drf-iam 0.2.3__py3-none-any.whl → 0.2.4__py3-none-any.whl

drf_iam/apps.py

@@ -1,19 +1,75 @@
+"""Configuration for the drf_iam Django app."""
+
 import logging
 
 from django.apps import AppConfig
+from django.conf import settings
 from django.db.models.signals import post_migrate
 
-logger = logging.getLogger(__name__)
+# Attempt to use the colorful logger setup, fallback to standard logger
+try:
+    from drf_iam.utils.logging_utils import setup_colorful_logger
+    logger = setup_colorful_logger(__name__)
+except ImportError:
+    logger = logging.getLogger(__name__)
+    # Basic configuration if colorful logger isn't available or during early app loading
+    if not logger.handlers:
+        handler = logging.StreamHandler()
+        formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+        handler.setFormatter(formatter)
+        logger.addHandler(handler)
+        logger.setLevel(logging.INFO) # Default level
+
 
 class DrfIamConfig(AppConfig):
+    """Django AppConfig for drf_iam."""
     default_auto_field = "django.db.models.BigAutoField"
     name = "drf_iam"
+    verbose_name = "DRF IAM"
+
+    _already_run_ready = False # Class attribute to track if ready() logic has run
+
+    def ready(self) -> None:
+        """Performs initialization tasks when the app is ready.
+
+        Connects the permission loading utility to the post_migrate signal
+        if DRF_IAM_AUTO_LOAD_PERMISSIONS setting is True.
+        Ensures this setup runs only once.
+        """
+        if DrfIamConfig._already_run_ready:
+            return
 
-    def ready(self):
-        if not hasattr(self, 'already_loaded'):
+        # Check Django settings for whether to auto-load permissions
+        auto_load_enabled = getattr(settings, 'DRF_IAM_AUTO_LOAD_PERMISSIONS', True)
+
+        if auto_load_enabled:
             from drf_iam.utils.load_viewset_permissions import load_permissions_from_urls
+
+            def _robust_load_permissions(sender: AppConfig, **kwargs: Any) -> None:
+                """Signal receiver to load permissions, with error handling."""
+                try:
+                    logger.info("🚀 Attempting to load/synchronize DRF-IAM permissions post-migrate...")
+                    load_permissions_from_urls()
+                    logger.info("🎉 Successfully loaded/synchronized DRF-IAM permissions.")
+                except Exception as e:
+                    logger.error(
+                        f"❌ Error during DRF-IAM permission loading post-migrate: {e}",
+                        exc_info=True
+                    )
+                    # Decide if you want to re-raise. For post_migrate, often it's better
+                    # to log and continue, rather than breaking the migration process.
+
             post_migrate.connect(
-                load_permissions_from_urls,
-                dispatch_uid="drf_iam.utils.load_permissions_from_urls",
+                _robust_load_permissions,
+                sender=self, # Connect to migrations for this app only
+                dispatch_uid="drf_iam.utils._robust_load_permissions",
+            )
+            logger.info(
+                f"{self.verbose_name}: 🔌 Permission auto-loading signal connected (DRF_IAM_AUTO_LOAD_PERMISSIONS=True)."
+            )
+        else:
+            logger.info(
+                f"{self.verbose_name}: 🚫 Permission auto-loading disabled via DRF_IAM_AUTO_LOAD_PERMISSIONS setting."
             )
-            self.already_loaded = True
+        
+        DrfIamConfig._already_run_ready = True

drf_iam/decorators.py

@@ -0,0 +1,27 @@
+import functools
+
+def action_permissions_config(policy_name=None,policy_description=None,exclude_from_iam=False):
+    """
+    A decorator for viewset actions to attach custom arguments and keyword arguments.
+    This data can be retrieved by permission-loading utilities to implement custom logic.
+
+    Usage:
+        from drf_iam.decorators import action_permissions_config
+
+        class MyViewSet(ViewSet):
+            @action_permissions_config('can_read_special_data', project_level=True)
+            def my_action(self, request):
+                # ...
+                pass
+    """
+    def decorator(func_to_decorate):
+        @functools.wraps(func_to_decorate)
+        def wrapper_func(*view_args, **view_kwargs):
+            return func_to_decorate(*view_args, **view_kwargs)
+
+        setattr(wrapper_func, 'policy_name', policy_name)
+        setattr(wrapper_func, 'exclude_from_iam', exclude_from_iam)
+        setattr(wrapper_func, 'policy_description', policy_description)
+        
+        return wrapper_func
+    return decorator

