Skip to content

A simple example demoing how to use Permit.io alongside Hasura.io

Notifications You must be signed in to change notification settings

permitio/permit-hasura-python-example

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Permit-Hasura Python example

Builds on the Hasura Python example adding application level permission checks with Permit.

This example assumes an additional text field on the user table (mentioned in the Hasura example): animal

Setup and Run

  • Follow in the instructions in Hasura Python example to setup your Hasura actions and underlying table.
  • Setup your Permit account and PDP
  • Update secrets for Permit and Hasura in app.py constants
  • Install requirements : pip install -r requirements.txt
  • Use the code provided in app.py as the final result
  • run the app : python app.py
  • [Optional] Test the app with the util.py client : python util.py
    • create a user python util.py create-user "user@test.com" "Pass123"
    • login and list animals as user python util.py list-animals "user@test.com" "Pass123"

Highlights and differences from the Hasura example

  • Added email to the JWT (to be used as the user id)

  • added a few requirements to requirements.txt

  • Added a animal field to the user table

  • Added a new feature to list all the users with their animals

  • Added a call to permit.sync_user() as part of the sign-up route

    # Let Permit know of the new user
    # We'll use the email as our unique identifier (in Prod a UUID would be better)
    user["key"] = user["email"]
    # Assign a default basic role
    user["roles"] = [{"role":"admin", "tenant": "default"}]
    userInput = UserInput(**user)
    # Save to permit
    permit.write(permit.api.sync_user(userInput))
  • Added an enforcement point with permit to control who can list animals (fully controlled from Permit's policy-editor in realtime)

     # enforce app-level access with Permit
    if permit.check(id, "list", "animals"):
        user_response = client.list_animals()
        return jsonify(user_response["data"]["user"])
    else:
        return make_response(jsonify({
            'message': 'Not allowed'
        } )), 403

About

A simple example demoing how to use Permit.io alongside Hasura.io

Topics

Resources

Stars

Watchers

Forks

Languages