django-rules - Awesome Django authorization, without the database

  •        270

rules is a tiny but powerful app providing object-level permissions to Django, without requiring a database. At its core, it is a generic framework for building rule-based systems, similar to decision trees. It can also be used as a standalone library in other contexts and frameworks. rules requires Python 2.7/3.4 or newer. It can optionally integrate with Django, in which case requires Django 1.11 or newer.

https://github.com/dfunckt/django-rules

Tags
Implementation
License
Platform

   




Related Projects

declarative_authorization - An unmaintained authorization plugin for Rails

  •    Ruby

The declarative authorization plugin offers an authorization mechanism inspired by RBAC. The most notable distinction to other authorization plugins is the declarative approach. That is, authorization rules are not defined programmatically in between business logic but in an authorization configuration. With programmatic authorization rules, the developer needs to specify which roles are allowed to access a specific controller action or a part of a view, which is not DRY. With a growing application code base roles' permissions often change and new roles are introduced. Then, at several places of the source code the changes have to be implemented, possibly leading to omissions and thus hard to find errors. In these cases, a declarative approach as offered by decl_auth increases the development and maintenance efficiency.

django-rules

  •    Python

Flexible and scalable Django authorization backend for unified per object permission management

django-role-permissions - A django app for role based permissions.

  •    Python

django-role-permissions is a django app for role based permissions. It's built on top of django contrib.auth user Group and Permission functionalities and it does not add any other models to your project. django-role-permissions supports Django versions from 1.5 till the latest.

acl9 - Yet another role-based authorization system for Rails

  •    Ruby

Acl9 is a role-based authorization system that provides a concise DSL for securing your Rails application. Access control is pointless if you're not sure you've done it right. The fundamental goal of acl9 is to ensure that your rules are easy to understand and easy to test - in other words acl9 makes it easy to ensure you've got your permissions correct.

CslaGenFork

  •    

O/RM code generator for CSLA.NET 4.3 generating Stored Procedures, Business Layer and Data Access Layer code for Windows Forms, ASP.NET, WPF and Silverlight.


graphql-shield - πŸ›‘ A GraphQL tool to ease the creation of permission layer.

  •    TypeScript

GraphQL Shield helps you create a permission layer for your application. Using an intuitive rule-API, you'll gain the power of the shield engine on every request and reduce the load time of every request with smart caching. This way you can make sure your application will remain quick, and no internal data will be exposed. Try building a groceries shop to better understand the benefits of GraphQL Shield! Banana &Co. πŸπŸŒπŸ“.

mustbe - Authorization plumbing for NodeJS/ExpressJS/ConnectJS apps

  •    Javascript

MustBe is not a complete authorization framework, with roles and responsibilities and models and data access and everything that you need. Rather, it is the underlying plumbing that you need to secure your site. It allows you to fill in the necessary parts to manage data access, roles and users, and gives you the activity based plumbing to secure it all. MustBe is an authorization system - the part of a security system that decides whether or not you are allowed to do something. This is the second of authentication and authorization, where authentication simply determines who you are.

django-guardian - Implementation of per object permissions for Django 1.2+

  •    Python

Implementation of per object permissions for Django 1.2+

casbin-rs - An authorization library that supports access control models like ACL, RBAC, ABAC in Rust

  •    Rust

Casbin-RS is a powerful and efficient open-source access control library for Rust projects. It provides support for enforcing authorization based on various access control models. In casbin-rs, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models. For example, you can get RBAC roles and ABAC attributes together inside one model and share one set of policy rules.

django-river - Django workflow library supports on the fly changes.

  •    Python

River is a open source workflow system for Django which support on the fly changes on every item in workflow instead of hardcoding states and transitions. Main goal of developing this framework is to be able to edit any workflow item on the fly. This means, all elements in workflow like states, transitions, user authorizations(permission), group authorization are editable. To do this, all data about the workflow item is persisted into DB. Hence, they can be changed without touching the code and re-deploying your application.

Casbin

  •    CSharp

Casbin.NET is a powerful and efficient open-source access control library for .NET (C#) projects. It provides support for enforcing authorization based on various access control models. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models. For example, you can get RBAC roles and ABAC attributes together inside one model and share one set of policy rules.

django-guardian - Per object permissions for Django

  •    Python

Online documentation is available at https://django-guardian.readthedocs.io/. Travis CI tests on Django version 1.11, 2.0, and master.

Rules Engine

  •    

Rules Engine is a C# project that makes it easier for developers to define business rules on domain objects without coupling the domain object to the business rule. The rules engine supports cross-field validation and conditional validation. Rules are interface-based and are e...

Drools - Business Rules Management System

  •    Java

Drools is a Business Rules Management System (BRMS) solution. It provides a core Business Rules Engine (BRE), a web authoring and rules management application (Drools Workbench) and an Eclipse IDE plugin for core development. Drools Fusion provides complex event processing features.

aws-config-rules - [Node, Python, Java] Repository of sample Custom Rules for AWS Config.

  •    Python

AWS Community repository of custom Config rules. Here's the list. Contributions welcome. Instructions for leveraging these rules are below.With the latest release for AWS Config Rules (http://amzn.to/2aFZZw2), periodic rules can now be triggered without the need for a configuration snapshot. Please refer to http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules_nodejs-sample.html for an example of a periodic rule triggered via scheduled notification. This is now the recommended way to author a periodic rule. As such, we have moved all existing periodic rules in this repository that leverage the old configuration snapshot periodic trigger under the old-periodic/ directory.

tslint-eslint-rules - Improve your TSLint with the missing ESLint rules

  •    TypeScript

You can also add other tslint config packages to combine these rules with other custom community rules. In your tslint.json file, insert the rules as described below.

detection-rules - Rules for Elastic Security's detection engine

  •    Python

Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine. This repository was first announced on Elastic's blog post, Elastic Security opens public detection rules repo. For additional content, see the accompanying webinar, Elastic Security: Introducing the public repository for detection rules.

stylelint-order - A plugin pack of order related linting rules for stylelint.

  •    Javascript

A plugin pack of order related linting rules for stylelint. Every rule support autofixing (stylelint --fix). Add stylelint-order to your stylelint config plugins array, then add rules you need to the rules list. All rules from stylelint-order need to be namespaced with order.

django-sudo - Extra security for your sensitive pages

  •    Python

This is an implementation of GitHub's Sudo Mode for Django. django-sudo provides an extra layer of security for after a user is already logged in. Views can be decorated with @sudo_required, and then a user must re-enter their password to view that page. After verifying their password, that user has elevated permissions for the duration of SUDO_COOKIE_AGE. This duration is independent of the normal session duration allowing short elevated permission durations, but retain long user sessions.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.