Casbin role watcher to be used for monitoring updates to policies for PyCasbin
Project description
postgresql-watcher
Casbin watcher based on PostgreSQL for monitoring updates to casbin policies.
Installation
pip install casbin-postgresql-watcher
Basic Usage Example
from flask_authz import CasbinEnforcer
from postgresql_watcher import PostgresqlWatcher
from flask import Flask
from casbin.persist.adapters import FileAdapter
casbin_enforcer = CasbinEnforcer(app, adapter)
watcher = PostgresqlWatcher(host=HOST, port=PORT, user=USER, password=PASSWORD, dbname=DBNAME)
watcher.set_update_callback(casbin_enforcer.load_policy)
casbin_enforcer.set_watcher(watcher)
# Call should_reload before every call of enforce to make sure
# the policy is update to date
watcher.should_reload()
if casbin_enforcer.enforce("alice", "data1", "read"):
# permit alice to read data1
pass
else:
# deny the request, show an error
pass
alternatively, if you need more control
from flask_authz import CasbinEnforcer
from postgresql_watcher import PostgresqlWatcher
from flask import Flask
from casbin.persist.adapters import FileAdapter
casbin_enforcer = CasbinEnforcer(app, adapter)
watcher = PostgresqlWatcher(host=HOST, port=PORT, user=USER, password=PASSWORD, dbname=DBNAME)
casbin_enforcer.set_watcher(watcher)
# Call should_reload before every call of enforce to make sure
# the policy is update to date
if watcher.should_reload():
casbin_enforcer.load_policy()
if casbin_enforcer.enforce("alice", "data1", "read"):
# permit alice to read data1
pass
else:
# deny the request, show an error
pass
Basic Usage Example With SSL Enabled
See PostgresQL documentation for full details of SSL parameters.
...
watcher = PostgresqlWatcher(host=HOST, port=PORT, user=USER, password=PASSWORD, dbname=DBNAME, sslmode="verify_full", sslcert=SSLCERT, sslrootcert=SSLROOTCERT, sslkey=SSLKEY)
...
Django setup with casbin django orm adapter
Enforcer and Watcher setup
# settings.py
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
INSTALLED_APPS += [
'casbin_adapter.apps.CasbinAdapterConfig',
]
CASBIN_MODEL = os.path.join(BASE_DIR, 'casbin.conf')
from postgresql_watcher.watcher import PostgresqlWatcher
from casbin_adapter.enforcer import enforcer
watcher = PostgresqlWatcher(host=BANK_CONNECT_APIS_PG_HOST_URL, port=BANK_CONNECT_APIS_PG_PORT,
user=BANK_CONNECT_APIS_PG_USER, password=BANK_CONNECT_APIS_PG_PASSWORD, dbname=BANK_CONNECT_APIS_PG_DBNAME)
def update_enforcer():
print("before loading policy", enforcer)
enforcer.load_policy()
watcher.set_update_callback(update_enforcer)
CASBIN_WATCHER = watcher
Usage of enforcer
#views.py or any other file
from casbin_adapter.enforcer import enforcer
roles = enforcer.get_filtered_named_grouping_policy("g", 1, str(member_id))
Reload Casbin enforcer
In current setup enforcer does not automatically refresh in memory data, we can call watcher.should_reload() before every data access from enforcer.
from setting import watcher
watcher.should_reload()
If there are any changes in db this call will refresh in memory data from database
For automatic reloading of data, parent process need to poll child process for messages and call should_reload function if there is any message in pipe between child and parent process
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file casbin_postgresql_watcher-1.2.0.tar.gz
.
File metadata
- Download URL: casbin_postgresql_watcher-1.2.0.tar.gz
- Upload date:
- Size: 10.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4ef1a73238cc93163589c35dc4aad4fbd63e7b1f3caa1945fcea5c3bc31fbfa4 |
|
MD5 | b9dccafe4608a94d10cfedbf76a58979 |
|
BLAKE2b-256 | 5250ce576300cbacd0807a76fc4755dde73b5e72bbe89e03fbf0c7cc6677d1ef |
File details
Details for the file casbin_postgresql_watcher-1.2.0-py2.py3-none-any.whl
.
File metadata
- Download URL: casbin_postgresql_watcher-1.2.0-py2.py3-none-any.whl
- Upload date:
- Size: 11.0 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6af3b1af9629cfb063bc700947c251cc28a59bfe96651afc2d94510ca82cfa78 |
|
MD5 | 9a1e8050fcc4e3c8c268645974f6c686 |
|
BLAKE2b-256 | b78100c1b6e49a96e080a6ed7fe67a242cbbdf48426dd4f106c8fb123ecd3ea0 |