diff options
Diffstat (limited to 'python-graphene-permissions.spec')
| -rw-r--r-- | python-graphene-permissions.spec | 519 |
1 files changed, 519 insertions, 0 deletions
diff --git a/python-graphene-permissions.spec b/python-graphene-permissions.spec new file mode 100644 index 0000000..1d0b8f5 --- /dev/null +++ b/python-graphene-permissions.spec @@ -0,0 +1,519 @@ +%global _empty_manifest_terminate_build 0 +Name: python-graphene-permissions +Version: 1.1.4 +Release: 1 +Summary: Simple graphene-django permission system. +License: MIT +URL: https://github.com/redzej/graphene-permissions +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/26/57/220693c946361eaf3683dc217bc680bd63dd574ae1cf0dff69f40cd48a83/graphene-permissions-1.1.4.tar.gz +BuildArch: noarch + +Requires: python3-django-filter +Requires: python3-graphene +Requires: python3-graphene-django + +%description +# graphene-permissions + +**Permission system for graphene-django apps.** + +[](https://travis-ci.org/redzej/graphene-permissions) +[](https://badge.fury.io/py/graphene-permissions) +[](https://www.python.org/downloads/release/python-360/) +[](https://codecov.io/gh/redzej/graphene-permissions) +[](https://codeclimate.com/github/redzej/graphene-permissions/maintainability) + + +## Overview + +DRF-inspired permission system based on classes for graphene-django. Allows easy customization of permission classes for +for queries and mutations. + + +## Requirements + +* Python 3.5+ +* Django 2.0+ +* graphene-django 2.0+ + +## Installation + +Install using pip: + +```commandline +pip install graphene-permissions +``` + +## Example + +To enforce permission system, add appropriate mixin and set attribute `permission_classes`. + + +```python +### models.py +from django.db import models + + +class Pet(models.Model): + name = models.CharField(max_length=32) + race = models.CharField(max_length=64) +``` +```python +### schema.py +from graphene import relay +from graphene_django import DjangoObjectType +from graphene_permissions.mixins import AuthNode +from graphene_permissions.permissions import AllowAuthenticated + + +class PetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) +``` + +## Docs + +### Setting up permission check +For queries use `AuthNode` mixin and inherite from `AuthFilter` class. +```python +class AllowAuthenticatedPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) + + +class AllowAuthenticatedFilter(AuthFilter): + permission_classes = (AllowAuthenticated,) + + +class PetsQuery: + user_pet = relay.Node.Field(AllowAuthenticatedPetNode) + all_user_pets = AllowAuthenticatedFilter(AllowAuthenticatedPetNode) +``` + +For mutations use `AuthMutation` mixin. +```python +class AuthenticatedAddPet(AuthMutation, ClientIDMutation): + permission_classes = (AllowAuthenticated,) + pet = graphene.Field(AllowAuthenticatedPetNode) + + class Input: + name = graphene.String() + race = graphene.String() + owner = graphene.ID() + + @classmethod + def mutate_and_get_payload(cls, root, info, **input): + if cls.has_permission(root, info, input): + owner = User.objects.get(pk=from_global_id(input['owner'])[1]) + pet = Pet.objects.create(name=input['name'], race=input['race'], owner=owner) + return AuthenticatedAddPet(pet=pet) + return AuthenticatedAddPet(pet=None) + + +class PetsMutation: + authenticated_add_pet = AuthenticatedAddPet.Field() +``` + +### Customizing permission classes +Default permission classes are: `AllowAny`, `AllowAuthenticated`, `AllowStaff`. +You can set up equal permission for both queries and mutations with one class, simply subclass one of these classes +and to limit access for given object, override appropriate method. Remember to return `true` if user should be given +access and `false`, if denied. + +```python +class AllowMutationForStaff(AllowAuthenticated): + @staticmethod + def has_node_permission(info, id): + # logic here + # return boolean + + @staticmethod + def has_mutation_permission(root, info, input): + if info.request.user.is_staff: + return True + return False + + @staticmethod + def has_filter_permission(info): + # logic here + # return boolean +``` + +### Multiple permissions +You can set up multiple permissions checks, simply adding more classes. Permission is evaluated for every class. +If one of the checks fails, access is denied. + +```python +class CustomPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated, AllowStaff, AllowCustom) + + class Meta: + model = Pet + interfaces = (relay.Node,) +``` + + + + +%package -n python3-graphene-permissions +Summary: Simple graphene-django permission system. +Provides: python-graphene-permissions +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-graphene-permissions +# graphene-permissions + +**Permission system for graphene-django apps.