd03279934917",
"md5": "47f8ca1f0655aefbbf45afd8d6e65346",
"sha256": "03647e8ff8ed31afcc02ff9cfd61d5ca349dfbdab7fe74263eacb4891cf49af3"
},
"downloads": -1,
"filename": "orwynn_rbac-0.1.3.tar.gz",
"has_sig": false,
"md5_digest": "47f8ca1f0655aefbbf45afd8d6e65346",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.11,<4.0",
"size": 17454,
"upload_time": "2023-12-12T10:40:00",
"upload_time_iso_8601": "2023-12-12T10:40:00.959541Z",
"url": "https://files.pythonhosted.org/packages/71/0f/c762f0245a50b3a07e7630efe9d9d3eb318bdcc6ba6c063fd03279934917/orwynn_rbac-0.1.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-12-12 10:40:00",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "slimebones",
"github_project": "orwynn_rbac",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "orwynn-rbac"
}
JSON
