django-rbac 0.9

Role-based Access Control (RBAC) implementation for management of permissions in Django

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!
send us
an update
Other/Proprietary License
Hector Garcia
ROOT \ Internet \ HTTP (WWW)
The following elements conform a RBAC permission in django-rbac:

1. The owner: The proprietary of either the object being accessed or the permission rule itself, e.g. a site user or a community administrator. 3. The object: The element being accessed on which the permission is being checked upon, e.g. a profile or photo album. 3. The operation: The action requested, e.g. display, create, delete, show birth date, send message or request friendship. 4. The roles: Define who are the requesting users in relation to the owner or the object, e.g anonymous, friend, family, coworker, or roommate.

This is best explained with a simple example:

* User Fritz wants to see Mr. Natural's profile. Thus, Fritz (subject) requests permission to access (operation) the profile (object) of Mr. Natural (owner).
* Fritz is an 'anonymous' user (role), a role that everybody holds initially in the system. As Fritz and Mr. Natural are friends, the role 'friend' is appended to the roles. So we have a role list containing 'anonymous' and 'friend'.
* The privacy framework performs its magic to pull an answer: has Fritz permission to access this profile?
 o For the 'anonymous' role, the system denies the access.
 o For the 'friend' role the access is granted, as Mr. Natural had set access only to friends to his profile.

* Access is granted, so Fritz can go ahead and view all the stuff.

Permissions can be assigned to either a single object ("per-object permission" category, also known as "granular permissions" or "row level permissions") like in the example above, or to all objects of the same model class. For this reason, django-rbac implements two classes respectively: RBACPermission and RBACGenericPermission.

Last updated on April 2nd, 2010


#Access Control #permissions management #Django plugin #Django #permissions #management #access

Add your review!