drf_iam/migrations/0002_add_policy_name.py

@@ -0,0 +1,16 @@
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("drf_iam", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="policy",
+            name="policy_name",
+            field=models.CharField(blank=True, max_length=100, null=True),
+        ),
+    ]

drf_iam/utils/load_viewset_permissions.py

@@ -1,69 +1,253 @@
 import inspect
+import logging
+from dataclasses import dataclass
+from typing import List, Dict, Any, Set, Tuple, Iterator, Type, Optional
 
-from django.template.base import kwarg_re
-from django.urls.resolvers import URLPattern, URLResolver
+from django.conf import settings
+from django.urls import get_resolver, URLPattern, URLResolver
 from rest_framework.viewsets import ViewSetMixin
-from rest_framework.decorators import action
 
-from django.urls import get_resolver
-from ..models import Policy
+from drf_iam.models import Policy
+from .logging_utils import setup_colorful_logger
 
+logger = setup_colorful_logger("drf_iam.permissions", level=logging.INFO)
 
-def is_viewset(cls):
+
+@dataclass
+class PolicyDetail:
+    """Represents the details of a policy to be created or updated."""
+    action: str
+    resource_type: str
+    policy_name: str
+    description: str
+    id: Optional[int] = None  # For existing policies that might be updated
+
+    def __hash__(self):
+        return hash((self.action, self.resource_type))
+
+    def __eq__(self, other):
+        if not isinstance(other, PolicyDetail):
+            return NotImplemented
+        return (self.action, self.resource_type) == (other.action, other.resource_type)
+
+
+def is_viewset(cls: Any) -> bool:
+    """Checks if the given class is a DRF ViewSet."""
     return isinstance(cls, type) and issubclass(cls, ViewSetMixin)
 
 
-def get_viewset_actions(viewset_cls):
-    actions = set()
+def get_viewset_actions(viewset_cls: Type[ViewSetMixin]) -> Set[str]:
+    """Extracts all actions (default and custom) from a ViewSet class.
+    
+    Checks Django settings for 'DRF_IAM_DEFAULT_VIEWSET_ACTIONS'.
+    """
+    actions: Set[str] = set()
+    
+    fallback_default_actions = {
+        'list', 'retrieve', 'create', 'update', 'partial_update', 'destroy'
+    }
+    default_actions = getattr(settings, 'DRF_IAM_DEFAULT_VIEWSET_ACTIONS', fallback_default_actions)
 
-    # Default ViewSet methods
-    default_actions = {'list', 'retrieve', 'create', 'update', 'partial_update', 'destroy'}
     for action_name in default_actions:
         if hasattr(viewset_cls, action_name):
             actions.add(action_name)
-
-    # Custom @action methods
     for name, method in inspect.getmembers(viewset_cls, predicate=inspect.isfunction):
         if hasattr(method, 'mapping'):
-            for http_method in method.mapping:
-                actions.add(f"{name}")
-
+            actions.add(name)
     return actions
 
