Authorization library for Django
Project description
django-cancan
django-cancan
is an authorization library for Django. It works on top of default Django permissions and allows to restrict the resources (models and objects) a given user can access.
This library is inspired by cancancan for Ruby on Rails.
Quick start
- Add
cancan
to yourINSTALLED_APPS
setting like this:
INSTALLED_APPS = [
...,
'cancan',
]
- Create a function that define user abilites. For example, in
abilities.py
:
def declare_abilities(user, ability):
if not user.is_authenticated:
# Allow anonymous users to view published articles
return ability.can('view', Article, published=True)
if user.has_perm('article.view_own_article'):
# Allow logged in user to change his articles
return ability.can('change', Article, author=user)
if user.is_superuser:
# Allow superuser change all articles
return ability.can('change', Article)
- Configure
cancan
by addingCANCAN
section insettings.py
:
CANCAN = {
'ABILITIES': 'myapp.abilities.declare_abilities'
}
Next, add cancan
middleware after AuthenticationMiddleware
:
MIDDLEWARE = [
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
'cancan.middleware.CanCanMiddleware',
...
]
Adding the middleware adds request.ability
instance which you can use
to check for: model permissions, object permissions and model querysets.
- Check abilities in views:
class ArticleListView(ListView):
model = Article
def get_queryset():
# this is how you can retrieve all objects a user can access
qs = self.request.ability.queryset_for('view', Article)
return qs
class ArticleDetailView(PermissionRequiredMixin, DetailView):
queryset = Article.objects.all()
def has_permission(self):
article = self.get_object()
# this is how you can check if user can access an object
return self.request.ability.can('view', article)
Testing
Run ./manage.py test
to run all test for the testapp
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
django-cancan-0.3.1.tar.gz
(10.0 kB
view hashes)
Built Distribution
Close
Hashes for django_cancan-0.3.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | bdab4a45212f67db6af401a54dad2aad1061b6be243a996cf74296be922e4f75 |
|
MD5 | 9a2f961db0ef7cf237917db54ff58ce2 |
|
BLAKE2b-256 | 8a829cbf97ed48f54f6afd124305ab8ece57409e5329556bc2750493e3177d8e |