More fully disable the admin when USE_ADMIN=False

Whatever we decide in the final conclusion for the 'decide status' questions we better _actually_ turn this off when USE_ADMIN=False, this matches expectations better See #131
2026-03-09 23:51:20 +00:00 · 2026-01-07 16:35:25 +01:00
parent 516d8b0731
commit 5462b4ae57
3 changed files with 18 additions and 3 deletions
--- a/bugsink/middleware.py
+++ b/bugsink/middleware.py
@@ -9,7 +9,9 @@ from django.utils.translation import get_supported_language_variant
 from django.utils.translation.trans_real import parse_accept_lang_header
 from django.utils import translation
 from django.urls import get_script_prefix
-from django.http import HttpResponseBadRequest
+from django.http import HttpResponseBadRequest, Http404
+
+from bugsink.app_settings import get_settings


 performance_logger = logging.getLogger("bugsink.performance.views")
@@ -104,6 +106,18 @@ class LoginRequiredMiddleware:
        return login_required(view_func)(request, *view_args, **view_kwargs)


+class AdminRequiresSettingMiddleware:
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        if request.path.startswith("/admin/") and not get_settings().USE_ADMIN:
+            raise Http404
+
+        return self.get_response(request)
+
+
 class PerformanceStatsMiddleware:
    """TSTTCPW to get some handle on view-performance (mostly for UI views). The direct cause for introducing this is
    that I got sent on a wild goose chase by the Django Debug Toolbar, which reported long (>100ms) CPU times for some
--- a/bugsink/settings/default.py
+++ b/bugsink/settings/default.py
@@ -139,6 +139,7 @@ MIDDLEWARE = [
    'verbose_csrf_middleware.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',

+    'bugsink.middleware.AdminRequiresSettingMiddleware',
    'bugsink.middleware.LoginRequiredMiddleware',

    # note on ordering: we need request.user, so after AuthenticationMiddleware; and we're not tied to "before
--- a/bugsink/settings/development.py
+++ b/bugsink/settings/development.py
@@ -91,8 +91,8 @@ BUGSINK = {
    "BASE_URL": "http://bugsink:8000",  # no trailing slash
    "SITE_TITLE": "Bugsink",  # you can customize this as e.g. "My Bugsink" or "Bugsink for My Company"

-    # undocumented feature: this enables links to the admin interface in the header/footer. I'm not sure where the admin
-    # will fit in the final version, so that's why it's not documented.
+    # undocumented feature: this enables the admin interface. I'm not sure where the admin will fit in the final
+    # version, so that's why it's not documented.
    "USE_ADMIN": True,

    # In development, I want to be able to upload broken events, so I can test their downstream rendering/processing.