Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/BastienTeissier/django-access-inspector

Django Access Control is a Django app to scan access on an application views
https://github.com/BastienTeissier/django-access-inspector

Last synced: about 1 month ago
JSON representation

Django Access Control is a Django app to scan access on an application views

Awesome Lists containing this project

README

        

# Django Access Inspector

Django Access Inspector is a comprehensive access control app for Django that helps you enforce fine-grained access control on your views. It provides a flexible and easy-to-use interface to check and analyze authentication and permission classes for each view in your Django project.

## Installation

To install Django Access Inspector, you can use either `pip` or `poetry`. Here are the commands:

```shell
pip install django-access-inspector
```

```shell
poetry add django-access-inspector
```

After installing, make sure to add `"django_access_inspector"` to your `INSTALLED_APPS` setting in your Django project's `settings.py` file:

```python
INSTALLED_APPS = [
...,
"django_access_inspector",
]
```

## Usage

To run Django Access Inspector, use the following command:

```shell
python manage.py inspect_access_control
```

By default, it will provide a human-readable output. If you prefer a JSON output, you can use the `--output json` flag:

```shell
python manage.py inspect_access_control --output json
```

## Example

![cli example output](/assets/cli_output.png)

Here's an interpretation of the output:

- **Unchecked views**: Views that Django Access Inspector was not able to check. As the tool is still a work in progress, we aim to make it check all views in the future.
- **Model Admin views**: Views generated by Django Admin that are checked with the Django Admin permission system.
- **Views**: All views that Django Access Inspector was able to check, including their authentication and permission classes.