-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial documentation See merge request !2
- Loading branch information
Showing
11 changed files
with
671 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,3 +11,4 @@ __pycache__/ | |
.coverage | ||
*.pyc | ||
*.log | ||
docs/_build/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,18 +1,78 @@ | ||
# Django object authority | ||
|
||
**Package to authorize actions (CRUD) to users over concrete items.** | ||
**Package to authorize actions over concrete object instances.** | ||
|
||
[![travis-image]][travis] | ||
[![pypi-image]][pypi] | ||
[![docs-image]][docs] | ||
|
||
|
||
## Overview | ||
|
||
Django provides an authentication system to authorize users to create, modify or delete models. | ||
The user can perform this action on any element of the class in which it has such permissions. | ||
This package extends these permissions and adds read permissions. | ||
|
||
The main function of it is to control the access on specific elements for a concrete action. | ||
|
||
|
||
## Documentation | ||
|
||
Online documentation is available at [https://docs.readthedocs.io](http://django-object-authority.readthedocs.io/en/latest/) | ||
|
||
|
||
## Features | ||
|
||
* New authentication backend for Django apps. | ||
* New authentication backend for Django rest framework. | ||
* Mechanism to auto-register object permissions. | ||
* Mixin to use in list views that filter your queryset according an authorization filter. | ||
* Per user permissions based filters. | ||
* Command to create custom permission of application and/or specific models. | ||
|
||
|
||
## Installation | ||
|
||
Install using pip: | ||
|
||
$ pip install django-object-authority | ||
|
||
## Setup | ||
|
||
Add to INSTALLED_APPS | ||
```python | ||
INSTALLED_APPS = ( | ||
... | ||
'django_object_authority', | ||
) | ||
``` | ||
|
||
Add the new backend to AUTHENTICATION_BACKENDS | ||
```python | ||
AUTHENTICATION_BACKENDS = [ | ||
'django.contrib.auth.backends.ModelBackend', | ||
'django_object_authority.backends.ObjectAuthorityBackend', | ||
] | ||
``` | ||
|
||
Register your object permissions | ||
|
||
```python | ||
# authorizations.py | ||
@register(SampleModel) | ||
class SampleModelAuthority(ObjectAuthorization): | ||
|
||
def has_object_permission(self, user, obj): | ||
return obj.owner == user | ||
|
||
def has_delete_permission(self, user, obj): | ||
return obj.owner == user and not obj.is_editable | ||
``` | ||
|
||
[travis-image]: https://secure.travis-ci.org/bcanyelles/django-object-authority.svg?branch=master | ||
[travis]: http://travis-ci.org/bcanyelles/django-object-authority?branch=master | ||
[travis]: http://travis-ci.org/apsl/django-object-authority?branch=master | ||
[pypi-image]: https://img.shields.io/pypi/v/django-object-authority.svg | ||
[pypi]: https://pypi.python.org/pypi/django-object-authority | ||
[docs-image]: https://readthedocs.org/projects/docs/badge/?version=latest | ||
[docs]: http://django-object-authority.readthedocs.io/en/latest/ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Minimal makefile for Sphinx documentation | ||
# | ||
|
||
# You can set these variables from the command line. | ||
SPHINXOPTS = | ||
SPHINXBUILD = sphinx-build | ||
SPHINXPROJ = django-object-authority | ||
SOURCEDIR = . | ||
BUILDDIR = _build | ||
|
||
# Put it first so that "make" without argument is like "make help". | ||
help: | ||
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) | ||
|
||
.PHONY: help Makefile | ||
|
||
# Catch-all target: route all unknown targets to Sphinx using the new | ||
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). | ||
%: Makefile | ||
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,183 @@ | ||
# -*- coding: utf-8 -*- | ||
# | ||
# django-object-authority documentation build configuration file, created by | ||
# sphinx-quickstart on Thu Jun 1 11:27:21 2017. | ||
# | ||
# This file is execfile()d with the current directory set to its | ||
# containing dir. | ||
# | ||
# Note that not all possible configuration values are present in this | ||
# autogenerated file. | ||
# | ||
# All configuration values have a default; values that are commented out | ||
# serve to show the default. | ||
|
