entitled 0.4.1

A library to make writing, enforcing and auditing your authorization policies a breeze

An authorization library for Python.

Aims to provide the tools to organize, enforce and audit your authorization layer as easily as possible, letting you focus on the essential part: the actual rules.

Documentation

For the full documentation, go here

A sneak peek...

from entitled import Policy, Client

# Some actors and resources of your application...
class User:
    def __init__(self, id: int, role: str):
        self.id: str = id
        self.role: str = role

class Resource:
    def __init__(self, id: int, user: User):
        self.id: str = id
        self.owner: User = user

my_policy = Policy[Resource]("resource") # Defining a policy for your resource

@my_policy.rule("edit")# Declaring a rule on the resource
def can_edit(
    actor: User, resource: Resource, context = None
        ) -> bool:
    return actor == resource.owner or actor.role == "admin"

client = Client()
client.register(my_policy) # Registering a policy

user1 = User(1, "user")
resource1 = Resource(1, user1)
if client.allows("edit", user1, resource1): # Using the client to make auth decisions
    ...

Support us

Since 1997, XEFI is a leader in IT performance support for small and medium-sized businesses through its nearly 200 local agencies based in France, Belgium, Switzerland and Spain. A one-stop shop for IT, office automation, software, digitalization, print and cloud needs. Want to work with us ?