Rule registry¶
API¶
The rule registry is in charge of keeping and executing security rules.
It is the core of this app, everything else is optionnal.
This module provides a variable, registry
, which is just a module-level,
default RuleRegistry instance.
A rule can be a callback or a variable that will be evaluated as bool.
-
class
rules_light.registry.
RuleRegistry
[source]¶ Dict subclass to manage rules.
- logger
- The standard logging logger instance to use.
-
rules_light.registry.
require
(user, name, *args, **kwargs)[source]¶ Proxy
rules_light.registry.require()
.
-
rules_light.registry.
autodiscover
()[source]¶ Check all apps in INSTALLED_APPS for stuff related to rules_light.
For each app, autodiscover imports
app.rules_light_registry
if available, resulting in execution ofrules_light.registry[...] = ...
statements in that module, filling registry.Consider a standard app called ‘cities_light’ with such a structure:
cities_light/ __init__.py models.py urls.py views.py rules_light_registry.py
With such a rules_light_registry.py:
import rules_light rules_light.register('cities_light.city.read', True) rules_light.register('cities_light.city.update', lambda user, rulename, country: user.is_staff)
When autodiscover() imports cities_light.rules_light_registry, both ‘cities_light.city.read’ and ‘cities_light.city.update’ will be registered.
Examples¶
import rules_light
rules_light.registry['auth.user.read'] = True
rules_light.registry['auth.user.update'] = lambda user, *args: user.is_staff
Even django-rules-light’s view uses a permission, it is registered in
rules_light/rules_light_registry.py
and thus is picked up by
rules_light.autodiscover()
:
from __future__ import unicode_literals
import rules_light
rules_light.registry['rules_light.rule.read'] = rules_light.is_staff
Of course, you could use any callable instead of the lambda function.