||
# If extensions (or modules to document with autodoc) are in another directory, | ||
# add these directories to sys.path here. If the directory is relative to the | ||
# documentation root, use os.path.abspath to make it absolute, like shown here. | ||
# | ||
# import os | ||
# import sys | ||
# sys.path.insert(0, os.path.abspath('.')) | ||
|
||
|
||
# -- General configuration ------------------------------------------------ | ||
|
||
# If your documentation needs a minimal Sphinx version, state it here. | ||
# | ||
# needs_sphinx = '1.0' | ||
|
||
# Add any Sphinx extension module names here, as strings. They can be | ||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom | ||
# ones. | ||
|
||
def get_version(): | ||
""" | ||
Return package version as listed in `__version__` in `init.py` of the source package. | ||
""" | ||
import os | ||
import re | ||
import inspect | ||
try: | ||
docs_path = os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())).rsplit('/', 1)[0]) | ||
init_py = open(os.path.join(docs_path, 'django_object_authority', '__init__.py')).read() | ||
return re.search("__version__ = ['\"]([^'\"]+)['\"]", init_py).group(1) | ||
except Exception: | ||
return 'latest' | ||
|
||
|
||
extensions = [ | ||
'sphinx.ext.autodoc', | ||
'sphinx.ext.todo', | ||
'sphinx.ext.coverage', | ||
'sphinx.ext.viewcode' | ||
] | ||
|
||
# Add any paths that contain templates here, relative to this directory. | ||
templates_path = ['_templates'] | ||
|
||
# The suffix(es) of source filenames. | ||
# You can specify multiple suffix as a list of string: | ||
# | ||
# source_suffix = ['.rst', '.md'] | ||
source_suffix = '.rst' | ||
|
||
# The master toctree document. | ||
master_doc = 'index' | ||
|
||
# General information about the project. | ||
project = u'django-object-authority' | ||
copyright = u'2017, Tomeu Canyelles' | ||
author = u'Tomeu Canyelles' | ||
|
||
# The version info for the project you're documenting, acts as replacement for | ||
# |version| and |release|, also used in various other places throughout the | ||
# built documents. | ||
# | ||
# The short X.Y version. | ||
version = get_version() | ||
# The full version, including alpha/beta/rc tags. | ||
release = version | ||
|
||
# The language for content autogenerated by Sphinx. Refer to documentation | ||
# for a list of supported languages. | ||
# | ||
# This is also used if you do content translation via gettext catalogs. | ||
# Usually you set "language" from the command line for these cases. | ||
# language = None | ||
|
||
# List of patterns, relative to source directory, that match files and | ||
# directories to ignore when looking for source files. | ||
# This patterns also effect to html_static_path and html_extra_path | ||
exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] | ||
|
||
# The name of the Pygments (syntax highlighting) style to use. | ||
pygments_style = 'sphinx' | ||
|
||
# If true, `todo` and `todoList` produce output, else they produce nothing. | ||
todo_include_todos = True | ||
|
||
# -- Options for HTML output ---------------------------------------------- | ||
|
||
# The theme to use for HTML and HTML Help pages. See the documentation for | ||
# a list of builtin themes. | ||
# | ||
# html_theme = 'alabaster' | ||
import sphinx_rtd_theme | ||
html_theme = "sphinx_rtd_theme" | ||
html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] | ||
html_theme_options = { | ||
'collapse_navigation': False, | ||
'display_version': True, | ||
'navigation_depth': 3, | ||
} | ||
# Theme options are theme-specific and customize the look and feel of a theme | ||
# further. For a list of options available for each theme, see the | ||
# documentation. | ||
# | ||
# html_theme_options = {} | ||
|
||
# Add any paths that contain custom static files (such as style sheets) here, | ||
# relative to this directory. They are copied after the builtin static files, | ||
# so a file named "default.css" will overwrite the builtin "default.css". | ||
html_static_path = ['_static'] | ||
