This is an example application based on GitHub that's meant to model GitHub's
permissions system. The app uses the oso library to model, manage,
and enforce authorization.
The Oso documentation is a good reference for more information on Oso's Python integration.
$ cd backends/flask-sqlalchemy
$ python3 -m venv venv && source venv/bin/activate
$ pip3 install -r requirements.txt -r requirements-dev.txt
$ make -C ../../tests test-flask-sqlalchemyFirst set up a virtualenv and install dependencies:
$ cd backends/flask-sqlalchemy
$ python3 -m venv venv && source venv/bin/activate
$ pip3 install -r requirements.txtIf this is the first time you've run the app, pass True as the second
argument to create_app(), which seeds the database from the app/fixtures.py
file:
$ FLASK_APP="app:create_app(None, True)" flask runIf you've already seeded the database, change True to False to avoid
resetting the database:
$ FLASK_APP="app:create_app(None, False)" flask run- Python / SQLAlchemy / Flask
- SQLite for persistence
The app has the following models:
Org- the top-level grouping of users and resources in the app. As with GitHub, users can be in multiple orgs and may have different permission levels in each.User- identified by email address, users can have roles within orgs and repos.Repo- mimicking repos on GitHub — but without the backing Git data — each belongs to a single org.Issue- mimicking GitHub issues, each is associated with a single repo.OrgRole- a user role on an organization.RepoRole- a user role on a repository.
Users can have roles on orgs and/or repos. Roles are defined in
app/authorization.polar.
$ cd frontend
$ yarn
$ yarn start- TypeScript / React / Reach Router