API¶

class public_admin.sites.PublicApp(name, models)¶: Holds the permission strings for each model in a Django app. name should be the name of a Django app as string, and models should be a sequence of strings with the name of the models to allowed in a public admin.

class public_admin.sites.DummyUser(public_apps, *args, **kwargs)¶

Mimics the Django’s native AnonymousUser injecting permissions to view objects from certain Django apps and models.`pubic_apps` should be a sequence of instances of public_admin.sites.PublicApp.

has_module_perms(app_label)¶: Only grant permission if the app was passed as a public_admin.sites.PublicApp.

has_perm(permission, obj=None)¶: Only grant permission if the app and model were passed in a public_admin.sites.PublicApp.

class public_admin.sites.PublicAdminSite(name='public_admin', public_apps=())¶

Mimics the Django’s native AdminSite but removing URLs and permissions that does not match the idea of a public admin. name is the name of this admin site (the string Django uses to build the URL names, for example), and pubic_apps can be one instance of public_admin.sites.PublicApp or a sequence of them.

admin_view(view, cacheable=False)¶: Injects the public_admin.sites.DummyUser in every request in this admin site.

has_permission(request)¶: Blocks all non-GET requests.

urls¶: List the URLs in this admin site.

static valid_url(url)¶: This method removes URLs based on their path.

class public_admin.admin.PublicModelAdmin(model, admin_site)¶

This mimics the Django’s native ModelAdmin but filters URLs that should not exist in a public admin, and deals with request-based permissions.

get_urls()¶: Filter out the URLs that should not exist in a public admin.

has_add_permission(request)¶: Denies permission to any request trying to add new objects.

has_change_permission(request, obj=None)¶: Denies permission to any request trying to change objects.

has_delete_permission(request, obj=None)¶: Denies permission to any request trying to delete objects.

has_view_permission(request, obj=None)¶: Only allows view requests if the method is GET