Skip to main content

DRF like permission system

Project description

DGP - Django graphene permissions

Permission system inspired by DRF

Installation

Install the latest release:

$ pip3 install django-graphene-permissions

Or using pipenv

$ pipenv install django-graphene-permissions

Usage

Permission definition


You can create new permissions by subclassing BasePermission e.g.

from django_graphene_permissions.permissions import BasePermission

class MyPermission(BasePermission):

	@staticmethod
	def has_permission(context):
		return context.user and context.user.is_authenticated

	@staticmethod
	def has_object_permission(context, obj):
		return True

This package provides predefined permissions :

  • AllowAny : Allow any access.
  • IsAuthenticated : Allow only authenticated users.

Node Permission


Subclass PermissionDjangoObjectType and define the permissions via the static method permission_classes which returns an iterable of permissions classes

from django_graphene_permissions import PermissionDjangoObjectType
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleNode(PermissionDjangoObjectType):
	class Meta:
		model = Example
		interfaces = (relay.Node,)

	@staticmethod
	def permission_classes():
		return [IsAuthenticated]

Mutation Permission


Apply the permissions_checker([Permission,...]) decorator to mutate e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleDeleteMutation(graphene.Mutation):
	ok = graphene.Boolean()

	class Arguments:
		id = graphene.ID()

	@permissions_checker([IsAuthenticated])
	def mutate(self, info, id):
		instance = get_instance(id)
		instance.delete()
		return ExampleDeleteMutation(ok=True)

Query Permission


Apply the permissions_checker([Permission,...]) decorator to the field resolver e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class Query(graphene.ObjectType):
	post = relay.Node.Field(PostNode)
	posts = DjangoFilterConnectionField(PostNode)

	@permissions_checker([IsAuthenticated])
	def resolve_posts(self, info, **kwargs):
		return Post.objects.all()

TODO

  • Tests
  • Add a PermissionDjangoFilterConnectionField
  • Better docs
  • Improvement

Project details


Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
django_graphene_permissions-0.0.3-py3-none-any.whl (4.6 kB) Copy SHA256 hash SHA256 Wheel py3
django_graphene_permissions-0.0.3.tar.gz (3.1 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page