I'm looking for a role-based framework/module/package for an app written in Python (2.7) running on Google App Engine.
With role-based I mean a mechanism that would allow me to check (during a request processing most of the time) whether a certain user is able to perform a specific action.
A couple use cases:
I'm imagining something like
user_a.is_able_to('read', user_b) # -> True of False
or
user_a.authorize('update', user_b) # raises an exception if 'not allowed to'
So far I've only seen acl.py from tipfy. Looks quite simple and pretty much close to what I'm looking for. I'm wondering whether there's something similar to that acl.py, preferably implemented using NDB.
Web2py contains role based access control which I believe works on GAE. This is documented here:
http://web2py.com/books/default/chapter/29/9
You may be able to fork the auth module and mod it for your purposes. I know people have done this with other parts of web2py such as the DAL.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With