Skip to content

mdettelson/django-graphene-permissions-redux

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits

.github/workflows

.github/workflows

 
 

django_graphene_permissions

django_graphene_permissions

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

Pipfile

Pipfile

 
 

Pipfile.lock

Pipfile.lock

 
 

README.md

README.md

 
 

setup.py

setup.py

 
 

Repository files navigation

DGP - Django graphene permissions REDUX (Updated to support Django 4.x)

Permission system inspired by DRF

Installation

Install the latest release:

$ pip3 install django-graphene-permissions-redux

Or using pipenv

$ pipenv install django-graphene-permissions-redux

Usage

Permission definition

You can create new permissions by subclassing BasePermission e.g.

from django_graphene_permissions.permissions import BasePermission

class MyPermission(BasePermission):

    @staticmethod
    def has_permission(context):
        return context.user and context.user.is_authenticated
    
    @staticmethod
    def has_object_permission(context, obj):
        return True

This package provides predefined permissions :

  • AllowAny : Allow any access.
  • IsAuthenticated : Allow only authenticated users.

Node Permission

Subclass PermissionDjangoObjectType and define the permissions via the static method permission_classes that should return an iterable of permission classes

from django_graphene_permissions import PermissionDjangoObjectType
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleNode(PermissionDjangoObjectType):
    class Meta:
        model = Example
        interfaces = (relay.Node,)

    @staticmethod
    def permission_classes():
        return [IsAuthenticated]

Mutation Permission

Apply the permissions_checker([Permission,...]) decorator to mutate e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class ExampleDeleteMutation(graphene.Mutation):
    ok = graphene.Boolean()

    class Arguments:
        id = graphene.ID()

    @permissions_checker([IsAuthenticated])
    def mutate(self, info, id):
        instance = get_instance(id)
        instance.delete()
        return ExampleDeleteMutation(ok=True)

Query Permission

Apply the permissions_checker([Permission,...]) decorator to the field resolver e.g.

from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated

class Query(graphene.ObjectType):
    post = relay.Node.Field(PostNode)
    posts = DjangoFilterConnectionField(PostNode)

    @permissions_checker([IsAuthenticated])
    def resolve_posts(self, info, **kwargs):
        return Post.objects.all()

TODO

  • Improvements
  • Tests
  • Add a PermissionDjangoFilterConnectionField
  • Better docs

About

DGP - A DRF like permission system for django graphene (supports django 4.x)

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

Initial Release Latest
Dec 8, 2023

Packages

No packages published

Languages

  • Python 100.0%