{ "info": { "author": "Tasdik Rahman", "author_email": "prodicus@outlook.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Intended Audience :: Developers", "Natural Language :: English", "Programming Language :: Python", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Topic :: Text Processing :: Linguistic" ], "description": "# easyrbac\n\n[![Build Status](https://travis-ci.org/prodicus/rbac.svg?branch=master)](https://travis-ci.org/prodicus/rbac)\n\nRole based Access Control implementation using the standard library\n\n**NOTE**: _Still under heavy development._\n\n## Demo\n\n### Role creation and assignment of role to a User\n\n```python\nfrom easyrbac import Role, User\n\n\ndefault_role = Role('default')\nadmin_role = Role('admin')\n\ndefault_user = User(roles=[default_role])\nadmin_user = User(roles=[admin_role, default_role])\n```\n\n### User resource access permissions allocation\n\n```python\nfrom easyrbac import AccessControlList, User, Role\n\neveryone_role = Role('everyone')\nadmin_role = Role('admin')\n\neveryone_user = User(roles=[everyone_role])\nadmin_user = User(roles=[admin_role, everyone_role])\n\n\nacl = AccessControlList()\n\nacl.resource_read_rule(everyone_role, 'GET', '/api/v1/employee/1/info')\nacl.resource_delete_rule(admin_role, 'DELETE', '/api/v1/employee/1/')\n\n# checking READ operation on resource for user `everyone_user`\nfor user_role in [role.get_name() for role in everyone_user.get_roles()]:\n assert acl.is_read_allowed(user_role, 'GET', '/api/v1/employee/1/info') == True\n\n# checking WRITE operation on resource for user `everyone_user`\n# Since you have not defined the rule for the particular, it will disallow any such operation by default.\nfor user_role in [role.get_name() for role in everyone_user.get_roles()]:\n assert acl.is_write_allowed(user_role, 'WRITE', '/api/v1/employee/1/info') == False\n\n# checking WRITE operation on resource for user `admin_user`\nfor user_role in [role.get_name() for role in everyone_user.get_roles()]:\n if user_role == 'admin': # as a user can have more than one role assigned to them\n assert acl.is_delete_allowed(user_role, 'DELETE', '/api/v1/employee/1/') == True\n else:\n assert acl.is_delete_allowed(user_role, 'DELETE', '/api/v1/employee/1/') == False\n```\n\n\n## TODO\n\n- [ ] Adding hierarchical roles, which represent parent<->child relations\n- [ ] Adding this on top of Bottle/Flask\n- [ ] Make it `pip` installable\n\n## Issues\n\nYou can submit the issues on the issue tracker [here](https://github.com/prodicus/rbac/issues)\n\n## Literature material\n\n- [http://profsandhu.com/articles/advcom/adv_comp_rbac.pdf](http://profsandhu.com/articles/advcom/adv_comp_rbac.pdf)\n- [http://www.comp.nus.edu.sg/~tankl/cs5322/readings/rbac1.pdf](http://www.comp.nus.edu.sg/~tankl/cs5322/readings/rbac1.pdf)\n- [https://symas.com/ansi-rbac-intro/](https://symas.com/ansi-rbac-intro/)\n- [https://pythonhosted.org/Flask-Principal/](https://pythonhosted.org/Flask-Principal/)\n- [https://iamfortress.net/2014/11/24/using-role-for-access-control-is-not-rbac/](https://iamfortress.net/2014/11/24/using-role-for-access-control-is-not-rbac/)\n- [http://cloudify.co/2016/04/15/simple-secure-role-based-access-control-rest-api-rbac-server-devops-cloud-orchestration.html](http://cloudify.co/2016/04/15/simple-secure-role-based-access-control-rest-api-rbac-server-devops-cloud-orchestration.html)\n\n## LICENSE\n\nGPLv3\n", "description_content_type": null, "docs_url": null, "download_url": "https://github.com/prodicus/easyrbac/tarball/0.1.0", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/prodicus/easyrbac", "keywords": "rbac", "license": "GPLv3", "maintainer": "", "maintainer_email": "", "name": "easyrbac", "package_url": "https://pypi.org/project/easyrbac/", "platform": "", "project_url": "https://pypi.org/project/easyrbac/", "project_urls": { "Download": "https://github.com/prodicus/easyrbac/tarball/0.1.0", "Homepage": "https://github.com/prodicus/easyrbac" }, "release_url": "https://pypi.org/project/easyrbac/0.1.0/", "requires_dist": null, "requires_python": "", "summary": "easyrbac: Role Based Access Control for humans", "version": "0.1.0" }, "last_serial": 2915855, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "ec7fed653393a2149ff5f265cc63e453", "sha256": "2f749430c8199926f19968743f8c459bfe79b7e2c9d070b6d622dfffb72caaa2" }, "downloads": -1, "filename": "easyrbac-0.1.0.tar.gz", "has_sig": false, "md5_digest": "ec7fed653393a2149ff5f265cc63e453", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 19439, "upload_time": "2017-06-01T06:20:51", "url": "https://files.pythonhosted.org/packages/e3/c6/c873495dbea58685774f5c99cebfb2ccbdd03c22cc04626e25454cfff72b/easyrbac-0.1.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "ec7fed653393a2149ff5f265cc63e453", "sha256": "2f749430c8199926f19968743f8c459bfe79b7e2c9d070b6d622dfffb72caaa2" }, "downloads": -1, "filename": "easyrbac-0.1.0.tar.gz", "has_sig": false, "md5_digest": "ec7fed653393a2149ff5f265cc63e453", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 19439, "upload_time": "2017-06-01T06:20:51", "url": "https://files.pythonhosted.org/packages/e3/c6/c873495dbea58685774f5c99cebfb2ccbdd03c22cc04626e25454cfff72b/easyrbac-0.1.0.tar.gz" } ] }