 
-def extract_viewsets_from_urlpatterns(urlpatterns, prefix=''):
-    for pattern in urlpatterns:
-        if isinstance(pattern, URLResolver):
-            # Recurse into included URLConfs
-            yield from extract_viewsets_from_urlpatterns(pattern.url_patterns, prefix + str(pattern.pattern))
-        elif isinstance(pattern, URLPattern):
-            callback = pattern.callback
-            cls = getattr(callback, 'cls', None)
-            if is_viewset(cls):
-                yield {
-                    'prefix': prefix,
-                    'pattern': pattern.pattern,
-                    'viewset': cls,
-                    'callback': callback
-                }
-
-
-def load_permissions_from_urls(**kwargs):
-    urlpatterns = get_resolver().url_patterns
-    for entry in extract_viewsets_from_urlpatterns(urlpatterns):
-        viewset_cls = entry['viewset']
-        basename = getattr(viewset_cls,"iam_policy_name", None) or viewset_cls.__name__.lower().replace('viewset', '')
-        exclude_from_permissions = getattr(viewset_cls, "drf_iam_exclude_from_permissions", False)
-        if exclude_from_permissions:
-            continue
-        actions = get_viewset_actions(viewset_cls)
-
-        for action in actions:
-            full_action = f"{basename}:{action}"
-            Policy.objects.get_or_create(
-                action=full_action,
-                resource_type=basename,
-                defaults={
-                    'description': f"Permission for {full_action} on {basename}"
-                }
+class PermissionLoader:
+    """Handles the synchronization of permissions from URL patterns to the database."""
+
+    def __init__(self):
+        self.urlpatterns: List[Any] = get_resolver().url_patterns
+        self.desired_policies: List[PolicyDetail] = []
+        self.current_db_policies: List[PolicyDetail] = []
+
+    def _extract_viewsets_from_urlpatterns(
+            self,
+            urlpatterns: List[Any],
+            prefix: str = ''
+    ) -> Iterator[Dict[str, Any]]:
+        """Recursively extracts ViewSet details from Django URL patterns."""
+        for pattern in urlpatterns:
+            if isinstance(pattern, URLResolver):
+                yield from self._extract_viewsets_from_urlpatterns(
+                    pattern.url_patterns, prefix + str(pattern.pattern)
+                )
+            elif isinstance(pattern, URLPattern):
+                callback = pattern.callback
+                viewset_class = getattr(callback, 'cls', None)
+                if is_viewset(viewset_class):
+                    yield {
+                        'prefix': prefix,
+                        'pattern': pattern.pattern,
+                        'viewset': viewset_class,
+                        'callback': callback,
+                    }
+
+    def _generate_policy_details_from_viewsets(self) -> None:
+        """Generates a list of desired PolicyDetail objects from URL patterns."""
+        raw_policy_details: List[Dict[str, Any]] = []
+        for entry in self._extract_viewsets_from_urlpatterns(self.urlpatterns):
+            viewset_cls: Type[ViewSetMixin] = entry['viewset']
+            basename = getattr(viewset_cls, "iam_policy_name", None) or \
+                       viewset_cls.__name__.lower().replace('viewset', '')
+
+            exclude_from_permissions = getattr(viewset_cls, "drf_iam_exclude_from_permissions", False)
+            if exclude_from_permissions:
+                continue
+
+            actions = get_viewset_actions(viewset_cls)
+
+            for action_name in actions:
+                action_method = getattr(viewset_cls, action_name, None)
+                policy_name_override = action_name
+                description = f"Permission for {action_name} on {basename}"
+
+                if action_method:
+                    if getattr(action_method, 'exclude_from_iam', False):
+                        continue
+                    policy_name_override = getattr(action_method, 'policy_name', policy_name_override)
+                    description = getattr(action_method, 'policy_description', description)
+
+                raw_policy_details.append({
+                    'action': f"{basename}:{action_name}",
+                    'resource_type': basename,
+                    'policy_name': policy_name_override,
+                    'description': description
+                })
+
+        seen_policies: Set[Tuple[str, str]] = set()
+        unique_policy_details: List[PolicyDetail] = []
+        for detail_dict in raw_policy_details:
+            key = (detail_dict['action'], detail_dict['resource_type'])
+            if key not in seen_policies:
+                seen_policies.add(key)
+                unique_policy_details.append(
+                    PolicyDetail(
+                        action=detail_dict['action'],
+                        resource_type=detail_dict['resource_type'],
+                        policy_name=detail_dict['policy_name'],
+                        description=detail_dict['description'],
+                    )
+                )
+        self.desired_policies = unique_policy_details
+
+    def _get_current_policies_from_db(self) -> None:
+        """Fetches all current policies from the database."""
