Skip to main content

DRF like permission system for django graphene

Project description

DGP - Django graphene permissions

Permission system inspired by DRF

Installation

Install the latest release:

$ pip3 install django-graphene-permissions

Or using pipenv

$ pipenv install django-graphene-permissions

Usage

Permission definition


You can create new permissions by subclassing BasePermission e.g.

from django_graphene_permissions.permissions import BasePermission

class MyPermission(BasePermission):

    @staticmethod
    def has_permission(context):
        return context.user and context.user.is_authenticated

    @staticmethod
    def has_object_permission(context, obj):
        return True

This package provides predefined permissions :

  • AllowAny : Allow any access.
  • IsAuthenticated : Allow only authenticated users.

Node Permission


Subclass PermissionDjangoObjectType and define the permissions via the static method permission_classes that should return an iterable of permission classes

from django_graphene_permissions import PermissionDjangoObjectType
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleNode(PermissionDjangoObjectType):
    class Meta:
        model = Example
        interfaces = (relay.Node,)

    @staticmethod
    def permission_classes():
        return [IsAuthenticated]

Mutation Permission


Apply the permissions_checker([Permission,...]) decorator to mutate e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleDeleteMutation(graphene.Mutation):
    ok = graphene.Boolean()

    class Arguments:
        id = graphene.ID()

    @permissions_checker([IsAuthenticated])
    def mutate(self, info, id):
        instance = get_instance(id)
        instance.delete()
        return ExampleDeleteMutation(ok=True)

Query Permission


Apply the permissions_checker([Permission,...]) decorator to the field resolver e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class Query(graphene.ObjectType):
    post = relay.Node.Field(PostNode)
    posts = DjangoFilterConnectionField(PostNode)

    @permissions_checker([IsAuthenticated])
    def resolve_posts(self, info, **kwargs):
        return Post.objects.all()

TODO

  • Improvements
  • Tests
  • Add a PermissionDjangoFilterConnectionField
  • Better docs

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for django-graphene-permissions, version 0.0.4
Filename, size File type Python version Upload date Hashes
Filename, size django_graphene_permissions-0.0.4-py3-none-any.whl (5.4 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size django_graphene_permissions-0.0.4.tar.gz (3.1 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page