CASL Django is an app that converts the usual Django permissions to CASL-Style rules.
CASL is an isomorphic authorization JavaScript library: https://github.com/stalniy/casl/
Having a rule called my_app.change_item, will generate a CASL rule:
{
subject: 'my_app/item',
action: 'change'
}
If you have more than one rule for the same subject, for example:
my_app.change_item
my_app.add_item
my_app.remove_item
This will generate:
{
subject: 'my_app/item',
actions: ['add', 'change', 'remove']
}
By default, the length for subject and action fields is 128 characters, you can increase the length of them by adding to your settings file:
CASL_DJANGO = {
'subject-length': 256,
'action-length': 256
}
Sometimes you'd like to have custom permissions for your users, given this, you can add to your user using the Permission's add_permission class method:
from casl_django.casl.permissions import Permissions
...
my_custom_permission = Permissions.create(subject="navigation", action="index")
...
Permissions.set_user_permission(user=user, permission=my_custom_permission)
Or you can import casl_django.models.UserPermission and create objects as desired.
Add "casl_django" to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [ ... 'casl_django', ]
- Run python manage.py migrate to create the models.
By default, your user object should contain a related relationship called casl_permissions. You can filter by permission__subject and permission__action and finally get the rules with the queryset method bundle().
This method it's included in the QuerySet's for UserPermissions (user.casl_permissions) and for CASLPermission (CASLPermission.objects).
This method returns a list like the following:
[
// These are regular django permissions transformed to CASL-Style rules
{'subject': 'products/item', actions: ['add', 'change']},
// These are CASLPermissions objects
{'subject': 'navigation', actions: ['index', 'products']}
]
The bundle consists in grouping same-subject rules and the actions, having less data to send over the wire.