I am trying to use django-rules to restrict access to parts of Admin based on some predicates.
Here is what I am doing according to the documentation

# python version: 2.7.12
# django version: 1.11.22

# ---------------
INSTALLED_APPS = [
    'rules.apps.AutodiscoverRulesConfig'
]

AUTHENTICATION_BACKENDS = (
    'rules.permissions.ObjectPermissionBackend',
)

# ---------------
# allapps/restore/admin.py
class RestoreAdmin(ObjectPermissionsModelAdmin):
     # Code for Admin goes here

# ---------------
#  allapps/restore/rules.py

@rules.predicate
def request_user_has_restore_access(user=None):
    # for the purpose of testing I am returning False
    return False

rules.add_perm('restore', rules.always_deny) # Using even this doesn't work
rules.add_perm('restore.view_restore', request_user_has_restore_access)
rules.add_perm('restore.add_restore', request_user_has_restore_access)
rules.add_perm('restore.change_restore', request_user_has_restore_access)
rules.add_perm('restore.delete_restore', request_user_has_restore_access)

This doesn't work. I can still see the Restore app in django admin

What happens if you remove these two completely?

rules.add_perm('restore', rules.always_deny) # Using even this doesn't work
rules.add_perm('restore.view_restore', request_user_has_restore_access)

@dfunckt nothing happens if I remove above two
Scenario for better understanding:
Only handful of users have access to django admin (superuser only). Now I want to give access to specific users that are not superusers to "Restore" Module ONLY, in django admin.
The django-rules package works fine on views and other part of the application so it's not a configuration issue.

What do you mean by allowing access "ONLY in django admin"? Django has only one set of permissions that is shared across all the components of the framework (i.e. Admin, views, templates, etc.).

I'm still not clear on the expected behaviour. Focusing for a moment on that select non-superusers group for a moment, should they be allowed to manage "Restore" instances on the Admin or not? Are they allowed access to views that deal with these instances?

I punctuated the comment ^ it should make more sense now.
So this is what happens when a non-superuser tries to access the django admin

The behavior I expect is that non-superuser should have access to "Restore" Module in django admin.

Are they allowed access to views that deal with these instances?

Yes they are

By returning False from the predicate, I'm sure you'll never see "Restore" instances on the Admin, so first thing is to change it to True and take it from there.

Are you sure you're registering the model admins with the Admin? I.e, like so:

admin.site.register(Restore, RestoreAdmin)

Yes I have registered the model with admin.

I was just testing if the predicate works and revokes access for all users in case it returns False.

Right. What version of rules is this? Can you modify these lines as follows, visit the Admin site and paste here the output?

def has_perm(name, *args, **kwargs):
    print(name)
    return permissions.test_rule(name, *args, **kwargs)

rules==2.0.1
Logging the name prints a long list of modules including:

2019-08-21 13:21:27,703 WARNING 137 [rules.permissions] /ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/rules/permissions.py:25 - restore
2019-08-21 13:21:27,703 WARNING 137 [rules.permissions] /ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/rules/permissions.py:25 - restore

It seems someone's asking for the "restore" permission, but I really don't think it's the Admin. This is getting confusing, can you share a zip or a repo with code stripped down to bare essentials that reproduces this?

I can't share the repo because it's private. Will see if I can somehow replicate it for something bare minimum and share it with you.

Hey @zainab-amir -- what was the issue?

This rule rules.add_perm('restore.view_restore', request_user_has_restore_access) is only available in django v2.1. It didn't give any error so I didn't notice it before but removing it solved the issue