Flags characters that are on an ESI ACL but not registered in Alliance Auth
Project description
AA ACL Checker
A plugin app for Alliance Auth (AA) that pulls Access Control Lists (ACLs) from EVE's ESI API, stores them in the database, and flags characters that appear on an ACL but are not registered in Auth.
[!IMPORTANT]
This app needs Alliance Auth v5!
Features
- Periodically syncs ACLs from ESI and stores them in the database.
- Flags characters that are granted access on an ACL but not registered in Auth.
- Has its own menu item in the sidebar showing flagged characters.
Installing Into Your Dev AA
Make sure you're in your venv, then install it in editable mode:
pip install -e aa-acl-checker
Add acl_checker to INSTALLED_APPS in settings/local.py, then run:
python manage.py makemigrations
python manage.py check
python manage.py migrate
Finally, restart your AA server.
Installing Into Production AA
pip install git+https://github.com/Solar-Helix-Independent-Transport/aa-acl-checker
Then add acl_checker to INSTALLED_APPS in settings/local.py, run migrations and
restart your allianceserver.
Usage
- Link a character: someone with the
add_ownerpermission clicks "Add / Refresh Character" and authorizes with theesi-access.read_lists.v1scope. ESI only lets a character list Access Lists it is a Manager or Admin of, so the linked character must actually hold one of those roles on the ACLs you want tracked. Linking immediately queues a sync and re-authorizes an already-linked character if its token has expired or lost the scope. - Flagged Characters: the main page lists every character that ESI
reports as
Allowed/Manager/Adminon a tracked ACL but who has no linked, owned character in Auth - i.e. someone with structure/fleet access who was never (or is no longer) registered.
Post-install setup
Linking a character syncs its Access Lists once immediately, but nothing refreshes them after that unless a periodic task is scheduled. Run this once after installing/upgrading:
python manage.py acl_checker_setup
This registers an hourly PeriodicTask (via django-celery-beat) that calls
acl_checker.tasks.update_all_acls for every tracked (active) owner
character. It's safe to run again after upgrades - it just updates the
existing schedule rather than duplicating it.
How syncing works
For each active Owner (a character with a valid esi-access.read_lists.v1
token):
GET /characters/{character_id}/access-listslists the Access Lists that character manages or administers.- For each one,
GET /characters/{character_id}/access-lists/{access_list_id}fetches its full membership - separate lists of characters, corporations, and alliances, each with an access level (Unspecified/Allowed/Blocked/Manager/Admin). - The ACL's local membership rows are fully replaced with what ESI just returned (ESI's detail response is always a complete snapshot, so a diff isn't needed).
ESI never includes a name alongside a character/corporation/alliance ID in
the Access List detail, so none is cached locally - display names are
resolved from Auth's own EveCharacter cache at read time instead.
Flagging is computed live, not stored: AclCharacterEntry.objects.flagged()
checks whether a granted character_id has an owned EveCharacter in Auth.
That means a character clears the flagged list the moment someone registers
it, and a newly-added ACL character shows up as flagged immediately on the
next sync - no separate reconciliation step required.
Writing Unit Tests
Write your unit tests in acl_checker/tests/ using the test_ filename prefix.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aa_acl_checker-0.0.1.tar.gz.
File metadata
- Download URL: aa_acl_checker-0.0.1.tar.gz
- Upload date:
- Size: 42.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f1387efcb517cd73d931ddcd6934c75f1ac93dea7e86456abb450fc4cc994353
|
|
| MD5 |
c5563deeeddd7330692db868082ee5f1
|
|
| BLAKE2b-256 |
3537a437965d782361164bbbece1e16692a08406c2c0024d14cf63eb461b500b
|
Provenance
The following attestation bundles were made for aa_acl_checker-0.0.1.tar.gz:
Publisher:
release.yml on Solar-Helix-Independent-Transport/aa-acl-checker
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
aa_acl_checker-0.0.1.tar.gz -
Subject digest:
f1387efcb517cd73d931ddcd6934c75f1ac93dea7e86456abb450fc4cc994353 - Sigstore transparency entry: 2080224649
- Sigstore integration time:
-
Permalink:
Solar-Helix-Independent-Transport/aa-acl-checker@1d0fd61eb34c7298d48ccd80af9131c6a54d847e -
Branch / Tag:
refs/tags/0.0.1 - Owner: https://github.com/Solar-Helix-Independent-Transport
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@1d0fd61eb34c7298d48ccd80af9131c6a54d847e -
Trigger Event:
release
-
Statement type:
File details
Details for the file aa_acl_checker-0.0.1-py3-none-any.whl.
File metadata
- Download URL: aa_acl_checker-0.0.1-py3-none-any.whl
- Upload date:
- Size: 49.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
29a1378d12a480a9f8c7dfeaaf471bec85429ccf2408a46307a2776cc8aa46b3
|
|
| MD5 |
d3e6c3fd18c09879c8b15bdba2056cad
|
|
| BLAKE2b-256 |
1e6dd2742b7f0184b15befb67310208dd73a397c7a1092596b1ec6d7a1321480
|
Provenance
The following attestation bundles were made for aa_acl_checker-0.0.1-py3-none-any.whl:
Publisher:
release.yml on Solar-Helix-Independent-Transport/aa-acl-checker
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
aa_acl_checker-0.0.1-py3-none-any.whl -
Subject digest:
29a1378d12a480a9f8c7dfeaaf471bec85429ccf2408a46307a2776cc8aa46b3 - Sigstore transparency entry: 2080224922
- Sigstore integration time:
-
Permalink:
Solar-Helix-Independent-Transport/aa-acl-checker@1d0fd61eb34c7298d48ccd80af9131c6a54d847e -
Branch / Tag:
refs/tags/0.0.1 - Owner: https://github.com/Solar-Helix-Independent-Transport
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@1d0fd61eb34c7298d48ccd80af9131c6a54d847e -
Trigger Event:
release
-
Statement type: