DStore-ACL

Release 0.1.1

DStore Security using Access Control Lists

Homepage PyPI Python

License
MIT
Install
pip install DStore-ACL==0.1.1

Documentation

Welcome To DStore-ACL

DStore-ACL is a Security Layer for DStore.

Installing

DStore-ACL is available from the PyPi repository.

This means that all you have to do to install DStore-ACL is run the following in a console:

$ pip install dstore-acl

Minimal Example

from dstore import MemoryStore, Model, var, mod
from dstore_acl import ACL, Role, UserRole, AccessDenied


class UserAccount( Model ):
    _namespace = "users.account"
    _vars = [
        var.RowID,
        var.String( "name", 32, mods = [ mod.NotNull() ])
    ]
    _acl_rules = dict(
        add_own       = dict( default = True ),
        add_others    = dict( default = True ),
        read_own      = dict( allow = [ "admin", "member" ] ),
        read_others   = dict( allow = [ "admin" ] ),
        update_own    = dict( allow = [ "admin", "member" ] ),
        delete_own    = dict( allow = [ "admin" ] ),
        delete_others = dict( allow = [ "admin" ] ),
        empty         = dict( allow = [ "admin" ])
    )


class Car( Model ):
    _namespace = "cars.make"
    _vars = [
        var.RowID,
        var.String( "manufacturer", 32, mods = [ mod.NotNull() ] ),
        var.String( "make", 32, mods = [ mod.NotNull() ] ),
        var.Number( "year", mods = [ mod.NotNull(), mod.Min( 1950 ), mod.Max( 2017 ) ] ),
    ]
    _acl_rules = dict(
        add    = dict( allow = [ "admin" ]),
        read   = dict( default = True ),
        update = dict( allow = [ "admin" ]),
        delete = dict( allow = [ "admin" ]),
        empty  = dict( allow = [ "admin" ])
    )

users = {}
current_user = "admin"

# Create the MemoryStore instance, and add Models to it
store = MemoryStore( [ Car ] )

acl = ACL(
    data_store = store,
    get_user   = get_user,
    user_model = UserAccount
)

store.init_app()
store.connect()
store.create_all()

# Create the user accounts
for name in [ "admin", "member" ]:
    users[ name ] = UserAccount( name = name ).add()
    role = Role.filter( name = name )[0]
    UserRole( user_id = users[ name ].id, acl_role_id = role.id ).add()

# Admin can add new cars
Car( manufacturer = "Holden", make = "Commodore", year = 2009 ).add()

# Member cannot add new cars
current_user = "member"
try:
    Car( manufacturer = "Holden", make = "Commodore", year = 2010 ).add()
except AccessDenied:
    pass

# Destroy all instances and shut down the application
store.destroy_all()
store.disconnect()
store.destroy_app()

def get_user():
    return users[ current_user ]

Documentation: ReadTheDocs

Source Code: GitHub

Stats

Dependencies
1
Dependent packages
1
Dependent repositories
1
Total releases
2
Latest release
First release
Stars
1
Forks
0
Watchers
1
Contributors
1
Repository size
27.3 KB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.1
0.1.0a1

Contributors

MarkLark


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-14 22:33:35 UTC

Login to resync this project