Skip to content

Role hierarchy

Use StaticRoleResolver to expand roles with inheritance:

from rbacx.core.roles import StaticRoleResolver
resolver = StaticRoleResolver({"admin":["manager"], "manager":["employee"]})
expanded = resolver.expand(["admin"])  # ['admin','employee','manager']

Wire into the Guard:

from rbacx import Guard

policy = {...}  # define yours here
resolver = ...  # use resolver from above

guard = Guard(policy, role_resolver=resolver)

The RBAC standard (ANSI/INCITS 359-2004) includes role hierarchies.