django-oso v0.5.1 and sqlalchemy-oso v0.3.0 are out! Here's what's in the release:
- Built-In Roles - For many app developers, roles are the first step in implementing authorization. When done well, a role can convey an intuitive understanding of what a user can expect to do in an application. To help developers shed the cognitive load of how to implement roles according to best practices, we are providing out-of-the-box roles support, starting with the sqlalchemy-oso integration. Using this API, you can create roles scoped to a resource, assign them to users in your application, then write rules over those roles. We shipped a v0 of this feature 2 weeks ago and a guide on roles 4 weeks ago. In this release, we've simplified the schema of the role model, added relationships to the user and resource classes, and included more error checks to help keep things on the rails without you having to think about them. Here are the new docs.
And a number of other improvements and bug fixes, including:
- The sqlalchemy-oso library now supports authorization for queries that contain aliases.
- Fixed type-checking for many-to-many relationships in django-oso for specific list filtering policies.
For more details, read the changelog.
With this release, we are also dropping the "Developer Preview" tag. We included this when we first open sourced oso over the summer and were making major breaking changes more frequently. While the pace of development hasn't slowed, the library has stabilized substantially since then. oso has now been downloaded well over 10,00 times and is in production for apps from education subscriptions to CRM, manufacturing ERP and loan applications. We will continue to follow semver and provide detailed changelogs and documentation regarding any major changes we make between now and 1.0.
If you ever have questions, we're available to talk to you about how to get from one version to the next, or to discuss anything you'd like about the product, your use case, or authorization more generally – join us on Slack or open an issue.