+        self.current_db_policies = [
+            PolicyDetail(
+                id=p.id,
+                action=p.action,
+                resource_type=p.resource_type,
+                policy_name=p.policy_name,
+                description=p.description,
             )
+            for p in Policy.objects.all()
+        ]
+
+    def _calculate_policy_changes(
+            self
+    ) -> Tuple[List[PolicyDetail], List[PolicyDetail], List[PolicyDetail]]:
+        """Compares desired and current policies to determine changes."""
+        desired_set = set(self.desired_policies)
+        current_set = set(self.current_db_policies)
+
+        to_create = list(desired_set - current_set)
+
+        policies_to_delete_with_id: List[PolicyDetail] = []
+        current_map_for_delete = {(p.action, p.resource_type): p.id for p in self.current_db_policies if p.id is not None}
+        policies_to_delete_stubs = current_set - desired_set
+        for policy_stub in policies_to_delete_stubs:
+            policy_id = current_map_for_delete.get((policy_stub.action, policy_stub.resource_type))
+            if policy_id is not None:
+                policies_to_delete_with_id.append(
+                    PolicyDetail(action=policy_stub.action, resource_type=policy_stub.resource_type, policy_name='',
+                                 description='', id=policy_id))
+
+        to_update: List[PolicyDetail] = []
+        current_map_for_update = {(p.action, p.resource_type): p for p in self.current_db_policies}
+
+        for desired_policy in desired_set & current_set:
+            current_policy_match = current_map_for_update.get((desired_policy.action, desired_policy.resource_type))
+            if current_policy_match and (
+                    current_policy_match.policy_name != desired_policy.policy_name or \
+                    current_policy_match.description != desired_policy.description
+            ):
+                to_update.append(PolicyDetail(
+                    id=current_policy_match.id,
+                    action=desired_policy.action,
+                    resource_type=desired_policy.resource_type,
+                    policy_name=desired_policy.policy_name,
+                    description=desired_policy.description
+                ))
+        return to_create, policies_to_delete_with_id, to_update
+
+    def _apply_policy_changes(
+            self,
+            policies_to_create: List[PolicyDetail],
+            policies_to_delete: List[PolicyDetail],
+            policies_to_update: List[PolicyDetail],
+    ) -> None:
+        """Applies the calculated policy changes to the database."""
+        if policies_to_delete:
+            delete_ids = [p.id for p in policies_to_delete if p.id is not None]
+            if delete_ids:
+                Policy.objects.filter(id__in=delete_ids).delete()
+                logger.info(f"🗑️  Deleted {len(delete_ids)} policies.")
+
+        if policies_to_create:
+            Policy.objects.bulk_create([
+                Policy(
+                    action=p.action,
+                    resource_type=p.resource_type,
+                    policy_name=p.policy_name,
+                    description=p.description
+                ) for p in policies_to_create
+            ])
+            logger.info(f"✨ Created {len(policies_to_create)} new policies.")
+
+        if policies_to_update:
+            update_batch = []
+            for p_update in policies_to_update:
+                if p_update.id is not None:
+                    policy_obj = Policy(
+                        id=p_update.id,
+                        action=p_update.action,
+                        resource_type=p_update.resource_type,
+                        policy_name=p_update.policy_name,
+                        description=p_update.description
+                    )
+                    update_batch.append(policy_obj)
+
+            if update_batch:
+                Policy.objects.bulk_update(update_batch, fields=['policy_name', 'description'])
+                logger.info(f"🔄 Updated {len(update_batch)} policies.")
+
+    def sync_permissions(self) -> None:
+        """Main method to synchronize permissions."""
+        logger.info("🚀 Starting permission synchronization...")
+
+        self._generate_policy_details_from_viewsets()
+        logger.info(f"🔍 Discovered {len(self.desired_policies)} desired policies from URL patterns.")
+
+        self._get_current_policies_from_db()
+        logger.info(f"💾 Found {len(self.current_db_policies)} existing policies in the database.")
+
+        to_create, to_delete, to_update = self._calculate_policy_changes()
+        logger.info(f"➕ Policies to create: {len(to_create)}")
+        logger.info(f"➖ Policies to delete: {len(to_delete)}")
+        logger.info(f"🔧 Policies to update: {len(to_update)}")
+
+        self._apply_policy_changes(to_create, to_delete, to_update)
+        logger.info("🎉 Successfully finished permission synchronization.")
+
+
+def load_permissions_from_urls(**kwargs: Any) -> None:
+    """Loads permissions from URL patterns and synchronizes them with the database.
+       This function instantiates and uses the PermissionLoader class.
+    """
+    loader = PermissionLoader()
+    loader.sync_permissions()