** + +[](https://travis-ci.org/redzej/graphene-permissions) +[](https://badge.fury.io/py/graphene-permissions) +[](https://www.python.org/downloads/release/python-360/) +[](https://codecov.io/gh/redzej/graphene-permissions) +[](https://codeclimate.com/github/redzej/graphene-permissions/maintainability) + + +## Overview + +DRF-inspired permission system based on classes for graphene-django. Allows easy customization of permission classes for +for queries and mutations. + + +## Requirements + +* Python 3.5+ +* Django 2.0+ +* graphene-django 2.0+ + +## Installation + +Install using pip: + +```commandline +pip install graphene-permissions +``` + +## Example + +To enforce permission system, add appropriate mixin and set attribute `permission_classes`. + + +```python +### models.py +from django.db import models + + +class Pet(models.Model): + name = models.CharField(max_length=32) + race = models.CharField(max_length=64) +``` +```python +### schema.py +from graphene import relay +from graphene_django import DjangoObjectType +from graphene_permissions.mixins import AuthNode +from graphene_permissions.permissions import AllowAuthenticated + + +class PetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) +``` + +## Docs + +### Setting up permission check +For queries use `AuthNode` mixin and inherite from `AuthFilter` class. +```python +class AllowAuthenticatedPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) + + +class AllowAuthenticatedFilter(AuthFilter): + permission_classes = (AllowAuthenticated,) + + +class PetsQuery: + user_pet = relay.Node.Field(AllowAuthenticatedPetNode) + all_user_pets = AllowAuthenticatedFilter(AllowAuthenticatedPetNode) +``` + +For mutations use `AuthMutation` mixin. +```python +class AuthenticatedAddPet(AuthMutation, ClientIDMutation): + permission_classes = (AllowAuthenticated,) + pet = graphene.Field(AllowAuthenticatedPetNode) + + class Input: + name = graphene.String() + race = graphene.String() + owner = graphene.ID() + + @classmethod + def mutate_and_get_payload(cls, root, info, **input): + if cls.has_permission(root, info, input): + owner = User.objects.get(pk=from_global_id(input['owner'])[1]) + pet = Pet.objects.create(name=input['name'], race=input['race'], owner=owner) + return AuthenticatedAddPet(pet=pet) + return AuthenticatedAddPet(pet=None) + + +class PetsMutation: + authenticated_add_pet = AuthenticatedAddPet.Field() +``` + +### Customizing permission classes +Default permission classes are: `AllowAny`, `AllowAuthenticated`, `AllowStaff`. +You can set up equal permission for both queries and mutations with one class, simply subclass one of these classes +and to limit access for given object, override appropriate method. Remember to return `true` if user should be given +access and `false`, if denied. + +```python +class AllowMutationForStaff(AllowAuthenticated): + @staticmethod + def has_node_permission(info, id): + # logic here + # return boolean + + @staticmethod + def has_mutation_permission(root, info, input): + if info.request.user.is_staff: + return True + return False + + @staticmethod + def has_filter_permission(info): + # logic here + # return boolean +``` + +### Multiple permissions +You can set up multiple permissions checks, simply adding more classes. Permission is evaluated for every class. +If one of the checks fails, access is denied. + +```python +class CustomPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated, AllowStaff, AllowCustom) + + class Meta: + model = Pet + interfaces = (relay.Node,) +``` + + + + +%package help +Summary: Development documents and examples for graphene-permissions +Provides: python3-graphene-permissions-doc +%description help +# graphene-permissions + +**Permission system for graphene-django apps.