Framework-agnostic authorization gates inspired by Laravel
Project description
Scutum
Scutum is a lightweight authorization library inspired by Laravel's Policies and Gates. It provides an easy way to manage permissions using decorators, making access control more structured and maintainable.
Installation
pip install scutum
Usage
Defining Actions
An action is a set of rules that determine whether a user can manipulate a particular resource.
from scutum import gate
@gate.register("edit")
def edit_post(user, post):
return user.id == post.author_id
Defining Policies
A policy is a named class whose methods are actions that will be registered along with the class name.
from scutum import Policy, gate
@gate.policy("user")
class UserPolicy(Policy):
def create(self, user, *args, **kwargs):
return user.is_admin
Checking Permissions
Through the gate it is possible to check the permissions of registered policies.
from scutum import Policy, gate
@gate.policy("user")
class UserPolicy(Policy):
def create(self, user, *args, **kwargs):
return user.is_admin
def delete(self, user, *args, **kwargs):
return user.is_admin
def create_user():
user = current_user()
if gate.allowed("user:create", user): # If action is allowed
return "You are authorized to create a user"
if gate.denied("user:create", user): # If action is denied
return "You are not authorized to create a user"
if gate.any(["user:create", "user:delete"], user): # If any action
return "You have permission to create or delete a user."
if gate.none(["user:create", "user:delete"], user): # If none action
return "You do not have permission to create or delete a user."
response = gate.check("user:create", user) # bool or Response
return response
Responses
Responses are classes that can be returned within an action or policy for an allowed or denied action and can define details such as status code and response body.
from scutum import Response, gate
@guard.register("update")
def update_user(authenticated_user, user):
if authenticated_user.is_admin:
return Response.allow("User authorized")
return Response.deny("This action is not authorized")
Extensions
You can explore example projects demonstrating how to integrate this library with popular Python web frameworks:
- Flask Example: github.com/jigordev/flask-scutum-example
- FastAPI Example: github.com/jigordev/fastapi-scutum-example
License
MIT License
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file scutum-0.1.0.tar.gz.
File metadata
- Download URL: scutum-0.1.0.tar.gz
- Upload date:
- Size: 7.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
01399b3035bb53e5aa8eceba89cf3d03aaf88408e13639c328589a26d66f1dcc
|
|
| MD5 |
2cdb0e24e052ebf2366bdf850dc005bf
|
|
| BLAKE2b-256 |
50d029371f1f0beedfdba9adebc577876ea7ce877c6618d302070d66675172fa
|
File details
Details for the file scutum-0.1.0-py3-none-any.whl.
File metadata
- Download URL: scutum-0.1.0-py3-none-any.whl
- Upload date:
- Size: 9.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a4c708563b1927551ae695cb6131434e79f778e4a9bffb9cc50dca1411ad276d
|
|
| MD5 |
c28968002e3b26acf4a9e4486d7b01ec
|
|
| BLAKE2b-256 |
e3eebc9b793b0769477f8546340ce2cd27f838b2fffa2e55569164a13a906b8f
|
