PyCasbin 0.8.1

Policy

• Support domain parameters in get_roles() and get_users().

Bug Fix

• Fixed the error in the Policy that remove_policy() returns a value of None.

PyCasbin 0.8.0

RBAC API

• Implement the get_implicit_roles_for_user and get_implicit_permissions_for_user.
• Implement the add_role_for_user_in_domain and delete_roles_for_user_in_domain.

Policy

• Added remove_filtered_policy() to Policy.

Enforcement

• Improve the test code for api.

Bug Fix

• Fixed bugs in add/delete/has permission for user api.

PyCasbin 0.7.1

Bug Fix

• Change the class attributes in the Assertion to an object attributes. (Fixed #23)
• Modularize tests code. (Fixed #26)

PyCasbin 0.7.0

New

• Added the remove_policy function.
• Pre-compile regular expressions to save performance.
• Efficient implementation for array_remove_duplicates utility function.
• Optimized policy related code.

PyCasbin 0.6.1

Bug Fix

• Fix the bug that Casbin modified global logging settings (#17) .

PyCasbin 0.6.0

New

• Finish Management API.
• Add some RBAC API functions.

PyCasbin 0.5

New

• Added 'add_policy' api.

PyCasbin 0.4

New

• Added some management api.
• Added some rbac api.

PyCasbin 0.3

New

• Added SQLAlchemy Adapter

Fixed

• Fix logging problem when passing objects as parameters into enforce(). ( #9 )
• Fix for empty policy list ( #10 )

PyCasbin 0.2

PyCasbin is a powerful and efficient open-source access control library for Python projects. It provides support for enforcing authorization based on various access control models.

Features

What Casbin does:

1. enforce the policy in the classic {subject, object, action} form or a customized form as you defined, both allow and deny authorizations are supported.
2. handle the storage of the access control model and its policy.
3. manage the role-user mappings and role-role mappings (aka role hierarchy in RBAC).
4. support built-in superuser like root or administrator. A superuser can do anything without explict permissions.
5. multiple built-in operators to support the rule matching. For example, keyMatch can map a resource key /foo/bar to the pattern /foo*.

What Casbin does NOT do:

1. authentication (aka verify username and password when a user logs in)
2. manage the list of users or roles. I believe it's more convenient for the project itself to manage these entities. Users usually have their passwords, and Casbin is not designed as a password container. However, Casbin stores the user-role mapping for the RBAC scenario.