{
    "info": {
        "author": "Philip J Grabner, Canary Health Inc",
        "author_email": "oss@canary.md",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 1 - Planning",
            "Framework :: Pyramid",
            "Intended Audience :: Developers",
            "License :: OSI Approved :: MIT License",
            "License :: Public Domain",
            "Natural Language :: English",
            "Operating System :: OS Independent",
            "Programming Language :: Python",
            "Topic :: Internet",
            "Topic :: Internet :: WWW/HTTP",
            "Topic :: Software Development"
        ],
        "description": "=====================================\nPyramid Authorization (pyramid_authz)\n=====================================\n\n.. WARNING::\n\n  This package is still in the design/planning stage, so there is no\n  code available yet. Check back soon.\n\nThe `pyramid_authz` Python package provides helper routines to make\nthe *authorization* component of access control easier. Note that this\npackage does **NOT** address *authentication* in any way (there are\nmany other packages for that). Authentication is the process of\ndetermining *who* the request is coming from, authorization is the\nprocess of determining *what* that identity is allowed to do.\n\nThis package exposes a postgres-like approach to access control, which\nbasically means that access control is broken down into \"roles\" and\n\"privileges\".\n\nIn short:\n\n1. A `Privilege` is the permission to perform an action;\n\n2. A `Role` is a collection of privileges;\n\n3. Roles can inherit from other roles;\n\n4. Any database object can be made to be a role; and\n\n5. Access to a resource or action is **always** based on privileges,\n   **never** on roles, i.e. your code should always ask \"does this\n   user have this privilege\", not \"is this user a member of this\n   role\".\n\nFor more information on postgres' approach, please see\nhttp://www.postgresql.org/docs/9.0/static/user-manag.html.\n\n\nProject\n=======\n\n* Homepage: https://github.com/canaryhealth/pyramid_authz\n* Bugs: https://github.com/canaryhealth/pyramid_authz/issues\n\n\nInstallation\n============\n\n.. code:: bash\n\n  $ pip install pyramid_authz\n\n\nUsage\n=====\n\nRequire static privilege ``user.valid``:\n\n.. code:: python\n\n  from pyramid_authz import privilege\n\n  # restrict the 'core' view to authenticated users\n  @view_config(route_name='core')\n  @privilege('user.valid')\n  def core(request):\n    ...\n\nRequire dynamic privilege for path route ``/blog/{blog_id}/{page_id}``\nwhich depends on which blog, which page, and what method is being\nrequested:\n\n.. code:: python\n\n  from pyramid_authz import privilege, Method, PathParam\n\n  # restrict the 'blog.page' view to users that have the blog-\n  # and method-specific privilege\n  @view_config(route_name='blog.page')\n  def blog(request):\n    blog_id = request.matchdict['blog_id']\n    page_id = request.matchdict['page_id']\n\n    priv = privilege(blog_id=blog_id, page_id=page_id, method=request.method)\n\n    # check\n    if not priv.allow(request):\n      raise HTTPForbidden()\n\n    # same as check, but also raises the exception all-in-one\n    priv.require(request)\n\n    # same, but raise 404 instead 401/403\n    priv.require(request, failto=HTTPNotFound)\n\n    ...\n\nSame thing, but using the declarative helpers `PathParam` (which\nreturns the specified ``request.matchdict[{PARAMNAME}]`` path\ncomponent) and `Method` (which returns the value of\n``request.method``):\n\n `Method` (\n\n.. code:: python\n\n  # same thing, but specified declaratively:\n\n  from pyramid_authz import privilege, PathParam, Method\n\n  @view_config(route_name='blog.page')\n  @privilege(\n    blog_id = PathParam('blog_id'), \n    page_id = PathParam('page_id'), \n    method  = RequestMethod,\n  )\n  def blog(request):\n    ...",
        "description_content_type": null,
        "docs_url": null,
        "download_url": "UNKNOWN",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "http://github.com/canaryhealth/pyramid_authz",
        "keywords": "pyramid authorization role privilege",
        "license": "MIT (http://opensource.org/licenses/MIT)",
        "maintainer": null,
        "maintainer_email": null,
        "name": "pyramid_authz",
        "package_url": "https://pypi.org/project/pyramid_authz/",
        "platform": "UNKNOWN",
        "project_url": "https://pypi.org/project/pyramid_authz/",
        "project_urls": {
            "Download": "UNKNOWN",
            "Homepage": "http://github.com/canaryhealth/pyramid_authz"
        },
        "release_url": "https://pypi.org/project/pyramid_authz/0.1.0/",
        "requires_dist": null,
        "requires_python": null,
        "summary": "A pyramid authorization (not authentication) suite",
        "version": "0.1.0"
    },
    "last_serial": 2131999,
    "releases": {
        "0.1.0": []
    },
    "urls": []
}