Hello. I'm just an abstract object 📦 and I would be very glad to have user authorization because I hate criminals 🦹♂️ like pedophiles, robbers, hackers and so on.
Project django-object-checker extends standard django role base access control to be able to check individual object types.
Main purpose of this extended authorization system is to maintain control for each objects individually with modular solution.
# pip
pip install django-object-checker
# pipenv
pipenv install django-object-checker
# poetry
poetry add django-object-checkerThe path is path to the module, where you going to implement all your checkers. This is required for our BaseObjectChecker to be able to find his subclasses.
OBJECT_CHECKERS_MODULE = 'app.checkers'Valid check methods are only these, which name starts with
check_. So if you want to implement your custom methods which you want to be ignored by CheckingManager your hands are free.
from django.contrib.auth.models import Group, User
from object_checker.base_object_checker import RbacChecker
class MyObjectChecker(RbacChecker):
@staticmethod
def check_my_object(role: Group, user: User, obj):
result = False
if role.name == 'manager':
result = True
return resultfrom django.contrib.auth.models import User
from object_checker.base_object_checker import AbacChecker
class MyObjectChecker(AbacChecker):
@staticmethod
def check_my_object(user: User, obj):
if user.has_specific_attribute:
return True
return Falsefrom app.checkers.my_object_checker import MyObjectCheckerMethod to check is
has_object_permissionand has three arguments:
- name of check method
- user object
- object/objects to be checked
from object_checker.base_object_checker import has_object_permission
if has_object_permission('check_my_object', user, my_object):
print('User has access to this/these object/objects.')
else:
print('User has NOT access to this/these object/objects.')Made with ❤ by Adam Žúrek & BACKBONE s.r.o.