flask-roles

Flask plugin to add roles to a project

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 4 - Beta
Environment
- Web Environment
Intended Audience
- Developers
License
- OSI Approved :: BSD License
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP :: Dynamic Content
- Software Development :: Libraries :: Python Modules

Project description

Flask-Roles

Flask-Roles is a flask extensions that adds role access control support.

Installation

Installing the client is simple with pip:

pip install flask-roles

Running Tests

# tox -e check
# tox

Docs

You may access the docs

Or build them locally

# tox -e docs

Proof of Concept

After installing the client, Use the mixins to enrich your sqlalchemy classes, initialise flask-login and flask-principal. For each resource that needs role protection, define a roleneed and decorate the resource.

Start the example:

# export PYTHONPATH=$(pwd)
# cd example
# ../.tox/py37/bin/python app.py  ## assumes you have run tox before

An anonymouse user has no access to pages which require login or have a role protection

 ❯ http http://127.0.0.1:12345/index
HTTP/1.0 200 OK
Content-Length: 5
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 13:46:09 GMT
Server: Werkzeug/1.0.1 Python/3.7.7

index


 ❯ http http://127.0.0.1:12345/profile
HTTP/1.0 401 UNAUTHORIZED
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 13:46:18 GMT
Server: Werkzeug/1.0.1 Python/3.7.7

Bad User. Go away


 ❯ http http://127.0.0.1:12345/protected/view
HTTP/1.0 401 UNAUTHORIZED
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 13:46:33 GMT
Server: Werkzeug/1.0.1 Python/3.7.7

Bad User. Go away

A logged in user with no roles has no access to pages which have a role protection

# Log in the user

 ❯ http --form --session=logged_in_user POST http://127.0.0.1:12345/login username=logged_in_user
HTTP/1.0 200 OK
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:02:43 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGz8aOuontf-_NOV1_m_nyomfZr2_6W79e_P-2mPsI.XonlAw.Lh27l4yyfujMboQyNee_Ir5NITo; HttpOnly; Path=/
Vary: Cookie

Yay!


 ❯ http  --session=logged_in_user  http://127.0.0.1:12345/index
HTTP/1.0 200 OK
Content-Length: 5
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:03:16 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGz8aOuontf-_NOV1_m_nyomfZr2_6W79e_P-2mPsI.XonlJA.7Uapa_a1fE9zhwLIkI2F81kjFY0; HttpOnly; Path=/
Vary: Cookie

index


 ❯ http  --session=logged_in_user  http://127.0.0.1:12345/profile
HTTP/1.0 200 OK
Content-Length: 7
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:03:24 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGz8aOuontf-_NOV1_m_nyomfZr2_6W79e_P-2mPsI.XonlLA.D4x6uJeVXmlK_LqMxv_qaR812cM; HttpOnly; Path=/
Vary: Cookie

profile


 ❯ http  --session=logged_in_user  http://127.0.0.1:12345/protected/view
HTTP/1.0 403 FORBIDDEN
Content-Length: 18
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:03:40 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGz8aOuontf-_NOV1_m_nyomfZr2_6W79e_P-2mPsI.XonlPA.0KQs2WnXJFB_JJr6iedA_sT7a3M; HttpOnly; Path=/
Vary: Cookie

Forbidden. Go away

A logged in user with a role directly assigned can access a protected resource

❯ http --form --session=admin_via_role POST http://127.0.0.1:12345/login username=admin_via_role_user
HTTP/1.0 200 OK
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:09:43 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey30UJjLMMPjvczcDj0XM_Xj0puZVzGTAYWouboSi9qUcyJoyJQsgpNas3pQJ4HFJWcTlMzMBDZVjlQikIRaXIAaopeqghhabUTsMyBEzxk9Ag1gE1AubcBRPGKR7MqIGSLXqcfPZtRVdO9rf97p6svcnw81035t29_y_cL7A-3VPsQ.Xonmpw.O8o2nJaFyqoZGiCVjavak7pjzDs; HttpOnly; Path=/
Vary: Cookie

Yay!


