Metadata-Version: 2.4
Name: permissions2fast-fastapi
Version: 0.1.1
Summary: Role-based access control (RBAC) and permission management extension for oauth2fast-fastapi
Author-email: Angel Daniel Sanchez Castillo <angeldaniel.sanchezcastillo@gmail.com>
License: MIT License
        
        Copyright (c) 2026 Angel Daniel Sanchez Castillo
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
        
Project-URL: Homepage, https://github.com/AngelDanielSanchezCastillo/permissions2fast-fastapi
Project-URL: Repository, https://github.com/AngelDanielSanchezCastillo/permissions2fast-fastapi
Project-URL: Issues, https://github.com/AngelDanielSanchezCastillo/permissions2fast-fastapi/issues
Keywords: fastapi,permissions,rbac,oauth2,authorization,sqlmodel
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Framework :: FastAPI
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: oauth2fast-fastapi>=0.2.2
Dynamic: license-file

# permissions2fast-fastapi

🔒 Role-Based Access Control (RBAC) extension for `oauth2fast-fastapi`.

Easily manage user roles and permissions in your FastAPI application with support for Multi-Tenancy and High-Performance Redis Caching.

## Features

- 👥 **Role Management**: Create, assign, and manage roles for users.
- 🔑 **Granular Permissions**: Define specific permissions and assign them to roles or directly to users (polymorphic assignments).
- 🏢 **Multi-Tenancy (Optional)**: Isolate roles and permissions per tenant context.
- � **Redis Caching (Optional)**: High-performance permission evaluation using Redis to minimize database lookups.
- �🛡️ **Route Protection**: Dependencies to protect endpoints based on roles or permissions.
- ⚡ **Async Support**: Fully async database interactions via `pgsqlasync2fast-fastapi`.
- 🔌 **Seamless Integration**: Built to extend `oauth2fast-fastapi`.

## Installation

```bash
pip install permissions2fast-fastapi
```

## Configuration

This package uses the same database connection logic as `oauth2fast-fastapi`. Configure your environment variables in `.env`.

### Basic Settings

```bash
# Database Configuration
DB_CONNECTIONS__AUTH__USERNAME=db_user
DB_CONNECTIONS__AUTH__PASSWORD=db_password
DB_CONNECTIONS__AUTH__HOST=localhost
DB_CONNECTIONS__AUTH__DATABASE=db_name
DB_CONNECTIONS__AUTH__PORT=5432
```

### Advanced Features (Multi-Tenancy & Redis)

You can enable multi-tenancy and Redis caching by setting the following environment variables:

```bash
PERMISSIONS_ENABLE_TENANCY=True
PERMISSIONS_REDIS_RBAC_ENABLED=True

# Redis connection details (if caching is enabled)
PERMISSIONS_REDIS__HOST=localhost
PERMISSIONS_REDIS__PORT=6379
PERMISSIONS_REDIS__DB=0
# PERMISSIONS_REDIS__PASSWORD=your_redis_password
```

## Usage

### 1. Basic Integration

```python
from fastapi import FastAPI
from permissions2fast_fastapi import permissions_router, roles_router
from oauth2fast_fastapi import router as auth_router

app = FastAPI()

app.include_router(auth_router)
app.include_router(permissions_router)
app.include_router(roles_router)
```

### 2. Protecting Routes

Use the provided dependencies to restrict access to endpoints. The system will automatically check Redis cache if enabled, and fallback to database queries if needed. Tenant context is automatically respected if Tenancy is enabled and a Tenant ID is injected in the request context.

```python
from fastapi import Depends
from permissions2fast_fastapi.dependencies import has_permission, has_role
from oauth2fast_fastapi.models import User

# Require a specific role
@app.get("/admin-dashboard")
async def admin_dashboard(user: User = Depends(has_role("admin"))):
    return {"message": "Welcome Admin"}

# Require a specific permission
@app.get("/edit-post")
async def edit_post(user: User = Depends(has_permission("posts.edit"))):
    return {"message": "You can edit posts"}
```
