Metadata-Version: 2.4
Name: libcan
Version: 0.1.1
Summary: Pythonic Role-Based Access Control with libcan-compatible state serialisation
Project-URL: Homepage, https://gitlab.com/viraven/libcan-python
Project-URL: Repository, https://gitlab.com/viraven/libcan-python.git
Author-email: Ivan Chetchasov <vi.is.chapmann@gmail.com>
License: MIT
License-File: LICENSE
Keywords: access-control,libcan,rbac,security
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.12
Description-Content-Type: text/markdown

# libcan-python — Pythonic Role‑Based Access Control

A clean, thread‑safe RBAC engine that is **fully compatible with the C
[libcan](https://gitlab.com/viraven/libcan) library** at the serialisation level.

## Features

- Add users, assign / revoke roles
- Allow and deny rules with `fnmatch` glob patterns (`*`, `?`, `[seq]`)
- Deny‑takes‑precedence semantics
- Thread‑safety built‑in
- Lazy loading from storage; automatic `commit()` / `push()`
- **libcan‑identical state format** – you can exchange state blobs between C and Python
- No external dependencies

## Installation

```bash
pip install libcan
```

```bash
uv add libcan
```

```bash
uv pip install libcan
```

## Quick start

```python
from libcan import AccessControl, MemoryStorage

ac = AccessControl(MemoryStorage())
ac.add_user("alice")
ac.add_role("alice", "admin")
ac.allow("admin", "read:*", "*.txt")
ac.deny("admin", "read:secret", "*.txt")

if ac.allowed("alice", "read:file", "doc.txt"):
    print("Access granted")

ac.commit()   # persist
ac.close()
```

## Storage backends

Implement the `libcan.Storage` abstract class to connect any database or file system.

## License

MIT