 ❯ http  --session=admin_via_role  http://127.0.0.1:12345/index
HTTP/1.0 200 OK
Content-Length: 5
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:09:48 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey30UJjLMMPjvczcDj0XM_Xj0puZVzGTAYWouboSi9qUcyJoyJQsgpNas3pQJ4HFJWcTlMzMBDZVjlQikIRaXIAaopeqghhabUTsMyBEzxk9Ag1gE1AubcBRPGKR7MqIGSLXqcfPZtRVdO9rf97p6svcnw81035t29_y_cL7A-3VPsQ.XonmrA.47Px1lEdKHRGQitDOWmN-78B7jA; HttpOnly; Path=/
Vary: Cookie

index


 ❯ http  --session=admin_via_role  http://127.0.0.1:12345/profile
HTTP/1.0 200 OK
Content-Length: 7
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:09:51 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey30UJjLMMPjvczcDj0XM_Xj0puZVzGTAYWouboSi9qUcyJoyJQsgpNas3pQJ4HFJWcTlMzMBDZVjlQikIRaXIAaopeqghhabUTsMyBEzxk9Ag1gE1AubcBRPGKR7MqIGSLXqcfPZtRVdO9rf97p6svcnw81035t29_y_cL7A-3VPsQ.Xonmrw.EzqUDUEP0mp4wrj3tEX5fUmaIjA; HttpOnly; Path=/
Vary: Cookie

profile


 ❯ http  --session=admin_via_role  http://127.0.0.1:12345/protected/view
HTTP/1.0 200 OK
Content-Length: 14
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:09:53 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey30UJjLMMPjvczcDj0XM_Xj0puZVzGTAYWouboSi9qUcyJoyJQsgpNas3pQJ4HFJWcTlMzMBDZVjlQikIRaXIAaopeqghhabUTsMyBEzxk9Ag1gE1AubcBRPGKR7MqIGSLXqcfPZtRVdO9rf97p6svcnw81035t29_y_cL7A-3VPsQ.XonmsQ.khbch6e1tJwDWrWNpFJiBzxbq7Q; HttpOnly; Path=/
Vary: Cookie

view protected

A logged in user in a group that has an assigned role can access a protected resource

❯ http --form --session=admin_via_group POST http://127.0.0.1:12345/login username=admin_via_group_user
HTTP/1.0 200 OK
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:11:59 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGzCaOuontf-_NOV1_m_nyomfZr2_6W7ze8P-4EPsY.XonnLw.gcxu0FnLw3SW2nt9v300OkOj9eQ; HttpOnly; Path=/
Vary: Cookie

Yay!


 ❯ http  --session=admin_via_group  http://127.0.0.1:12345/index
HTTP/1.0 200 OK
Content-Length: 5
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:12:08 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGzCaOuontf-_NOV1_m_nyomfZr2_6W7ze8P-4EPsY.XonnOA.Po7p1SX1uxwFIkp4xryoLUIifAE; HttpOnly; Path=/
Vary: Cookie

index


 ❯ http  --session=admin_via_group  http://127.0.0.1:12345/profile
HTTP/1.0 200 OK
Content-Length: 7
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:12:12 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGzCaOuontf-_NOV1_m_nyomfZr2_6W7ze8P-4EPsY.XonnPA.67de6ypYuBrVfOCHPx9QeF0WpoU; HttpOnly; Path=/
Vary: Cookie

profile


 ❯ http  --session=admin_via_group  http://127.0.0.1:12345/protected/view
HTTP/1.0 200 OK
Content-Length: 14
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Apr 2020 14:12:18 GMT
Server: Werkzeug/1.0.1 Python/3.7.7
Set-Cookie: session=.eJxNjsEKwyAQRP_Fcynqqqv5mbDrriQQQknMoZT-ey29FOYyzPB4LzO3Q8_FTP249GbmVcxkQCFqrq7EojblnAgaMiWL4KTWrB7USWBxydkEJTMzgU2VI5UIJKEWF6CG6KWqIIZWGxH7DAjRc0aPQAPYBJRLG3AUj1gkuzJihsh16vGzCaOuontf-_NOV1_m_nyomfZr2_6W7ze8P-4EPsY.XonnQg.-Kd16RdiOItgCRg69jqYXE35ck8; HttpOnly; Path=/
Vary: Cookie

view protected

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 4 - Beta
Environment
- Web Environment
Intended Audience
- Developers
License
- OSI Approved :: BSD License
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP :: Dynamic Content
- Software Development :: Libraries :: Python Modules

Release history Release notifications | RSS feed

This version

0.5

May 20, 2020

0.3

Apr 6, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_roles-0.5.tar.gz (4.6 kB view hashes)

Uploaded May 20, 2020 Source

Hashes for flask_roles-0.5.tar.gz

Hashes for flask_roles-0.5.tar.gz
Algorithm	Hash digest
SHA256	`9442b282f5254f0ca51cdccfe2242d7cd47178738cf6ed7f6c436cd03bb5aaed`
MD5	`4a4f605fb855e41f131aae9b38c780fa`
BLAKE2b-256	`00e59e8744193662906305a0d65c62bafb5f19e72596228ac5242e29c1fcc60e`