django-rulez

Release 1.0.2

A lean and mean object-level rules system for the Django framework

Homepage Repository PyPI Python

Keywords
authorization, backends, django, rules, permissions, rulez
License
BSD-3-Clause
Install
pip install django-rulez==1.0.2

Documentation

travisci

django-rulez

django-rulez is a lean, fast and complete rules-based permissions system for the django framework.

Most other authentication frameworks focus on using database joins, which gets pretty slow after a while (since mostly every query generates a lot of joins). Django-rulez uses a memory-based hashmap instead.

Django-rulez also implements a role concept, allowing for very readable and maintainable code.

django-rulez was forked from django-rules, since some of the goals django-rules set themselves didn't match our current project goals. You can refer to their github project page for more information about this other cool project: https://github.com/maraujop/django-rules Kudos for the good work guys!

Generally, it is also an instance-level authorization backend, that stores the rules themselves as methods on models.

Status

Since many people asked - this project is still active and used in production systems, but its current goals have been reached and not much further development happens.

Pull requests or discussion is very welcome, especially if you have an interesting use-case we haven't thought of :)

Our test coverage is 100%, and we would like to keep it this way, so please make sure you test before you push.

Installation

From source

To install django-rulez from source:

git clone https://github.com/chrisglass/django-rulez/ django-rulez
cd django-rulez
python setup.py install

From Pypi

Simply install django-rulez like you would install any other pypi package:

pip install django-rulez

Configuration

  • Add rulez to the list of INSTALLED_APPS in your settings.py

  • Add the django-rulez authorization backend to the list of AUTHENTICATION_BACKENDS in settings.py:

    AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend', # Django's default auth backend
    'rulez.backends.ObjectPermissionBackend',
]

Example

The following example should get you started:

# models.py
from rulez import registry

class myModel(models.Model):

    def can_edit(self, user_obj):
        '''
        Not a very useful rule, but it's an example
        '''
        if user_obj.username == 'chris':
            return True
        return False

registry.register('can_edit', myModel)

Django-rulez requires to declare the rule as a method in the same model. This is very simple in case the rule applies to a model in our own application, but in some cases, we might need to set object permisions to models from 3rd-party applications (e.g. to the User model). Let's see an example for this case:

# models.py
from django.contrib.auth.models import User
from rulez import registry

def user_can_edit(self, user_obj):
    '''
    This function will be hooked up to the User model as a method.
    The rule says that a user can only be modified by the same user
    '''
    if self == user_obj:
        return True
    return False

# 'add_to_class' is a standard Django method
User.add_to_class('can_edit', user_can_edit)

registry.register('can_edit', User)

Another example: using roles

A little more code is needed to use roles, but it's still pretty concise:

# models.py
from rulez.rolez.base import AbstractRole
from rulez.roles.models import ModelRoleMixin
from rulez import registry

class Editor(AbstractRole):
    """ That's a role"""
    @classmethod
    def is_member(cls, user, obj):
        """Remember, class methods take the class instead of self"""
        if user.username == 'chris':
            return True
        return False

class myModel(models.Model, ModelRoleMixin): # Don't forget the mixin!

    def can_edit(self, user_obj):
        '''
        Not a very useful either but it's an example
        '''
        return self.has_role(user_obj, Editor):

    roles = [Editor, ]

registry.register('can_edit', myModel)

Using your rules

Once you have created a rule or role, you can utilize them directly on an instance of your model::

model_instance = MyModel.objects.get(pk=1)
user_chris = User.objects.get(username='chris')

model_instance.can_edit(user_chris)

Or, with the help of django-rulez's authentication backend, on a user object::

user_chris.has_perm('can_edit', model_instance)

In addition, the following templatetag usage is supported::

{% load rulez_perms %}
{% rulez_perms can_edit model_instance as VARNAME %}
{% if VARNAME %}
You have permissions
{% else %}
Sorry, you don't have permission
{% endif %}

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
5
Total releases
12
Latest release
First release
Stars
63
Forks
17
Watchers
5
Contributors
11
Repository size
281 KB
SourceRank
11

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.0.2
1.0.1
1.0.0
0.2.5
0.2.4
0.2.3
0.2.2
0.2.1
0.2.0
0.1.2
See all 12 releases

Contributors

Chris Glass Miguel Araujo J. Javier Maestro Stefan Foulis Filip Wasilewski Juande Carrion Richard Mitchell Marco Bonetti Dan Lipsitt Alvin Mites Darren Riedlinger


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 16:07:54 UTC

Login to resync this project