Django Access Inspector is a comprehensive access control app for Django that helps you enforce fine-grained access control on your views. It provides a flexible and easy-to-use interface to check and analyze authentication and permission classes for each view in your Django project.
To install Django Access Inspector, you can use either pip
or poetry
. Here are the commands:
pip install django-access-inspector
poetry add django-access-inspector
After installing, make sure to add "django_access_inspector"
to your INSTALLED_APPS
setting in your Django project's settings.py
file:
INSTALLED_APPS = [
...,
"django_access_inspector",
]
To run Django Access Inspector, use the following command:
python manage.py inspect_access_control
By default, it will provide a human-readable output. If you prefer a JSON output, you can use the --output json
flag:
python manage.py inspect_access_control --output json
Here's an interpretation of the output:
- Unchecked views: Views that Django Access Inspector was not able to check. As the tool is still a work in progress, we aim to make it check all views in the future.
- Model Admin views: Views generated by Django Admin that are checked with the Django Admin permission system.
- Views: All views that Django Access Inspector was able to check, including their authentication and permission classes.