django-entity-rbac is an implementation of Entity-Relationship-based Access Control for Django.
This project attempts to satisfy the follow requirements:
- Table-less role assignment
- Elimination of the role explosion problem
- Hierarchical object graphs
- Row-level access control
django-entity-rbac is currently under heavy development.
Minkyo Seo (@0xsaika), Jinoh Kang (@iamahuman)
Compatible with Django 3.x.
pip install django-entity-rbac
See roletestapp
TODO
- Release unstable API (v0.1) as proof-of-concept (kudos to Jinoh)
- Improve API usability
- Redesign internal APIs
- Add separate permission spec classes for compose-able role declaration
- Replace bit fields with something less error-prone and foolproof
- Release stable v1
django-entity-rbac is licensed under the MIT license.