Metadata-Version: 2.1
Name: django-cancan
Version: 0.0.1
Summary: Authorization library for Django
Home-page: https://github.com/pgorecki/django-cancan
Author: Przemysław Górecki
Author-email: przemyslaw.gorecki@gmail.com
License: BSD-3-Clause  # Example license
Platform: UNKNOWN
Classifier: Development Status :: 2 - Pre-Alpha
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Framework :: Django :: 2.2
Classifier: Framework :: Django :: 3.0
Classifier: Framework :: Django :: 3.1
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Topic :: Internet :: WWW/HTTP
Requires-Python: >=3.6
Description-Content-Type: text/markdown

# django-cancango

`django-cancango` is an authorization library for Django. It works on top of default Django permissions and allows to restrict the resources (models and objects) a given user can access.

This library is inspiered by `cancancan` for Ruby on Rails.

## Quick start

1. Add `cancango` to your `INSTALLED_APPS` setting like this:

```python
INSTALLED_APPS = [
    ...,
    'cancango',
]
```

2. Create a function that define user abilites. For example, in `abilities.py`:

```python
def declare_abilities(user, ability):
    if not user.is_authenticated:
        # Allow anonymous users to view published articles
        return ability.can('view', Article, published=True)

    if user.has_perm('article.view_own_article'):
        # Allow logged in user to change his articles
        return ability.can('change', Article, author=user)

    if user.is_superuser:
        # Allow superuser change all articles
        return ability.can('change', Article)
```

3. Configure `cancango` by adding `CANCANGO` section in `settings.py`:

```python
CANCANGO = {
    'ABILITIES': 'myapp.abilities.declare_abilities'
}
```

Next, add `cancango` middleware after `AuthenticationMiddleware`:

```python
MIDDLEWARE = [
    ...
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'cancango.middleware.CanCanGoMiddleware',
    ...
]
```

Adding the middleware adds `request.user.can(...)` function that you can use
to check for model or object permissions.

4. Check abilities in a view:

```python
class ArticleDetailView(PermissionRequiredMixin, DetailView):
    queryset = TodoItem.objects.all()

    def has_permission(self):
        article = self.get_object()
        return self.request.user.can('view', article)
```

## Testing

Run `./manage.py test` to run all test for the `testapp`


