# mixed-access-control

**Repository Path**: tizzybec/mixed-access-control

## Basic Information

- **Project Name**: mixed-access-control
- **Description**: mixed access control
- **Primary Language**: Python
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2018-05-30
- **Last Updated**: 2020-12-19

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# mixed-access-control

## introduction

a mixed access control library based on flask-principal

## features

- action/action with data/role support
- action with data can downgrade to general action
- convenient addition roles loading
- convenient action data loading
- use the same signal mechanism as flask
- convenient integration with already exist system

## example

```python
from mixed_access_control import \
    MixedAccessControl, loading_addition_roles, loading_addition_action, loading_action_values

app = Flask(__name__)

app.ac = MixedAccessControl(app)

app.ac.register_action(['project_edit', 'project_view'])

app.ac.register_value_action(['project_edit_'], 'project_edit')
app.ac.register_value_action(['project_view_'], 'project_view')

@loading_addition_roles.connect_via(app)
def on_loading_addtion_roles(sender, roles: set):
    # add roles related to the user
    roles.add('project_manager')
    
@loading_addition_action.connect_via(app)
def on_loading_addition_action(sender, actions: set):
    actions.add('project_view')
    actions.add('B_PROJECT_NUM')
        
@loading_action_values.connect_via(app)
def on_loading_action_values(sender, action: str, values: set):
    if action == 'project_edit_':
        values.add('P1B')
        values.add('P2B')
        
permission = app.ac.make_permission(('project_edit_', 'P1B'))

if permission.can():
    ...do some thing...      
        
# can access by who has access to project P1B or has a general permission 'project_edit'
@app.route('/project/edit/<project_num>')
def do_edit_project(project_num):
    if permission.can():
        return 'ok', 200
    else:
        return 'only if you are an admin', 401
        
general_permission = app.ac.make_permission(('project_edit', ))

# can access by who has general project edit permission
@app.route('/project/edit/<project_num>')
def do_edit_project(project_num):
    if general_permission.can():
        return 'ok', 200
    else:
        return 'only if you are an admin', 401

```

## contact

author: tizzybec

email: tizzybec@outlook.com

gitee: tizzybec