drf_iam/utils/logging_utils.py

@@ -0,0 +1,56 @@
+import logging
+
+class Colors:
+    RESET = "\033[0m"
+    BOLD = "\033[1m"
+    RED = "\033[91m"
+    GREEN = "\033[92m"
+    YELLOW = "\033[93m"
+    BLUE = "\033[94m"
+    MAGENTA = "\033[95m"
+    CYAN = "\033[96m"
+    WHITE = "\033[97m"
+
+LOG_LEVEL_COLORS = {
+    logging.DEBUG: Colors.BLUE,
+    logging.INFO: Colors.GREEN,
+    logging.WARNING: Colors.YELLOW,
+    logging.ERROR: Colors.RED,
+    logging.CRITICAL: Colors.BOLD + Colors.RED,
+}
+
+class ColorfulFormatter(logging.Formatter):
+    def __init__(self, datefmt='%H:%M:%S'):
+        super().__init__(datefmt=datefmt)
+
+    def format(self, record):
+        level_color = LOG_LEVEL_COLORS.get(record.levelno, Colors.RESET)
+        
+        msg_body_color = Colors.WHITE # Default for message body
+        if record.levelno == logging.INFO:
+            msg_body_color = Colors.GREEN 
+        elif record.levelno == logging.DEBUG:
+            msg_body_color = Colors.BLUE
+        elif record.levelno >= logging.WARNING:
+            msg_body_color = level_color # Errors, Warnings use their level's color for message body
+
+        asctime_str = f"{Colors.CYAN}{self.formatTime(record, self.datefmt)}{Colors.RESET}"
+        name_str = f"{Colors.MAGENTA}[{record.name}]{Colors.RESET}"
+        levelname_str = f"{level_color}{record.levelname.center(8)}{Colors.RESET}" # Padded levelname
+        message_str = f"{msg_body_color}{record.getMessage()}{Colors.RESET}"
+        
+        return f"{asctime_str} {name_str} {levelname_str} : {message_str}"
+
+def setup_colorful_logger(name: str, level: int = logging.INFO) -> logging.Logger:
+    """Sets up and returns a logger instance with colorful formatting."""
+    logger = logging.getLogger(name)
+    logger.setLevel(level)
+
+    if not logger.handlers: # Avoid adding multiple handlers if called multiple times
+        ch = logging.StreamHandler()
+        ch.setLevel(level)
+        formatter = ColorfulFormatter()
+        ch.setFormatter(formatter)
+        logger.addHandler(ch)
+        logger.propagate = False # Prevent double logging if root logger is configured
+    return logger

