Only enable browsable API when debugging is on.

The reason for that is that the API may expose data that shouldn't be exposed,
such as the list of users on the service.

django_etebase/views.py

@@ -91,7 +91,7 @@ def msgpack_decode(content):
 class BaseViewSet(viewsets.ModelViewSet):
     authentication_classes = tuple(app_settings.API_AUTHENTICATORS)
     permission_classes = tuple(app_settings.API_PERMISSIONS)
-    renderer_classes = [JSONRenderer, MessagePackRenderer, BrowsableAPIRenderer]
+    renderer_classes = [JSONRenderer, MessagePackRenderer] + [BrowsableAPIRenderer] if settings.DEBUG else []
     parser_classes = [JSONParser, MessagePackParser, FormParser, MultiPartParser]
     stoken_id_fields = None