Skip to main content

Django app for direct client access to all models.

Project description

This is a little application for direct access to all the models and their data in a project. By default, the application has access for users with is_staff marks. But this and much more can be changed.

This is app might interest you if you use Django as the backend to some kind of external client application. There are no templates for formatting and displaying of data on the client. Only JSON. All data is taken directly from the models, so the application can be used for a cool administrative interface.


pip install django-directapps

Change your next project files.


urlpatterns = [
    url(r'^apps/', include('directapps.urls', namespace="directapps")),

Start the development server Django, if it is not running.

Now you can open a browser to this address to see a list of available applications and links to data schematics for each.


Using the REST API

General information

The REST API endpoints are built as follows:


You can perform actions on endpoints by specifying them with an underscore:


Parameters <model_using> and <relation_using> is define a database connection by its ID.

For data sets (<model> and <relation>) apply the following GET-parameters:

1. 'o' - ordering key (by default is from models definition)
2. 'c' - columns key (by default is all from allowed)
3. 'l' - limit key (by default is 10)
4. 'p' - page key (by default is 1)
5. 'q' - search key
6. 'f' - foreign key (used in conjunction with the search key, see bellow)

All these keys can be overridden either together or separately in controller. You can check their names in the full scheme of model.

Let’s analyze it on the example of django.contrib.auth application.

Getting the scheme of available applications and models

Short scheme as list applications with version and checksum:

GET /apps/

Full scheme as list models in application:

GET /apps/auth/

Creating the data

Make groups:

POST /apps/auth/group/ {'name': 'Administrators'}
POST /apps/auth/group/_create/ {'name': 'Managers'}
POST /apps/auth/group/_add/ {'name': 'Operators'}

Getting the data

When you use several databases, you should use the indication of the database from which you want to get the object. To do this, use <model_using> and <relation_using> parameters.

Get the list users:

GET /apps/auth/user/
GET /apps/auth/user/?o=-id,username
GET /apps/auth/user/?o=-id&l=1
GET /apps/auth/user/?q=blabla
GET /apps/auth/group/1/user/
GET /apps/auth/group/1/user/?o=-id,username
GET /apps/auth/group/1/user/?o=-id&l=1
GET /apps/auth/group/1/user/?q=blabla

Get the user by ID=1:

GET /apps/auth/user/1/
GET /apps/auth/group/1/user/1/

Use foreign key for search available groups in ManyToManyField:

GET /apps/auth/user/_fkey/?f=groups
GET /apps/auth/user/_fkey/?f=groups&q=rator
GET /apps/auth/user/_fkey/?f=groups&q=rator&o=-id&l=1

Of course, the foreign key you can use with ForeignKey or OneToOneField too:

GET /apps/auth/permission/_fkey/?f=content_type

Modify data:

PATCH /apps/auth/user/1/ { first_name: 'Johnny' }
PUT /apps/auth/user/1/ { first_name: 'John' }
POST /apps/auth/user/1/_patch/ { first_name: 'John Bo' }
POST /apps/auth/user/1/_put/ { first_name: 'John Bon' }
POST /apps/auth/user/1/_update/ { last_name: 'Jovi' }

Delete data:

DELETE /apps/auth/user/1/
POST /apps/auth/user/1/_delete/

Using in browser

You can look at the example works in the JavaScript console and use it as a test.

function getCookie(cname) {
    var name = cname + '=';
    var ca = document.cookie.split(';');
    for (var i = 0; i < ca.length; i++) {
        var c = ca[i];
        while (c.charAt(0) === ' ') c = c.substring(1);
        if (c.indexOf(name) === 0) return c.substring(name.length, c.length);
    return '';

function makeRequest(method, url, data, content_type) {
    var xhr = new XMLHttpRequest(),
        content_type = content_type || 'application/x-www-form-urlencoded';, url, false);
    if (!(/^(GET|HEAD|OPTIONS|TRACE)$/.test(method.toUpperCase()))) {
        xhr.setRequestHeader('Content-Type', content_type);
        xhr.setRequestHeader('X-CSRFToken', getCookie('csrftoken'));
    if (xhr.status === 200) return JSON.parse(xhr.responseText);

