Skip to main content

Library to help managing role based access controls for django apps

Project description

PyPI Travis Codecov Documentation Supported Python versions License

The README.rst file should start with a brief description of the repository, which sets it in the context of other repositories under the edx organization. It should make clear where this fits in to the overall edX codebase.

Library to help managing role based access controls for django apps


Library to help manage role based access controls for django apps. See the Getting started guide to begin developing.


The full documentation is at


The code in this repository is licensed under the AGPL 3.0 unless otherwise noted.

Please see LICENSE.txt for details.

How To Contribute

Contributions are very welcome.

Please read How To Contribute for details.

Even though they were written with edx-platform in mind, the guidelines should be followed for Open edX code in general.

PR description template should be automatically applied if you are sending PR from github interface; otherwise you can find it it at

Issue report template should be automatically applied if you are sending it from github UI as well; otherwise you can find it at

Reporting Security Issues

Please do not report security issues in public. Please email

Getting Help

Have a question about this repository, or about Open edX in general? Please refer to this list of resources if you need any assistance.

Change Log


[1.2.1] - 2020-05-08

  • Exposes a new utils.feature_roles_from_jwt() function, which, given a decoded JWT, will provide a mapping of feature roles to contexts/identifiers.
  • Modifies utils.user_has_access_via_database() to check for multiple database role assignments for a given user and role name (i.e. uses a filter() instead of a get()).

[1.2.0] - 2020-04-30

  • Removed support for django 2.0 and 2.1
  • Added Support for Python 3.8

[1.1.3] - 2020-04-13

  • Added check for AnonymousUser in user_has_access_via_database to prevent 500 errors.

[1.1.2] - 2020-03-27

  • Added support for Django 2.0, 2.1, and 2.2.

[1.1.1] - 2020-03-02

  • Fix bug in implicit role check when the same role has multiple contexts available.

[1.1.0] - 2020-02-18

  • Update PermissionRequiredMixin to pass through an object to rule predicates, if self.get_permision_required exists and is callable

[1.0.5] - 2019-12-18

  • Updated requirements.

[1.0.4] - 2019-12-17

  • Updated utils for user with multiple contexts.

[1.0.3] - 2019-09-12

  • Use functools.wraps to prevent the decorator from swallowing the view name

[1.0.2] - 2019-07-12

  • store current request on thread local storage using crum.

[1.0.1] - 2019-05-27

  • edx-drf-extensions version upgrade.

[1.0.0] - 2019-05-20

  • Removed get_request_or_stub and get_decoded_jwt_from_request from

[0.2.1] - 2019-05-08

  • edx-drf-extensions version upgrade.

[0.2.0] - 2019-04-30

  • Check for JWT presence in implicit permission.
  • Refactor role retrieval to remove the dependency on django models for assigning roles.

[0.1.11] - 2019-04-08

  • Get JWT token from request.auth if it is not set on the cookie. This supports client credentials oauth2 flow.

[0.1.10] - 2019-04-01

  • Update context checks for implicit and explicit access for all resources access.

[0.1.9] - 2019-04-01

  • Adding support for checking context for implicit and explicit access.

[0.1.8] - 2019-03-22

  • Adding an additional argument for the permission_required decorator

[0.1.7] - 2019-03-20

  • Adding a mixin for authz permissions support.

[0.1.6] - 2019-03-19

  • Adding a decorator for authz permissions support.

[0.1.5] - 2019-03-18

  • Adding django admin support for models extending UserRoleAssignment.

[0.1.4] - 2019-03-07

  • Adding a number of utils for roles in JWTs and the database

[0.1.3] - 2019-03-07

  • Adding get_context to the UserRoleAssignment class.

[0.1.2] - 2019-03-06

  • Quality fixes

[0.1.1] - 2019-03-06

  • Bumping version so we get pip updated with new models we added

[0.1.0] - 2019-02-28


  • First release on PyPI.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for edx-rbac, version 1.2.1
Filename, size File type Python version Upload date Hashes
Filename, size edx_rbac-1.2.1-py2.py3-none-any.whl (36.2 kB) File type Wheel Python version py2.py3 Upload date Hashes View
Filename, size edx-rbac-1.2.1.tar.gz (26.4 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page