django_rules_engine_predicate_based_access_control_quickstart.py

1import rules
2
3# 1. Define a predicate - a simple function that returns True or False
4@rules.predicate
5def is_book_author(user, book):
6    return book.author == user
7
8# 2. Define a rule using predicates and logical operators
9# In this case, a user can edit a book if they are the author
10can_edit_book = is_book_author
11
12# 3. Register the rule with a name
13rules.add_rule('can_edit_book', can_edit_book)
14
15# 4. Define permissions (often used in Django integration)
16rules.add_perm('books.change_book', can_edit_book)
17
18# Example Usage:
19class User:
20    def __init__(self, name):
21        self.name = name
22
23class Book:
24    def __init__(self, title, author):
25        self.title = title
26        self.author = author
27
28author = User(name="Alice")
29other_user = User(name="Bob")
30book = Book(title="Learning Rules", author=author)
31
32# Testing the rules
33print(f"Can Alice edit? {rules.test_rule('can_edit_book', author, book)}")      # True
34print(f"Can Bob edit? {rules.test_rule('can_edit_book', other_user, book)}") # False