An authorization library for Python.
Aims to provide the tools to organize, enforce and audit your authorization layer as easily as possible, letting you focus on the essential part: the actual rules.
For the full documentation, go here
from entitled import Policy, Client
# Some actors and resources of your application...
class User:
def __init__(self, id: int, role: str):
self.id: str = id
self.role: str = role
class Resource:
def __init__(self, id: int, user: User):
self.id: str = id
self.owner: User = user
my_policy = Policy[Resource]("resource") # Defining a policy for your resource
@my_policy.rule("edit")# Declaring a rule on the resource
def can_edit(
actor: User, resource: Resource, context = None
) -> bool:
return actor == resource.owner or actor.role == "admin"
client = Client()
client.register(my_policy) # Registering a policy
user1 = User(1, "user")
resource1 = Resource(1, user1)
if client.allows("edit", user1, resource1): # Using the client to make auth decisions
...
Since 1997, XEFI is a leader in IT performance support for small and medium-sized businesses through its nearly 200 local agencies based in France, Belgium, Switzerland and Spain. A one-stop shop for IT, office automation, software, digitalization, print and cloud needs. Want to work with us ?