django-guardian
postgrest
Our great sponsors
django-guardian | postgrest | |
---|---|---|
7 | 100 | |
3,541 | 22,282 | |
0.5% | 1.9% | |
0.0 | 9.7 | |
about 1 month ago | 4 days ago | |
Python | Haskell | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
django-guardian
-
Three Ways to Secure Database APIs: Which Is Right for You?
You can mitigate the pain by using libraries like accesscontrol, express-rbac, django-guardian, etc., to manage authorization more declaratively. But making sure nothing leaks is still a significant challenge.
-
Migrating From Django to Next.js: What’s the Equivalent for Django-Guardian?
These pieces fit together very well and are sufficient for replacing most of the goodies Django provides. However, there's one piece missing. Django has a built-in permissions feature, but it's limited to model-level control, i.e., if a user or group has X access to model type Y. Many users have been using the popular django-guardian package to implement row-level permissions. It allows you to establish permissions between users/groups and objects, manages the underlying permission database tables, and provides APIs for configuring and checking such permissions.
-
The Django ecosystem is not so good
https://github.com/django-guardian/django-guardian/issues?q=is%3Aopen+is%3Aissue+label%3ABug
-
how to check user permission in a community
Could use django-guardian for this instead: https://github.com/django-guardian/django-guardian
-
How to handle per object permission in Django nowadays?
I was about to use django-guardian until I came across the following in the official documentation:
-
what are 3 django packages everyone should know about?
django-guardian for per object permissions
- Creating Users of different Departments in Django
postgrest
-
Supabase – General Availability Week
hey hn, supabase ceo her
we just announced GA, after ~4 years of beta. for those who don't know: supabase is a postgres hosting company. we also host other open source "backend" tools that make it easy to get started with postgres (tools like PostgREST for auto-generate APIs [0])
we owe a lot to the HN community. you launched us 4 years ago [1], when we were just a few developers. since then HN has been a staple in our journey, one of the best sources of product feedback [2]
the GA badge is mostly to signify organizational readiness. we're at a stage where we can take any profile of customer. we have a support team that works 24/7, and a success team that will help customers improve their postgres usage. we released our Index Advisor [3] yesterday, and we'll be releasing a few more products this week that helps customer with performance and security.
on a personal note: i read HN most days, and love going through the ShowHN's to see what devs are building. thanks for being an awesome community and my favorite place to lurk on the internet. i'll stick around to answer any questions
[0] PostgREST: https://postgrest.org
[1] Launch: https://news.ycombinator.com/item?id=23319901
[2] HN journey: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
[3] Index Advisor: https://news.ycombinator.com/item?id=40028111
-
The Many Ways Not to Build an API
If you use PostgreSQL and are proficient with using its row-level security feature, you can choose from several tools/services built above RLS, including Supabase, PostgREST, and PostGraphile. They all provide a way to expose database CRUD as a web API, assuming you've configured the RLS rules to properly secure the access.
- Soul: A SQLite REST and Realtime Server
-
Build a simple project management app with Neon, PostgREST, and DigitalOcean
wget 'https://github.com/PostgREST/postgrest/releases/download/v11.2.0/postgrest-v11.2.0-linux-static-x64.tar.xz'
-
Single Software Developer Projects
SupaBase is entirely based upon PostgREST. In fact, PostgREST is arguably 49% of their value proposition according to their own website. The other 49% is PostgreSQL. PostgreSQL of course is a super mature database, and some would argue the best RDBMS on the planet, so let's ignore that part for a moment, and consider it a mature thing and move on to PostgREST.
-
Oink: An API for PHP in a single file
You don't need this PHP snippet:
To get the same functionality without the extra step, simply use PostgREST [1]
[1] https://postgrest.org/
- Ask HN: Popular open source tool originally written in Haskell?
-
Use PostgREST and HTMX to Build RESTful APIs from PostgreSQL Databases
PostgREST is a standalone web server that turns your PostgreSQL database into a RESTful API using the database's structural constraints and permissions to define the API's endpoints and operations. In this tutorial, you will create a simple note-taking app by leveraging PostgREST to construct a RESTful API for the app and using htmx to deliver HTML content.
-
We built our customer data warehouse all on Postgres
You might find some info in the docs of PostgREST [1] or in the previous discussions on HN about it [2].
For the versioning, I just have a git repo where I keep every role, schema, table, view, function, trigger, etc. definitions. Every time I change something in the database I first change it in the git repo too to have an history.
[1] https://postgrest.org
[2] https://hn.algolia.com/?q=postgrest
-
Pandoc
Don't know if you would call this a "program" but PostgREST is written is Haskell too.
https://github.com/PostgREST/postgrest
What are some alternatives?
django-rules - Awesome Django authorization, without the database
Hasura - Blazing fast, instant realtime GraphQL APIs on your DB with fine grained access control, also trigger webhooks on database events.
oso - Oso is a batteries-included framework for building authorization in your application.
supabase - The open source Firebase alternative.
Carteblanche - Module to align code with thoughts of users and designers. Also magically handles navigation and permissions.
postgres-websockets - PostgreSQL + Websockets
django-fsm - Django friendly finite state machine support
Appwrite - Build like a team of hundreds_
django-bootstrap-modal-forms - A Django plugin for creating AJAX driven forms in Bootstrap modal.
gotrue - An SWT based API for managing users and issuing SWT tokens.
django-defender - A simple super fast django reusable app that blocks people from brute forcing login attempts
TimescaleDB - An open-source time-series SQL database optimized for fast ingest and complex queries. Packaged as a PostgreSQL extension.