Permission system inspired by DRF
Install the latest release:
$ pip3 install django-graphene-permissionsOr using pipenv
$ pipenv install django-graphene-permissionsYou can create new permissions by subclassing BasePermission e.g.
from django_graphene_permissions.permissions import BasePermission
class MyPermission(BasePermission):
@staticmethod
def has_permission(context):
return context.user and context.user.is_authenticated
@staticmethod
def has_object_permission(context, obj):
return True
This package provides predefined permissions :
AllowAny: Allow any access.IsAuthenticated: Allow only authenticated users.
Subclass PermissionDjangoObjectType and define the permissions via the static method permission_classes that should return an iterable of permission classes
from django_graphene_permissions import PermissionDjangoObjectType
from django_graphene_permissions.permissions import IsAuthenticated
class ExampleNode(PermissionDjangoObjectType):
class Meta:
model = Example
interfaces = (relay.Node,)
@staticmethod
def permission_classes():
return [IsAuthenticated]Apply the permissions_checker([Permission,...]) decorator to mutate e.g.
from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated
class ExampleDeleteMutation(graphene.Mutation):
ok = graphene.Boolean()
class Arguments:
id = graphene.ID()
@permissions_checker([IsAuthenticated])
def mutate(self, info, id):
instance = get_instance(id)
instance.delete()
return ExampleDeleteMutation(ok=True)Apply the permissions_checker([Permission,...]) decorator to the field resolver e.g.
from django_graphene_permissions import permissions_checker
from django_graphene_permissions.permissions import IsAuthenticated
class Query(graphene.ObjectType):
post = relay.Node.Field(PostNode)
posts = DjangoFilterConnectionField(PostNode)
@permissions_checker([IsAuthenticated])
def resolve_posts(self, info, **kwargs):
return Post.objects.all()- Improvements
- Tests
- Add a
PermissionDjangoFilterConnectionField - Better docs