Rule registry


The rule registry is in charge of keeping and executing security rules.

It is the core of this app, everything else is optionnal.

This module provides a variable, registry, which is just a module-level, default RuleRegistry instance.

A rule can be a callback or a variable that will be evaluated as bool.

class rules_light.registry.RuleRegistry[source]

Dict subclass to manage rules.

The standard logging logger instance to use.
as_text(user, name, *args, **kwargs)[source]

Format a rule to be human readable for logging

require(user, name, *args, **kwargs)[source]

Run a rule, raise rules_light.Denied if returned False.

Log denials with warn-level.

run(user, name, *args, **kwargs)[source]

Run a rule, return True if whatever it returns evaluates to True.

Also logs calls with the info-level.

rules_light.registry.require(user, name, *args, **kwargs)[source]

Proxy rules_light.registry.require()., name, *args, **kwargs)[source]



Check all apps in INSTALLED_APPS for stuff related to rules_light.

For each app, autodiscover imports app.rules_light_registry if available, resulting in execution of rules_light.registry[...] = ... statements in that module, filling registry.

Consider a standard app called ‘cities_light’ with such a structure:


With such a

import rules_light

rules_light.register('', True)
    lambda user, rulename, country: user.is_staff)

When autodiscover() imports cities_light.rules_light_registry, both ‘’ and ‘’ will be registered.


import rules_light

rules_light.registry[''] = True
rules_light.registry['auth.user.update'] = lambda user, *args: user.is_staff

Even django-rules-light’s view uses a permission, it is registered in rules_light/ and thus is picked up by rules_light.autodiscover():

from __future__ import unicode_literals

import rules_light

rules_light.registry[''] = rules_light.is_staff

Of course, you could use any callable instead of the lambda function.