** + +[](https://travis-ci.org/redzej/graphene-permissions) +[](https://badge.fury.io/py/graphene-permissions) +[](https://www.python.org/downloads/release/python-360/) +[](https://codecov.io/gh/redzej/graphene-permissions) +[](https://codeclimate.com/github/redzej/graphene-permissions/maintainability) + + +## Overview + +DRF-inspired permission system based on classes for graphene-django. Allows easy customization of permission classes for +for queries and mutations. + + +## Requirements + +* Python 3.5+ +* Django 2.0+ +* graphene-django 2.0+ + +## Installation + +Install using pip: + +```commandline +pip install graphene-permissions +``` + +## Example + +To enforce permission system, add appropriate mixin and set attribute `permission_classes`. + + +```python +### models.py +from django.db import models + + +class Pet(models.Model): + name = models.CharField(max_length=32) + race = models.CharField(max_length=64) +``` +```python +### schema.py +from graphene import relay +from graphene_django import DjangoObjectType +from graphene_permissions.mixins import AuthNode +from graphene_permissions.permissions import AllowAuthenticated + + +class PetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) +``` + +## Docs + +### Setting up permission check +For queries use `AuthNode` mixin and inherite from `AuthFilter` class. +```python +class AllowAuthenticatedPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated,) + + class Meta: + model = Pet + filter_fields = ('name',) + interfaces = (relay.Node,) + + +class AllowAuthenticatedFilter(AuthFilter): + permission_classes = (AllowAuthenticated,) + + +class PetsQuery: + user_pet = relay.Node.Field(AllowAuthenticatedPetNode) + all_user_pets = AllowAuthenticatedFilter(AllowAuthenticatedPetNode) +``` + +For mutations use `AuthMutation` mixin. +```python +class AuthenticatedAddPet(AuthMutation, ClientIDMutation): + permission_classes = (AllowAuthenticated,) + pet = graphene.Field(AllowAuthenticatedPetNode) + + class Input: + name = graphene.String() + race = graphene.String() + owner = graphene.ID() + + @classmethod + def mutate_and_get_payload(cls, root, info, **input): + if cls.has_permission(root, info, input): + owner = User.objects.get(pk=from_global_id(input['owner'])[1]) + pet = Pet.objects.create(name=input['name'], race=input['race'], owner=owner) + return AuthenticatedAddPet(pet=pet) + return AuthenticatedAddPet(pet=None) + + +class PetsMutation: + authenticated_add_pet = AuthenticatedAddPet.Field() +``` + +### Customizing permission classes +Default permission classes are: `AllowAny`, `AllowAuthenticated`, `AllowStaff`. +You can set up equal permission for both queries and mutations with one class, simply subclass one of these classes +and to limit access for given object, override appropriate method. Remember to return `true` if user should be given +access and `false`, if denied. + +```python +class AllowMutationForStaff(AllowAuthenticated): + @staticmethod + def has_node_permission(info, id): + # logic here + # return boolean + + @staticmethod + def has_mutation_permission(root, info, input): + if info.request.user.is_staff: + return True + return False + + @staticmethod + def has_filter_permission(info): + # logic here + # return boolean +``` + +### Multiple permissions +You can set up multiple permissions checks, simply adding more classes. Permission is evaluated for every class. +If one of the checks fails, access is denied. + +```python +class CustomPetNode(AuthNode, DjangoObjectType): + permission_classes = (AllowAuthenticated, AllowStaff, AllowCustom) + + class Meta: + model = Pet + interfaces = (relay.Node,) +``` + + + + +%prep +%autosetup -n graphene-permissions-1.1.4 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-graphene-permissions -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Mon May 15 2023 Python_Bot <Python_Bot@openeuler.org> - 1.1.4-1 +- Package Spec generated |