sqlalchemy-oso-preview 0.0.2
Python
Breaking changes
This release contains breaking changes. Be sure to follow migration steps before upgrading.
Deprecated set_get_session method
set_get_session is no longer available, as this method was used for the previous version of roles support.
New features
SQLAlchemyOso object provides a unified interface for Oso and OsoRoles
The SQLAlchemyOso object is now available to simplify the initialization of Oso for SQLAlchemy.
Now, instead of the following:
from oso import Oso
from sqlalchemy_oso import register_models
from sqlalchemy_oso.roles2 import OsoRoles
from sqlalchemy.ext.declarative import declarative_base
Base = declarative_base()
oso = Oso()
register_models(oso, Base)
oso_roles = OsoRoles(oso, Base, User, sessionmaker)
both Oso and OsoRoles are wrapped by SQLAlchemyOso:
from sqlalchemy_oso import SQLAlchemyOso
from sqlalchemy.ext.declarative import declarative_base
Base = declarative_base()
oso = SQLAlchemyOso(Base)
oso.enable_roles(User, sessionmaker)
After calling SQLAlchemyOso.enable_roles(), the role management methods defined on OsoRoles are available on SQLAlchemyOso.
Roles.user_in_role available from Polar policies
Oso-managed user-to-role assignments created through the role-management
API can now be accessed within Polar policies using
Roles.user_in_role(user, role, resource).
assignments_for_user returns all direct role assignments for a single user
OsoRoles.assignments_for_user(user=my_user_object) will return a list of the roles that my_user_object is directly assigned to.
assignments_for_user can be called on an instance of OsoRoles or an instance of SQLAlchemyOso after calling SQLAlchemyOso.enable_roles().
Connect with us on Slack
If you have any questions, or just want to talk something through, jump into Slack. An Oso engineer or one of the thousands of developers in the growing community will be happy to help.