Skip to main content

Quick Start

Learn RBAC Algorithm basics in 5 minutes.

Basic Setup

from rbac import RBAC

# Initialize with in-memory storage
rbac = RBAC()

Core Workflow

1. Create Permissions

Permissions define what actions can be performed on what resources.

# Create a permission to read documents
read_docs = rbac.create_permission(
    permission_id="perm_doc_read",
    action="read",
    resource_type="document",
    description="Allows reading documents"
)

# Create more permissions
write_docs = rbac.create_permission(
    permission_id="perm_doc_write",
    action="write",
    resource_type="document"
)

delete_docs = rbac.create_permission(
    permission_id="perm_doc_delete",
    action="delete",
    resource_type="document"
)

2. Create Roles

Roles are collections of permissions.

# Create Viewer role
viewer = rbac.create_role(
    role_id="role_viewer",
    name="Viewer",
    description="Can only read documents"
)

# Create Editor role
editor = rbac.create_role(
    role_id="role_editor",
    name="Editor",
    description="Can read and write documents"
)

# Create Admin role
admin = rbac.create_role(
    role_id="role_admin",
    name="Administrator",
    description="Full access to documents"
)

3. Assign Permissions to Roles

# Viewer can only read
rbac.assign_permission_to_role("role_viewer", "perm_doc_read")

# Editor can read and write
rbac.assign_permission_to_role("role_editor", "perm_doc_read")
rbac.assign_permission_to_role("role_editor", "perm_doc_write")

# Admin has all permissions
rbac.assign_permission_to_role("role_admin", "perm_doc_read")
rbac.assign_permission_to_role("role_admin", "perm_doc_write")
rbac.assign_permission_to_role("role_admin", "perm_doc_delete")

4. Create Users

# Create users
alice = rbac.create_user(
    user_id="user_alice",
    email="alice@example.com",
    name="Alice Johnson"
)

bob = rbac.create_user(
    user_id="user_bob",
    email="bob@example.com",
    name="Bob Smith"
)

carol = rbac.create_user(
    user_id="user_carol",
    email="carol@example.com",
    name="Carol Williams"
)

5. Assign Roles to Users

# Alice is a Viewer
rbac.assign_role_to_user("user_alice", "role_viewer")

# Bob is an Editor
rbac.assign_role_to_user("user_bob", "role_editor")

# Carol is an Admin
rbac.assign_role_to_user("user_carol", "role_admin")

6. Check Permissions

# Can Alice read a document?
result = rbac.check_permission(
    user_id="user_alice",
    action="read",
    resource_id="document_123"
)
print(result.allowed)  # True

# Can Alice write a document?
result = rbac.check_permission(
    user_id="user_alice",
    action="write",
    resource_id="document_123"
)
print(result.allowed)  # False

# Can Bob write a document?
result = rbac.check_permission(
    user_id="user_bob",
    action="write",
    resource_id="document_123"
)
print(result.allowed)  # True

# Get detailed information
result = rbac.check_permission_detailed(
    user_id="user_bob",
    action="write",
    resource_id="document_123"
)
print(result.reason)  # "Allowed by permission(s): perm_doc_write"
print(result.matched_permissions)  # ["perm_doc_write"]

Complete Example

from rbac import RBAC

# Initialize
rbac = RBAC()

# Setup permissions
rbac.create_permission("perm_read", "read", "document")
rbac.create_permission("perm_write", "write", "document")

# Setup role
rbac.create_role("role_editor", "Editor")
rbac.assign_permission_to_role("role_editor", "perm_read")
rbac.assign_permission_to_role("role_editor", "perm_write")

# Setup user
rbac.create_user("user_123", "user@example.com", "John Doe")
rbac.assign_role_to_user("user_123", "role_editor")

# Check permission
result = rbac.check_permission(
    user_id="user_123",
    action="write",
    resource_id="document_456"
)

if result.allowed:
    print("✓ Access granted!")
else:
    print("✗ Access denied!")

What's Next?

RBAC Algorithm

Ready to Implement Enterprise-Grade Access Control?

Get started with RBAC Algorithm in minutes with our comprehensive documentation and examples.

Get Started →⭐ Star on GitHub