Rule
Missil main class. Works as a FastAPI dependency, so it can be injected in API routes.
missil.Rule
Bases: Depends
FastAPI dependency to set and endpoint-level access rule.
Grant or deny user access to an endpoint.
Access is granted through the verification of the business area and verification of the access level expressed in the jwt token captured by the declared TokenBearer object.
PARAMETER | DESCRIPTION |
---|---|
area |
Business area name, like 'financial' or 'human resources'.
TYPE:
|
level |
Access level: READ = 0 / WRITE = 1.
TYPE:
|
bearer |
JWT token source source. See Bearers module.
TYPE:
|
use_cache |
FastAPI Depends class parameter, by default True.
TYPE:
|
Source code in missil/rules.py
Make Rule
:: missil.make_rule
Make Rules
missil.make_rules
Create a Missil ruleset, conveniently.
A ruleset is a simple mapping bearing endpoint-appliable rule bearers
Given a token source (see Bearers module) and some business area names, like "it", "finances", "hr", this function will return something lile the following:
So, one can pass like a FastAPI dependency, as shown in the following example:
@app.get("/items/{item_id}", dependencies=[rules["finances"].READ])
def read_item(item_id: int, q: Union[str, None] = None): ...
See the sample API (sample/main.py) to a folly working usage example.
PARAMETER | DESCRIPTION |
---|---|
bearer |
JWT token source source. See Bearers module.
TYPE:
|
RETURNS | DESCRIPTION |
---|---|
dict[str, Area]
|
Dict containing endpoint-appliable rules. |