{drf_iam-0.2.3.dist-info → drf_iam-0.2.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: drf-iam
-Version: 0.2.3
+Version: 0.2.4
 Summary: IAM-style roles and permissions for Django Rest Framework
 Home-page: https://github.com/tushar1328/drf-iam.git
 Author: Tushar Patel

drf_iam-0.2.4.dist-info/RECORD

@@ -0,0 +1,17 @@
+drf_iam/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+drf_iam/admin.py,sha256=xH4T6xGKuylRCTwqLPJAx3Eb07Mb0Qb43iYAWX_cSN8,788
+drf_iam/apps.py,sha256=IbQP1ZN8RnHj2tOxVpplqc_M9K8rMvnlCfL-8Bp8KnI,3161
+drf_iam/decorators.py,sha256=11NEWGQ4cOZiH7gj-clLKi9M929gGtl1ZnaqEbVvhOc,1040
+drf_iam/models.py,sha256=3K0f0SKWiiMFKbiLQ_SKrwV-B5jzzm-HH2gO8nOGs54,1296
+drf_iam/permissions.py,sha256=kUhB7V48sb4v3uZI2lWv40hvI85nE61rL-amh6OY8mg,958
+drf_iam/tests.py,sha256=mrbGGRNg5jwbTJtWWa7zSKdDyeB4vmgZCRc2nk6VY-g,60
+drf_iam/migrations/0001_initial.py,sha256=y_4jXnr7gjU4UXxVrgVrStTSFu3h1ZrmjEZDL4FtZa4,3086
+drf_iam/migrations/0002_add_policy_name.py,sha256=WxQczamrefP6lUxtOU425CK1FwLzcm4lapL-2aYSE6c,353
+drf_iam/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+drf_iam/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+drf_iam/utils/load_viewset_permissions.py,sha256=NRjTekNgtuCiDbBH1hyttcW6nbchaBCD0fQnHALgYtI,10769
+drf_iam/utils/logging_utils.py,sha256=9I9hhSVgOVW5xdKXSKofbjgl6rMYbmAI40euiB5WNlM,2074
+drf_iam-0.2.4.dist-info/METADATA,sha256=aU6oVnf9ydBNsFdPiYYuSUlYlRVzlCYoPY8mrU-Js8A,2763
+drf_iam-0.2.4.dist-info/WHEEL,sha256=Nw36Djuh_5VDukK0H78QzOX-_FQEo6V37m3nkm96gtU,91
+drf_iam-0.2.4.dist-info/top_level.txt,sha256=daz6AaQ9e_cfCjLk2aRoLb_PCOoFofYUX4DU85VwHSM,8
+drf_iam-0.2.4.dist-info/RECORD,,

{drf_iam-0.2.3.dist-info → drf_iam-0.2.4.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.8.0)
+Generator: setuptools (80.7.1)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

drf_iam-0.2.3.dist-info/RECORD

@@ -1,14 +0,0 @@
-drf_iam/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-drf_iam/admin.py,sha256=xH4T6xGKuylRCTwqLPJAx3Eb07Mb0Qb43iYAWX_cSN8,788
-drf_iam/apps.py,sha256=HUJatT0Wf-6ft19lWNkSqI7fnsnAjoLKQrjPUnVAcn8,611
-drf_iam/models.py,sha256=3K0f0SKWiiMFKbiLQ_SKrwV-B5jzzm-HH2gO8nOGs54,1296
-drf_iam/permissions.py,sha256=kUhB7V48sb4v3uZI2lWv40hvI85nE61rL-amh6OY8mg,958
-drf_iam/tests.py,sha256=mrbGGRNg5jwbTJtWWa7zSKdDyeB4vmgZCRc2nk6VY-g,60
-drf_iam/migrations/0001_initial.py,sha256=y_4jXnr7gjU4UXxVrgVrStTSFu3h1ZrmjEZDL4FtZa4,3086
-drf_iam/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-drf_iam/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-drf_iam/utils/load_viewset_permissions.py,sha256=hQSjX7nGb3bfdcweJQzz7Ktj5FnlStEkW8_iX7xaCKg,2463
-drf_iam-0.2.3.dist-info/METADATA,sha256=BDbby2aBZDN3KWY3ZjJufJTancmgDHwXOTLgiUb3JfI,2763
-drf_iam-0.2.3.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
-drf_iam-0.2.3.dist-info/top_level.txt,sha256=daz6AaQ9e_cfCjLk2aRoLb_PCOoFofYUX4DU85VwHSM,8
-drf_iam-0.2.3.dist-info/RECORD,,