Metadata-Version: 2.1
Name: drf-permission-rules
Version: 0.4.2
Summary: Declarative access policies/permissions modeled after AWS' IAM policies.
Home-page: https://github.com/speechki-book/drf-permission-rules
License: MIT
Keywords: django,restframework,drf,access,policy,authorization,declaritive
Author: Pavel Maltsev
Author-email: pavel@speechki.org
Requires-Python: >=3.9,<4.0
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: django (>=3.1.6)
Requires-Dist: django-json-widget (>=1.1.1)
Requires-Dist: django-model-utils (>=4.1.1)
Requires-Dist: djangorestframework (>=3.12.2)
Requires-Dist: drf-access-policy (>=0.8.7)
Requires-Dist: drf-yasg[validation] (==1.20.0)
Requires-Dist: redis
Description-Content-Type: text/markdown

# drf-permission-rules
permission rules for DRF base on drf access policy

## Usage

### ViewSet permissions
```
class UserViewSet(ModelViewSet, PermissionsActionMixin):
    ...

    @action(methods=["GET", "POST"], detail=False)
    def some_action(self, request, *args, **kwargs):
        ...


GET /api/users/permissions
Response:
{
    "create": true,
    "list": true,
    "some_action": false
}
```

### Multiple ViewSet permissions

```
# views.py
class UserViewSet(ModelViewSet, PermissionsActionMixin):
    ...

class BookViewSet(ModelViewSet, PermissionsActionMixin):
    ...

class AuthorViewSet(ModelViewSet, PermissionsActionMixin):
    ...


# urls.py
urlpatterns = [
    ...
    path("api/", include("permission_rules.urls")),
]


GET /api/users/permissions
Response:
{
    "User": {
        "create": true
        "list": true,
        "some_action": false
    }
    "Book": {
        "create": true,
        "list": true
    },
    "Author": {
        "create": false,
        "list": true
    }
}
```


## Speedup

You can get permissions from a file instead of a database.

```
# settings.py


PERMISSION_RULES_SETTINGS = {
    "use_file_instead_db": true,
    "permission_rules_file_path": "/path/to/permissions.json"
}
```

