Parameterized Role-Based Access Control for Django

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Daniel.Roberts_2 from gravatar.com Daniel.Roberts_2 Avatar for dimagi from gravatar.com dimagi

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Dimagi
  • Requires: Python >=3.9
Classifiers
Report project as malware

Project description

(Parameterized Role-Based Access Control)

https://github.com/dimagi/django-prbac

Build Status Test coverage PyPi version

About RBAC and PRBAC

Role-based access control (RBAC) is the standard method for access control in large systems. With RBAC, you grant privileges to roles. For example you might grant the privilege Reporting to the role Analyst. In most systems, you can nest roles as deeply as you want, and give users however many roles. A good example of this in practice is PostgreSQL roles and privileges.

The roles and privileges are whatever abstract concepts make sense for your system. It is up to application code to determine what actions to take based on the privileges granted. You can use django-prbac to implement lower level concepts such as row-level or object-level access control.

Parameterized role-based access control (PRBAC) adds parameters to roles and privileges. Now, for example, you might grant "Reporting(organization="Dimagi",area="Finance") to FinancialAnalyst(organization="Dimagi"). If you don’t use parameters, then it is just RBAC. If you use parameters with finite sets of choice, then it is exponentially more powerful. If you use parameters with infinitely many choices (such as strings or integers) then it is infinitely more powerful. A good example of limited parameterization is how particular privileges (SELECT, UPDATE, etc) in PostgreSQL may be parameterized by an object. In PRBAC this parameterization is pervasive.

In-depth documentation

To learn more about parameterized role-based access control as implemented in this library, please visit http://django-prbac.readthedocs.org/

Access Control for Django

  • django.contrib.auth: This app, shipped with Django, provides unix-style access control (users, groups, permissions) with an extensible set of permissions that are implicitly parameterized by a content type. This is fundamentally different than role-based access control. It is only worth mentioning because it comes with Django and everyone is going to want to know “why did you reimplement the wheel?”. If django.contrib.auth is the wheel, then RBAC is the car and PRBAC is a transformer. I leave it as an exercise to the reader to attempt to implement PRBAC using django.contrib.auth :-)

  • django-rbac: This project appears defunct and is not parameterized in any rate.

  • django-role-permissions: This app implements a sort of RBAC where roles are statically defined in code.

  • Others can be perused at https://www.djangopackages.com/grids/g/perms/. Many offer object-level permissions, which is as orthogonal to role-based access control as unix permissions. In fact, this is probably true of anything using the term “permissions”.

Quick Start

To install, use pip:

$ pip install django-prbac

License

Django-prbac is distributed under the MIT license. (See the LICENSE file for details)

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Daniel.Roberts_2 from gravatar.com Daniel.Roberts_2 Avatar for dimagi from gravatar.com dimagi

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • Author: Dimagi
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

1.1.2

1.1.2.dev20250924200750 pre-release

This version

1.1.2.dev20250924115749 pre-release

1.1.1

1.1.1.dev20250923172650 pre-release

1.1.1.dev20250923133738 pre-release

1.1.0

1.0.1

1.0.0

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_prbac-1.1.2.dev20250924115749.tar.gz (15.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

django_prbac-1.1.2.dev20250924115749-py3-none-any.whl (14.5 kB view details)

Uploaded Python 3

File details

Details for the file django_prbac-1.1.2.dev20250924115749.tar.gz.

File metadata

File hashes

Hashes for django_prbac-1.1.2.dev20250924115749.tar.gz
Algorithm Hash digest
SHA256 fdff89b40e81da5ffea9e96cfb8cdfe706e7cc8f81d60a03c54ab055258922ac
MD5 205044257d588cf03bba8e34dc070eca
BLAKE2b-256 8e8cee03d7075d57c85b09c9512d7fc83ad596a49c3a88bb4ac6c67377204d21

See more details on using hashes here.

Provenance

The following attestation bundles were made for django_prbac-1.1.2.dev20250924115749.tar.gz:

Publisher: pypi.yml on dimagi/django-prbac

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file django_prbac-1.1.2.dev20250924115749-py3-none-any.whl.

File metadata

File hashes

Hashes for django_prbac-1.1.2.dev20250924115749-py3-none-any.whl
Algorithm Hash digest
SHA256 da5b7efdf92429f8804f37d3c62d9a7cca9389e640dedde88f741d580ecf0d2b
MD5 fed4e946291679e7d884af2e5f6fd30d
BLAKE2b-256 432035b2c7cb07486f4798c1d5e1c115b2bacdc72eb86724384c63eddfbbee25

See more details on using hashes here.

Provenance

The following attestation bundles were made for django_prbac-1.1.2.dev20250924115749-py3-none-any.whl:

Publisher: pypi.yml on dimagi/django-prbac

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page