Django: Hide button in template, if user is not super-user
Solution 1
Check out is_superuser
on the User
object:
{% if request.user.is_superuser %}
...
<button>...</button>
...
{% else %}
...
{% endif %}
EDIT: after @mustafa-0x comments
The above assumes that you have django.core.context_processors.request
included in your TEMPLATE_CONTEXT_PROCESSORS
setting which isn't the default.
The default setting for TEMPLATE_CONTEXT_PROCESSORS
:
TEMPLATE_CONTEXT_PROCESSORS = (
'django.contrib.auth.context_processors.auth',
'django.core.context_processors.debug',
'django.core.context_processors.i18n',
'django.core.context_processors.media',
'django.core.context_processors.static',
'django.core.context_processors.tz',
# 'django.core.context_processors.request',
'django.contrib.messages.context_processors.messages',
)
already includes the django.contrib.auth.context_processors.auth
(and notably doesn't include the request
context processor) meaning that in most cases you will already have access to {{ user }}
without the need to add it to your context via the view, or enable the request
context processor to access the user as above via {{ request.user }}
Solution 2
As discussed in the comments, you can use the User
object that is available in templates automatically:
{% if user.is_superuser %}
<div class="alert alert-success" role="alert">
You are logged in as {{user.first_name}}, here are the
<a href="/admin/">admin pages</a> for changing content.
</div>
{% endif %}
You can also use user.is_staff
which might be more appropriate.
JohnnyCash
Updated on July 09, 2022Comments
-
JohnnyCash almost 2 years
How do you get your template/view to recognize whether or not a logged in user is a super user or not?
There are certain buttons on my forms (in the template) that I want completely hidden if the user is not a super-user
How would you go about doing that?
-
JohnnyCash about 12 yearsdoesn't that just check if the user has been authenticated? I need to know if they are a super user
-
mustafa.0x over 10 years@TimmyO'Mahony the code doesn't work and the link is broken... mind explaining why you rejected the edit?
-
Timmy O'Mahony over 10 yearsYou changed the meaning. In a template, the
user
object is usually accessible via therequest
- you removed therequest
meaning that theuser
object would need to be added to the view's context which is wasteful when most people will have it on the request anyway. As for the link, you're right, it doesn't work. I've updated it. -
mustafa.0x over 10 years@TimmyO'Mahony I don't think you're correct: docs.djangoproject.com/en/1.5/topics/auth/default/#users
-
Timmy O'Mahony over 10 yearsYes? What do you want? My example is perfectly valid and I've explained why. The documentation has decided not to use the
request
object that is normally available inherently in the template via context processor and instead make the assumption that you have added theuser
object in the view before rendering the template. I prefer not to make that assumption and use therequest
object. There's no right or wrong so please stop trying to incite an argument -
mustafa.0x over 10 yearsSorry for trying to incite an argument; I'm just trying to understand this. I've got a vanilla Django-1.5 setup here, and
request.user
is not in the default context, mind checking this on your setup? :-) -
mustafa.0x over 10 yearsOk, searched a bit more. It seems that
user
is in the default context, butrequest
isn't. Also see: stackoverflow.com/a/10158892/2036971 -
Timmy O'Mahony over 10 yearsOk sorry, I understand what you are saying now and you are correct. It's not that they are in the default context but that by default the context processor
django.contrib.auth.context_processors.auth
is included in theTEMPLATE_CONTEXT_PROCESSOR
settings file meaning you do have access to theuser
object (as well asperms
andmessages
) as they are added transparently. I'm used to always including my ownTEMPLATE_CONTEXT_PROCESSOR
instead of using the defaultglobal_settings.py
values that I didn't realise the default settings. Apologies -
Timmy O'Mahony over 10 yearsI've updated the answer with an edit to reflect what you're saying
-
Theo almost 5 yearsPlease do not add code as a link to an image. Instead, edit your answer and paste the code as formatted text.