python group/user management packages


Question

I was looking for python user/group management package.(Creation of user group and adding/removing members to that group) I found flask_dashed.

     https://github.com/jeanphix/Flask-Dashed/ 

It more or less what I was looking for. But It supports only one user to add/remove groups. Does any one know what are the other such similar packages available in python-flask world?

1
4
5/1/2013 6:04:00 AM

Accepted Answer

I literally just did this myself yesterday. I did it with a combination of

Flask-Login
Flask-Principal
Flask-SQLAlchemy

Basically the way it works is like this. Flask-Login is used for user authentication. On successful login, a signal is sent that you can intercept / use to add permissions

@identity_loaded.connect_via(app)
def on_identity_loaded(sender, identity):
    # Set the identity user object
    current_user = session.get('user', False)
    if not current_user:
        return False
    identity.user = current_user

    # Add the UserNeed to the identity
    if hasattr(current_user, 'id'):
        identity.provides.add(UserNeed(current_user.id))

    # Assuming the User model has a list of groups, update the
    # identity with the groups that the user provides
    if hasattr(current_user, 'groups'):
        groups = user.Group.query.filter(user.Group.users.any(id=current_user.id)).all()
        for group in groups:
            identity.provides.add(RoleNeed(group.name))

The models for the user and group look like this:

groups = db.Table('groups',
    db.Column('user_id', db.Integer, db.ForeignKey('user.id')),
    db.Column('group_id', db.Integer, db.ForeignKey('group.id'))
)

group_to_group = db.Table('group_to_group',
    db.Column('parent_id', db.Integer, db.ForeignKey('group.id'), primary_key=True),
    db.Column('child_id', db.Integer, db.ForeignKey('group.id'), primary_key=True)
)

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(64), unique=True)
    email = db.Column(db.String(120), unique=True)
    display_name = db.Column(db.String(120))
    created_at = db.Column(db.DateTime)
    last_login = db.Column(db.DateTime, default=db.func.now())

    def __init__(self, name, email, display_name):
        self.name = name
        self.email = email
        self.display_name = display_name
        self.created_at = datetime.datetime.now()
        self.order_by = User.display_name

    def is_authenticated(self):
        return True

    def is_active(self):
        return True

    def is_anonymous(self):
        return False

    def get_id(self):
        return unicode(self.id)

    def __repr__(self):
        return self.display_name


class Group(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(64))
    users = db.relationship('User', 
                            secondary=groups,
                            backref=db.backref('groups',
                                               lazy='dynamic',
                                               order_by=name
                            )
    )
    parents = db.relationship('Group',
                              secondary=group_to_group, 
                              primaryjoin=id==group_to_group.c.parent_id,  
                              secondaryjoin=id==group_to_group.c.child_id, 
                              backref="children",
                              remote_side=[group_to_group.c.parent_id])

    def __repr__(self):
        return self.name

Then, it is just a matter of rolling some CRUD pages to take care of administering the groups.

I then set up some logic to create Principal Roles based on my group names so each new group is available.

When you want to restrict access to something, you just do it like...

@NameOfYourRole.require(http_exception=403)
@route("/something/special/people/can/do")
def super_cool(...):
9
5/1/2013 6:15:54 AM

Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Icon