API

class public_admin.sites.PublicApp(name, models): Holds the permission strings for each model in a Django app. name should be the name of a Django app as string, and models should be a sequence of strings with the name of the models to allowed in a public admin.

class public_admin.sites.DummyUser(public_apps, *args, **kwargs)

Mimics the Django’s native AnonymousUser injecting permissions to view objects from certain Django apps and models.`pubic_apps` should be a sequence of instances of public_admin.sites.PublicApp.

has_module_perms(app_label): Only grant permission if the app was passed as a public_admin.sites.PublicApp.

has_perm(permission, obj=None): Only grant permission if the app and model were passed in a public_admin.sites.PublicApp.

class public_admin.sites.PublicAdminSite(name='public_admin', public_apps=())

Mimics the Django’s native AdminSite but removing URLs and permissions that does not match the idea of a public admin. name is the name of this admin site (the string Django uses to build the URL names, for example), and pubic_apps can be one instance of public_admin.sites.PublicApp or a sequence of them.

admin_view(view, cacheable=False): Injects the public_admin.sites.DummyUser in every request in this admin site.

has_permission(request): Blocks all non-GET requests.

register(model, admin_class=None, **options): Verifies whether the model about to be registered is allowed in this public admin site

property urls: List the URLs in this admin site.

static valid_url(url): This method removes URLs based on their path.

class public_admin.admin.PublicModelAdmin(model, admin_site)

This mimics the Django’s native ModelAdmin but filters URLs that should not exist in a public admin, and deals with request-based permissions.

get_urls(): Filter out the URLs that should not exist in a public admin.

has_add_permission(request): Denies permission to any request trying to add new objects.

has_change_permission(request, obj=None): Denies permission to any request trying to change objects.

has_delete_permission(request, obj=None): Denies permission to any request trying to delete objects.

has_view_permission(request, obj=None): Only allows view requests if the method is GET