|
||
|
||
# -- Options for HTMLHelp output ------------------------------------------ | ||
|
||
# Output file base name for HTML help builder. | ||
htmlhelp_basename = 'django-object-authoritydoc' | ||
|
||
|
||
# -- Options for LaTeX output --------------------------------------------- | ||
|
||
latex_elements = { | ||
# The paper size ('letterpaper' or 'a4paper'). | ||
# | ||
# 'papersize': 'letterpaper', | ||
|
||
# The font size ('10pt', '11pt' or '12pt'). | ||
# | ||
# 'pointsize': '10pt', | ||
|
||
# Additional stuff for the LaTeX preamble. | ||
# | ||
# 'preamble': '', | ||
|
||
# Latex figure (float) alignment | ||
# | ||
# 'figure_align': 'htbp', | ||
} | ||
|
||
# Grouping the document tree into LaTeX files. List of tuples | ||
# (source start file, target name, title, | ||
# author, documentclass [howto, manual, or own class]). | ||
latex_documents = [ | ||
(master_doc, 'django-object-authority.tex', u'django-object-authority Documentation', | ||
u'Tomeu Canyelles', 'manual'), | ||
] | ||
|
||
|
||
# -- Options for manual page output --------------------------------------- | ||
|
||
# One entry per manual page. List of tuples | ||
# (source start file, name, description, authors, manual section). | ||
man_pages = [ | ||
(master_doc, 'django-object-authority', u'django-object-authority Documentation', | ||
[author], 1) | ||
] | ||
|
||
|
||
# -- Options for Texinfo output ------------------------------------------- | ||
|
||
# Grouping the document tree into Texinfo files. List of tuples | ||
# (source start file, target name, title, author, | ||
# dir menu entry, description, category) | ||
texinfo_documents = [ | ||
(master_doc, 'django-object-authority', u'django-object-authority Documentation', | ||
author, 'django-object-authority', 'One line description of project.', | ||
'Miscellaneous'), | ||
] | ||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
.. django-object-authority documentation master file, created by | ||
sphinx-quickstart on Thu Jun 1 11:27:21 2017. | ||
You can adapt this file completely to your liking, but it should at least | ||
contain the root `toctree` directive. | ||
.. _configuration: | ||
|
||
|
||
Configuration | ||
============= | ||
|
||
There are two modes of usage the library: | ||
|
||
1. As a *mixins* that provide you a set of features. | ||
2. Application that autodiscover your objects permissions to apply them to your _Django_ application. | ||
|
||
|
||
.. _third_party: | ||
|
||
|
||
As third party application | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
First of all you should add `django_object_authority` to you `INSTALLED_APPS` settings. | ||
:: | ||
|
||
INSTALLED_APPS = ( | ||
... | ||
'rest_framework', | ||
) | ||
|
||
|
||
Is needed override `AUTHENTICATION_BACKENDS` setting to add `ObjectAuthorityBackend`. | ||
:: | ||
|
||
AUTHENTICATION_BACKENDS = [ | ||
'django.contrib.auth.backends.ModelBackend', | ||
'django_object_authority.backends.ObjectAuthorityBackend', | ||
] | ||
|
||
|
||
For each model you want to custom the permission level is needed define a `authorizations.py` file and register the | ||
permission `class`. | ||
:: | ||
|
||
@register(MyModel) | ||
class MyModelAuthority(BaseUserObjectAuthorization): | ||
|
||
def has_add_permission(self, user, obj): | ||
return obj.owner == user | ||
|
||
|
||
If you don't override all `BaseUserObjectAuthorization` defined methods. The default behaviour is defined as a | ||
setting variable [:ref:`settings` section]. | ||
|
||
`BaseObjectAuthorization` only implements `has_object_permission` method which check the object permission as default | ||
resource. | ||
|
||
|
||
.. _mixins: | ||
|
||
As *mixins* | ||
~~~~~~~~~~~ | ||
|
||
You can use it only installing the package [:ref:`installation` section] and include the mixin in your views. | ||
:: | ||
|
||
from django.views.generic import ListView | ||
from django_object_authority.mixins import AuthorizationMixin | ||
|
||
class MyListView(AuthorizationMixin, ListView): | ||
... | ||
authorization_filter_class = MyAuthorityFilter | ||
... |
Oops, something went wrong.