Django Access Inspector is a comprehensive access control app for Django that helps you enforce fine-grained access control on your views. It provides a flexible and easy-to-use interface to check and analyze authentication and permission classes for each view in your Django project.
To install Django Access Inspector, you can use either pip or poetry. Here are the commands:
pip install django-access-inspectorpoetry add django-access-inspectorAfter installing, make sure to add "django_access_inspector" to your INSTALLED_APPS setting in your Django project's settings.py file:
INSTALLED_APPS = [
...,
"django_access_inspector",
]To run Django Access Inspector, use the following command:
python manage.py inspect_access_controlBy default, it will provide a human-readable output. If you prefer a JSON output, you can use the --output json flag:
python manage.py inspect_access_control --output json
Here's an interpretation of the output:
- Unchecked views: Views that Django Access Inspector was not able to check. As the tool is still a work in progress, we aim to make it check all views in the future.
- Model Admin views: Views generated by Django Admin that are checked with the Django Admin permission system.
- Views: All views that Django Access Inspector was able to check, including their authentication and permission classes.