Django: Hide button in template, if user is not super-user - McMap

About

Django: Hide button in template, if user is not super-user

Asked 8/4, 2012 at 19:20 Answered 3/8, 2019 at 13:34

Solved django django-models django-forms django-templates django-users

E

3

55

How do you get your template/view to recognize whether or not a logged in user is a super user or not?

There are certain buttons on my forms (in the template) that I want completely hidden if the user is not a super-user

How would you go about doing that?

Earnestineearnings answered 8/4, 2012 at 19:20 Comment(0)

R

124

Check out is_superuser on the User object:

{% if request.user.is_superuser %}
  <button></button>
{% else %}
  {# ... #}
{% endif %}

EDIT: after @mustafa-0x comments

The above assumes that you have django.core.context_processors.request included in your TEMPLATE_CONTEXT_PROCESSORS setting which isn't the default.

The default setting for TEMPLATE_CONTEXT_PROCESSORS:

TEMPLATE_CONTEXT_PROCESSORS = (
    'django.contrib.auth.context_processors.auth',
    'django.core.context_processors.debug',
    'django.core.context_processors.i18n',
    'django.core.context_processors.media',
    'django.core.context_processors.static',
    'django.core.context_processors.tz',
#    'django.core.context_processors.request',
    'django.contrib.messages.context_processors.messages',
)

already includes the django.contrib.auth.context_processors.auth (and notably doesn't include the request context processor) meaning that in most cases you will already have access to {{ user }} without the need to add it to your context via the view, or enable the request context processor to access the user as above via {{ request.user }}

Ralina answered 8/4, 2012 at 19:23 Comment(9)

doesn't that just check if the user has been authenticated? I need to know if they are a super user – Earnestineearnings 8/4, 2012 at 19:27

@TimmyO'Mahony the code doesn't work and the link is broken... mind explaining why you rejected the edit? – Iq 6/9, 2013 at 16:54

You changed the meaning. In a template, the user object is usually accessible via the request - you removed the request meaning that the user object would need to be added to the view's context which is wasteful when most people will have it on the request anyway. As for the link, you're right, it doesn't work. I've updated it. – Ailurophobe 6/9, 2013 at 17:54

@TimmyO'Mahony I don't think you're correct: docs.djangoproject.com/en/1.5/topics/auth/default/#users – Iq 7/9, 2013 at 15:20

Yes? What do you want? My example is perfectly valid and I've explained why. The documentation has decided not to use the request object that is normally available inherently in the template via context processor and instead make the assumption that you have added the user object in the view before rendering the template. I prefer not to make that assumption and use the request object. There's no right or wrong so please stop trying to incite an argument – Ailurophobe 13/9, 2013 at 8:42

Sorry for trying to incite an argument; I'm just trying to understand this. I've got a vanilla Django-1.5 setup here, and request.user is not in the default context, mind checking this on your setup? :-) – Iq 13/9, 2013 at 10:43

Ok, searched a bit more. It seems that user is in the default context, but request isn't. Also see: https://mcmap.net/q/338980/-django-1-4-request-user-username-doesn-39-t-render-in-template – Iq 13/9, 2013 at 10:48

Ok sorry, I understand what you are saying now and you are correct. It's not that they are in the default context but that by default the context processor django.contrib.auth.context_processors.auth is included in the TEMPLATE_CONTEXT_PROCESSOR settings file meaning you do have access to the user object (as well as perms and messages) as they are added transparently. I'm used to always including my own TEMPLATE_CONTEXT_PROCESSOR instead of using the default global_settings.py values that I didn't realise the default settings. Apologies – Ailurophobe 13/9, 2013 at 12:13

I've updated the answer with an edit to reflect what you're saying – Ailurophobe 13/9, 2013 at 12:18

D

21

As discussed in the comments, you can use the User object that is available in templates automatically:

{% if user.is_superuser %}
<div class="alert alert-success" role="alert">
You are logged in as {{user.first_name}}, here are the
<a href="/admin/">admin pages</a> for changing content.
</div>
{% endif %}

You can also use user.is_staff which might be more appropriate.

Delectable answered 16/4, 2016 at 7:29 Comment(0)

S

0

Actually when you try to check on the login html template weather the user is superuser or not you will not be able to do that because at that very instance it will be false you can check it in views.py file that user is super or not and then redirect it where ever you want. you can do some thing like this as you can see in start function

Steamheated answered 3/8, 2019 at 13:34 Comment(1)

Please do not add code as a link to an image. Instead, edit your answer and paste the code as formatted text. – Venipuncture 3/8, 2019 at 13:53

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.