Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cocoakekeyu/cancan

cancan is a tiny permission controller base on ruby cancan library.
https://github.com/cocoakekeyu/cancan

django flask permission python

Last synced: about 2 months ago
JSON representation

cancan is a tiny permission controller base on ruby cancan library.

Host: GitHub
URL: https://github.com/cocoakekeyu/cancan
Owner: cocoakekeyu
License: mit
Created: 2017-08-05T05:11:02.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2020-06-04T15:14:41.000Z (over 4 years ago)
Last Synced: 2024-07-03T05:09:40.310Z (3 months ago)
Topics: django, flask, permission, python
Language: Python
Size: 13.7 KB
Stars: 245
Watchers: 2
Forks: 11
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # cancan

## Introduction

**cancan** is a tiny permission controller base on ruby cancan library. Once defined user ability, can easily check user's permission.

## Install

`pip install cancan`

## Basic Usage

inherit from cancan.Ability

use `add` method to add user Ability

```python

def add(self, action=None, subject=None, **conditions)`

    """

    Add ability are allowed using two arguments.

    The first one is the action you're setting the permission for,

    the second one is the class of object you're setting it on.

    the third one is the subject's attributes must be matches or a function

    to be test.

    self.add('update', Article)

    self.add('update', Article, user_id=1)

    self.add('update', Article, user_id=1, title='hello')

    self.add('update', Article, function=test_title)

    """

```

```python

import cancan

class User(object):

    def __init__(self, id, name, role):

        self.id = id

        self.name = name

        self.role = role

class Article(object):

    def __init__(self, title, user_id):

        self.title = title

        self.user_id = user_id

class Ability(cancan.Ability):

    def __init__(self, user):

        if user.role == 'admin':

            self.add('manage', 'all')

        else:

            self.add('read', Article)

            self.add('create', Article)

            self.add('update', Article, user_id=user.id)

            self.add('create', 'bbb')

admin = User(1, 'neven', 'admin')

ability = Ability(admin)

# admin

ability.can('read', Article)    # True

ability.can('create', Article)  # True

ability.can('delete', Article)  # True

ability.can('aaa', Article)     # True

ability.can('create', 'bbb')    # True

ability.can('create', 'ccc')    # True

user = User(2, 'joe', 'user')

ability2 = Ability(user)

# user

ability2.can('read', Article)   # True

ability2.can('create', Article) # True

ability2.can('delete', Article) # False

ability2.can('aaa', Article)    # False

ability2.can('create', 'bbb')   # True

ability2.can('create', 'ccc')   # False

article = Article('hello', 2)

# admin

ability.can('update', article) # True

# user

ability2.can('update', article) # True

ability2.can('update', Article) # True(class dont check conditions)

```

## Advanced

```python

import cancan

def test_title_gt_100(article):

    return len(article.title) > 100

def anoter_test(article, id, len_title):

    return article.user_id < id and len(article.title) > len_article

class Ability(cancan.Ability):

    def __init__(self, user):

        self.alias_action('create', 'read', 'update', to='cru')

        if user.role == 'admin':

            self.add('manage', 'all')

            self.addnot('destroy', 'gem')

        elif user.role == 'editor':

            self.add('cru', Article)

            self.add(['read', 'create'], 'gem')

            self.add('update', Article, function=test_title_gt_100)

            self.add('delete', Article, function=another_test, func_args=(10,), func_kwargs={"len_title": 4})

        else:

            self.add('create', Article)

            self.add('update', Article, user_id=user.id)

            self.add('create', 'bbb')

editor = User(3, 'kali', 'editor')

ability3 = Ability(editor)

# editor

ability3.can('create', Article)  # True

ability3.can('update', Article)  # True

ability3.can('cru', Article)  # True

ability3.can('read', 'gem')  # True

ability3.can('create', 'gem')  # True

article = Article('world', 1)

ability3.can('update', article)  # False

ability3.can('delete', article)  # True

article = Article('world'*100, 1)

ability3.can('delete', article)  # True

```

## Example

see example.py

## Integrate Django

see django_example