SDK for working with Cerbos: an open core, language-agnostic, scalable authorization solution
Project description
Cerbos Python SDK
Python client for accessing Cerbos.
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
Usage
This library is available from PyPI as cerbos.
pip install cerbos
Making a request
from cerbos.sdk.model import *
from cerbos.sdk.client import CerbosClient
with CerbosClient("https://localhost:3592", debug=True, tls_verify=False) as c:
p = Principal(
"john",
roles={"employee"},
policy_version="20210210",
attr={"department": "marketing", "geography": "GB", "team": "design"},
)
# Check a single action on a single resource
r = Resource(
"XX125",
"leave_request",
policy_version="20210210",
attr={
"id": "XX125",
"department": "marketing",
"geography": "GB",
"team": "design",
"owner": "john",
},
)
print(c.is_allowed("view:public", p, r))
# Get the query plan for "view" action
rd = ResourceDesc("leave_request", policy_version="20210210")
plan = c.plan_resources("view", p, rd)
print(plan.filter.to_json())
Connecting to a Unix domain socket
Use unix+http:///path/to/sock for HTTP over UDS or unix+https:///path/to/sock for HTTPS over UDS.
with CerbosClient("unix+https:///var/cerbos.sock", debug=True, tls_verify=False) as c:
...
Testing with TestContainers
from cerbos.sdk.client import CerbosClient
from cerbos.sdk.container import CerbosContainer
container = CerbosContainer()
policy_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)), "store")
container.with_volume_mapping(policy_dir, "/policies")
with container:
container.wait_until_ready()
host = container.http_host()
with CerbosClient(host) as c:
...
See the tests available in the tests directory for more examples.
Get help
- Visit the Cerbos website
- Read the documentation
- Join the Cerbos community on Slack
- Email us at help@cerbos.dev
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cerbos-0.3.1.tar.gz.
File metadata
- Download URL: cerbos-0.3.1.tar.gz
- Upload date:
- Size: 15.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6b73fd34baf089dfd65443571b92bb482b3fe0d46966a0b279d2daa179adb80b
|
|
| MD5 |
6c913ae64c141c4d4c18b5396276c4fa
|
|
| BLAKE2b-256 |
667ca7030047101d451d867b2537e291a5c462414d9b25f1884b92ea2907b90a
|
File details
Details for the file cerbos-0.3.1-py3-none-any.whl.
File metadata
- Download URL: cerbos-0.3.1-py3-none-any.whl
- Upload date:
- Size: 11.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1edb15594fc2f06d1356e48913912abbfd69d007770a11731d922e575d5781bb
|
|
| MD5 |
1773fad6d32b75e3bac3e145909224d9
|
|
| BLAKE2b-256 |
03845eeceb71b3948b8db6116a419c8d84080abea191ac0fc58a69b12776b398
|
