Enterprise-Grade Access Control for Python Apps - Battle-Tested & Open Source

Source: Dev.to

Quick Summary

Ever needed proper access control in your app but didn’t want to:

• Roll your own buggy permission system?
• Pull in a heavyweight framework with dozens of dependencies?
• Sprinkle if user.is_admin: checks everywhere and hope for the best?

We built RBAC Algorithm – a lightweight, production‑ready access control library for Python.

Quick Example

from rbac import RBAC, User, Permission

rbac = RBAC()
user = User("alice", roles=["editor"])

if rbac.check_permission(user, Permission("write", "document")):
    save_document(data)  # ✅ Editor can write

That’s it. No config files, no database, no extra complexity.

Key Features

• Role Hierarchies – Roles inherit from parent roles (DRY permissions)
• Multi‑Tenant Ready – Domain isolation out of the box
• ABAC Support – Attribute‑based rules (context‑aware permissions)
• Performance – 10K+ authorization checks per second
• Zero Dependencies – Pure Python, production‑safe
• Battle‑Tested – 95%+ test coverage, 1,500+ property‑based tests
• Security Scanned – Dual scanning (Safety + pip-audit) in CI
• AI‑Ready – Ideal for securing AI agents and assistants

Repository & Documentation

• GitHub:
• Interactive Playground: Live demo (try RBAC in your browser)
• Full Documentation: Docs site (link provided in the repo)

Installation

pip install git+https://github.com/Maneesh-Relanto/RBAC-algorithm

Feedback & Roadmap

We’re planning the next features. Which would you find most useful?
What would make this production‑ready for your project?

Appreciate you reading through—thanks!