Simple Attribute Based Access Control
Project description
Simple Attribute Based Access Control
Description
Python implementation of Attribute Based Access Control (ABAC). Design is based on XACML model, but is not its strict implementation.
Features
Example
from sabac import PDP, PAP, DenyBiasedPEP, deny_unless_permit
# Creating Policy Administration Point
pap = PAP(deny_unless_permit)
# Adding policy to PAP
pap.add_item({
"description": "Admin permissions",
"target": {
'subject.id': 1,
},
"algorithm": "DENY_UNLESS_PERMIT",
'rules': [
{
"effect": "PERMIT",
"description": "Allow to manage users",
"target": {
'resource.type': 'user',
'action': {'@in': ['create', 'view', 'update', 'erase_personal_data', 'delete']},
},
}
]
})
pdp = PDP(pap_instance=pap)
# Creating Policy Enforcement Point
pep = DenyBiasedPEP(pdp)
# Describing Policy Enforcement Point context
context = {
'resource.type': 'user',
'action': 'create',
'subject.id': 1
}
# Evaluating policy
result = pep.evaluate(context)
print(result) # Should return True
TODO
- Implement all combining algorithms
#References
- XACML 3.0 standard http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
- XACML Algorithms combining truth tables https://xacml.io
- A popular ABAC/XACML introduction in Russian https://habr.com/ru/company/custis/blog/258861/#rule
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sabac-0.0.1a0.tar.gz
(10.9 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
sabac-0.0.1a0-py3-none-any.whl
(27.1 kB
view details)
File details
Details for the file sabac-0.0.1a0.tar.gz.
File metadata
- Download URL: sabac-0.0.1a0.tar.gz
- Upload date:
- Size: 10.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.24.0 setuptools/53.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.7.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2180252cb23071eb949d6b003fe14ebbef7904ce74ef1122feac98e8e6542c1e
|
|
| MD5 |
912c054addeb30df0ebf9842ac58ce57
|
|
| BLAKE2b-256 |
e91a4e7f2d2704f10986b3bfb9cf68e825fdb48872ee3d9f16eec24c04eae212
|
File details
Details for the file sabac-0.0.1a0-py3-none-any.whl.
File metadata
- Download URL: sabac-0.0.1a0-py3-none-any.whl
- Upload date:
- Size: 27.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.24.0 setuptools/53.0.0 requests-toolbelt/0.9.1 tqdm/4.57.0 CPython/3.7.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ba67f0cf3a5cb790e7e60e231401c3959c2c0129d18343f1830854cc4041ee2f
|
|
| MD5 |
2f19ca11dd6bed92565a4dbad74d2e89
|
|
| BLAKE2b-256 |
888fda8ce6000bfa071728ae088e7dede30edc0fc755156a93863289a1c86e1b
|
