Generic API permissions and visibilities for Django
Project description
Django Generic API Permissions
Django Generic API Permissions supports you to implement generic APIs that can be used in different contexts.
In such scenario, you might want to define different sets of permissions and visibilities per project. Django Generic API Permissions allows for creating custom permission and visibility classes, where you can describe the desired setup with code.
Installation
pip install django-generic-api-permissions
Usage
In the tests
directory you can find a simple example project demonstrating the usage
of Django Generic API Permissions.
Add generic_permissions.apps.GenericPermissionsConfig
to your INSTALLED_APPS
:
INSTALLED_APPS = (
...
"generic_permissions.apps.GenericPermissionsConfig",
...
)
Visibility
The visibility part defines what you can see at all. Anything you cannot see, you're implicitly also not allowed to modify. The visibility classes define what you see depending on your roles, permissions, etc. Building on top of this follow the permission classes (see below) that define what you can do with the data you see.
Following mixins have to be added to your models, views and serializers:
generic_permissions.models.VisibilityModelMixin
generic_permissions.views.VisibilityViewMixin
Visibility classes
Visibility classes are configured as GENERIC_PERMISSIONS_VISIBILITY_CLASSES
.
Following pre-defined classes are available:
generic_permissions.visibilities.Any
: Allow any user without any filtering (default)generic_permissions.visibilities.Union
: Union result of a list of configured visibility classes. May only be used as base class.
To write custom visibility classes, you need to inherit from generic_permissions.visibilities.BasePermission
.
Example:
>>> from generic_permissions.visibilities import BaseVisibility
... from tests.models import BaseModel, Model1, Model2
...
...
... class CustomVisibility(BaseVisibility):
... @filter_queryset_for(BaseModel)
... def filter_queryset_for_all(self, queryset, request):
... return queryset.filter(created_by_user=request.user.username)
...
... @filter_queryset_for(Model1)
... def filter_queryset_for_document(self, queryset, request):
... return queryset.exclude(category__slug='protected-category')
...
... @filter_queryset_for(Model2)
... def filter_queryset_for_file(self, queryset, request):
... # Limitations for `Model1` should also be enforced on `Model2`.
... return queryset.exclude(document__category__slug='protected-category')
Arguments:
queryset
: Queryset of specific node typerequest
: holds the http request
Permissions
Permission classes define who may perform which data mutation. Such can be configured as
GENERIC_PERMISSIONS_PERMISSION_CLASSES
.
Following mixins have to be added to your models, views and serializers:
generic_permissions.models.PermissionModelMixin
generic_permissions.views.PermissionViewMixin
generic_permissions.serializers.PermissionSerializerMixin
Permission classes
Following pre-defined classes are available:
generic_permissions.permissions.AllowAny
: allow any users to perform any mutation (default)
To write custom permission classes, you need to inherit from generic_permissions.permissions.BasePermission
.
Example:
>>> from generic_permissions.permissions import BasePermission
... from tests.models import BaseModel, Model1
...
... class CustomPermission(BasePermission):
... @permission_for(BaseModel)
... def has_permission_default(self, request):
... # change default permission to False when no more specific
... # permission is defined.
... return False
...
... @permission_for(Model1)
... def has_permission_for_document(self, request):
... return True
...
... @object_permission_for(Model1)
... def has_object_permission_for_document(self, request, instance):
... return request.user.username == 'admin'
Arguments:
request
: holds the http requestinstance
: instance being edited by specific request
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django-generic-api-permissions-0.0.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | f99e635af7da6165cbb54c2f0a732ecf282baf924546d695b1c57ddb26774b90 |
|
MD5 | 18d2043a4a650827850f2e1b60155342 |
|
BLAKE2b-256 | 1376ef5eb4be74ea0a021a6ec5cbd1c074dc47a9472920682533931d7c260640 |
Hashes for django_generic_api_permissions-0.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b08618b6d032f07d4b5d2d42875464785f830cfa275eaf712df9414059ec5d80 |
|
MD5 | 049c5ba3f8aea05582f27ceb52febbbf |
|
BLAKE2b-256 | 03ee93d7bddb784392509a3237119d9ab87bcdeae8b785f8c23bab485864caa6 |