Authorization library for Django
Project description
django-cancan
django-cancan
is an authorization library for Django. It works on top of default Django permissions and allows to restrict the resources (models and objects) a given user can access.
This library is inspired by cancancan for Ruby on Rails.
Quick start
- Add
cancan
to yourINSTALLED_APPS
setting like this:
INSTALLED_APPS = [
...,
'cancan',
]
- Create a function that define user abilites. For example, in
abilities.py
:
def declare_abilities(user, ability):
if not user.is_authenticated:
# Allow anonymous users to view published articles
return ability.can('view', Article, published=True)
if user.has_perm('article.view_own_article'):
# Allow logged in user to change his articles
return ability.can('change', Article, author=user)
if user.is_superuser:
# Allow superuser change all articles
return ability.can('change', Article)
- Configure
cancan
by addingCANCAN
section insettings.py
:
CANCAN = {
'ABILITIES': 'myapp.abilities.declare_abilities'
}
Next, add cancan
middleware after AuthenticationMiddleware
:
MIDDLEWARE = [
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
'cancan.middleware.CanCanMiddleware',
...
]
Adding the middleware adds request.ability
instance which you can use
to check for: model permissions, object permissions and model querysets.
- Check abilities in views:
class ArticleListView(ListView):
model = Article
def get_queryset():
# this is how you can retrieve all objects a user can access
qs = self.request.ability.queryset_for('view', Article)
return qs
class ArticleDetailView(PermissionRequiredMixin, DetailView):
queryset = Article.objects.all()
def has_permission(self):
article = self.get_object()
# this is how you can check if user can access an object
return self.request.ability.can('view', article)
Testing
Run ./manage.py test
to run all test for the testapp
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
django-cancan-0.3.2.tar.gz
(10.1 kB
view hashes)
Built Distribution
Close
Hashes for django_cancan-0.3.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 60162ecaab62457ae5925082219215c4939a30d27b7a060797e56a3719d4eb41 |
|
MD5 | 28dbf0184c34666ed5ea219906eea543 |
|
BLAKE2b-256 | 9f66ed8024317477eb9e3261635e38a9f019b6311b86177abbb78b95165b8043 |