Authorization library for WSGI applications
Upgrading to v0.3
You will need to make the following changes in order to upgrade from previous versions:
Predicate classes have changed their signature. In v0.2 you would have written:
class MyPredicate(Predicate): def __call__(self, environ, context=None): ... @make_predicate def my_custom_predicate(environ, context=None): ...
In v0.3 you should to change this to:
class MyPredicate(Predicate): def __call__(self, acl, identity, context=None): ... @make_predicate def my_custom_predicate(acl, identity, context=None): ...
RoleProviders also have a different signature. Change from this:
CustomRoleProvider(RoleProvider): def member_subset(self, roles, identity, environ, context): ...
CustomRoleProvider(RoleProvider): def member_subset(self, roles, identity, context): ...
If your RoleProvider or Predicate depends on information from the WSGI environ, this is no longer directly supported. Your application must now explicitly pass any context information required to evaluate roles or predicates in the context argument.
Testing permissions now always requires an ACL object. Where in 0.2 you would have written this:
some_permission.check(environ) if some_other_permission.is_met(environ): do_something()
You should now change this to:
from knave import ACL acl = ACL.of(environ) acl.require(some_permission) if acl.test(some_other_permission): do_something()
- Bugfix for issue where roles were incorrectly cached, causing checks for roles to fail where they should have passed
- Optimized role membership lookups
- Permission subclasses may now implement custom checking logic
- Added @ACL.role_provider and @role_decider decorators
- Initial release