Hello. I'm just an abstract object 📦 and I would be very glad to have user authorization because I hate criminals 🦹♂️ like pedophiles, robbers, hackers and so on.
Project description
django-object-checker
Hello. I'm just an abstract object 📦 and I would be very glad to have user authorization because I hate criminals 🦹♂️ like pedophiles, robbers, hackers and so on.
Introduction
Project django-object-checker extends standard django role base access control to be able to check individual object types.
Main purpose of this extended authorization system is to maintain control for each objects individually with modular solution.
Installation
# pip
pip install django-object-checker
# pipenv
pipenv install django-object-checker
# poetry
poetry add django-object-checker
Setup
Just add checkers module path to settings.OBJECT_CHECKERS_MODULE:
The path is path to the module, where you going to implement all your checkers. This is required for our BaseObjectChecker to be able to find his subclasses.
OBJECT_CHECKERS_MODULE = 'app.checkers'
Example
1. Create module according to specified path in settings
2. Create your own RBAC ObjectChecker or ABAC ObjectChecker class with checker method
Valid check methods are only these, which name starts with
check_. So if you want to implement your custom methods which you want to be ignored by CheckingManager your hands are free.
RbacChecker
from django.contrib.auth.models import Group, User
from object_checker.base_object_checker import RbacChecker
class MyObjectChecker(RbacChecker):
@staticmethod
def check_my_object(role: Group, user: User, obj):
result = False
if role.name == 'manager':
result = True
return result
AbacChecker
from django.contrib.auth.models import User
from object_checker.base_object_checker import AbacChecker
class MyObjectChecker(AbacChecker):
@staticmethod
def check_my_object(user: User, obj):
if user.has_specific_attribute:
return True
return False
3. Add new object check class to module __init__.py
from app.checkers.my_object_checker import MyObjectChecker
4. Example usage of your custom object checker in your project
Method to check is
has_object_permissionand has three arguments:
- name of check method
- user object
- object/objects to be checked
from object_checker.base_object_checker import has_object_permission
if has_object_permission('check_my_object', user, my_object):
print('User has access to this/these object/objects.')
else:
print('User has NOT access to this/these object/objects.')
Made with ❤ by Adam Žúrek & BACKBONE s.r.o.
0.1.0 : 2020-09-23
- Initial release
0.1.1 : 2020-10-05
- 🌧 Changed Django version requirement from 3.0.* to >= 2.0
0.1.2 : 2020-10-15
- 😺 Fixed issue, when user has no role, but has permissions and object_checker returned false.
0.1.3 : 2020-11-02
- 🐄 Updated version in pyproject.toml file and fixed date in CHANGELOG.md.
1.0.0 : 2020-11-24
- 🐂 Added possibility to implement checkers by RBAC or ABAC standards.
1.0.1 : 2022-05-23
- 🐕🦺 Added possibility to write custom classes (inherited from ABAC and RBAC).
1.0.2 : 2022-05-25
- 🦧 Added kwargs to checker methods.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django-object-checker-1.0.2.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | dbac764ac2723e318a7b12a309d0c443b133e1b955a98b8fae7589da213e68bd |
|
| MD5 | 85632f0fc6cf27ecdf372cd0463ea6cf |
|
| BLAKE2b-256 | 820e19fd36900ecb1f6269c78f33fa6a378f76e689fb2dceedaaa420bc8fe513 |
Hashes for django_object_checker-1.0.2-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b0dbc2551510a5a093cee18c636f26e6d1d588df13da5b586046238016ceb4fc |
|
| MD5 | 2e855c02b0556edc355312c225127914 |
|
| BLAKE2b-256 | 780b79dbe98abd018baab719cbb365793cc8f2dad74816350b034acdfc434409 |