var group1 = makeRequest('post', '/apps/auth/group/', 'name=Operators 1'),
    group2 = makeRequest('post', '/apps/auth/group/',
                         JSON.stringify({ name: 'Operators 2' }),

makeRequest('get', '/apps/auth/group/?o=name,-id&q=operators&p=1&l=3&id__gte=1');
makeRequest('put', '/apps/auth/group/' + + '/', 'name=Operators 11');
makeRequest('patch', '/apps/auth/group/' + + '/', 'name=Operators 22');
makeRequest('get', '/apps/auth/group/?o=name,-id&q=operators&p=1&l=3&id__gte=1');
makeRequest('delete', '/apps/auth/group/', 'id=' + + ',' +;
makeRequest('delete', '/apps/auth/group/',
            JSON.stringify({ id: [, ] }),


All next settings must be within the dictionary DIRECTAPPS, when you define them in the file


Function that checks access to resources. You may want to use:

  1. directapps.access.authenticated - for authenticated users.

  2. directapps.access.staff - for employers and superusers.

  3. directapps.access.superuser - for superusers only.

  4. directapps.access.view_users - for users with view permission for User model.

  5. any custom function.

The default is the internal function directapps.access.staff.


The name of the attribute in the model that is bound to the controller. By default is directapps_controller.


The options for the checksum compilation of the scheme. By default is “1”.


Dictionary own controllers for models of third-party applications. By default is blank.


The list of excluded applications. By default is blank.


The list of excluded models. By default is blank.


The options for creating JSON. By default is {'indent': 2, 'ensure_ascii': False}.


The options for masking all the fields with the name “password”. By default is True.


Class (as string for import) of the master controller, which is used by default. By default is None and uses internal class.


The options for the using ISO time with microseconds into JSONEncoder. By default is False and JSONEncoder used ECMA-262 format.


The key by which data is received for search. By default is ‘q’.


The key by which the name of the field or column with a relation (for the “_fkey” action) is received from the client. By default is ‘f’.


The key by which the list of fields for rendering is received. By default is ‘c’.


The key by which sorting is accepted from the client. By default is ‘o’.


The key by which the limit of records is accepted from the client. By default is ‘l’.


The key by which the client receives the page number. By default is ‘p’.


The global working limit of returned records. By default is 10.


The global maximum limit of returned records, which does not allow to kill the server with huge data sets. By default is 50.

Customizing of controllers

To change the behavior globally for all your controllers, make your main controller based on the built-in and connect it:

# myapp/

import logging
from directapps import controllers

logger = logging.getLogger(__name__)

class CustomModelController(controllers.ModelController):
    # of course, your may be do it in the settings, but just for example :)
    search_key = 'search'
    limit = 50
    max_limit = 1000

class CustomObjectController(controllers.ObjectController):

    def action_get(self, request, object, *args, **kwargs):
          '%s open %s with ID=%s', request.user, self, object,
        return super().action_get(request, object, *args, **kwargs)

class CustomMasterController(controllers.MasterController):

    model_ctrl_class = CustomModelController
    object_ctrl_class = CustomObjectController

    'MASTER_CONTROLLER': 'myapp.controllers.CustomMasterController'

To change the behavior of only one controller, make your own based on the built-in and connect it like this:

# myapp/

from django.db.models import Count
from directapps import controllers

class UserModelController(controllers.ModelController):
    annotations = (
        # Method or property on instance of model.
        # QuerySet annotation.

    def get_queryset(self, *args, **kwargs):
        """Returns modified QuerySet."""
        qs = super().get_queryset(*args, **kwargs)
        qs = qs.annotate(Count('groups'))
        return qs

    def info(self, request, qs):
        """Returns information about the set. Redefined method."""
        all_users = self.get_queryset(request, using=qs.using)
        return {
            'total': all_users.count()

class UserController(controllers.MasterController):

    model_ctrl_class = UserModelController

        'auth.user': 'myapp.controllers.UserController',


If you want to translate the app into your language or to offer a more competent application code, you can do so using the “Pull Requests” on gitlab.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-directapps-0.7.1.tar.gz (28.5 kB view hashes)

Uploaded source

Built Distribution

django_directapps-0.7.1-py3-none-any.whl (31.7 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page