Django: Hide button in template, if user is not super-user

django django-models django-forms django-templates django-users
51,077

Solution 1

Check out is_superuser on the User object:

{% if request.user.is_superuser %}
    ...
    <button>...</button>
    ...
{% else %}
...
{% endif %}

EDIT: after @mustafa-0x comments

The above assumes that you have django.core.context_processors.request included in your TEMPLATE_CONTEXT_PROCESSORS setting which isn't the default.

The default setting for TEMPLATE_CONTEXT_PROCESSORS:

TEMPLATE_CONTEXT_PROCESSORS = (
    'django.contrib.auth.context_processors.auth',
    'django.core.context_processors.debug',
    'django.core.context_processors.i18n',
    'django.core.context_processors.media',
    'django.core.context_processors.static',
    'django.core.context_processors.tz',
#    'django.core.context_processors.request',
    'django.contrib.messages.context_processors.messages',
)

already includes the django.contrib.auth.context_processors.auth (and notably doesn't include the request context processor) meaning that in most cases you will already have access to {{ user }} without the need to add it to your context via the view, or enable the request context processor to access the user as above via {{ request.user }}

Solution 2

As discussed in the comments, you can use the User object that is available in templates automatically:

{% if user.is_superuser %}
<div class="alert alert-success" role="alert">
You are logged in as {{user.first_name}}, here are the
<a href="/admin/">admin pages</a> for changing content.
</div>
{% endif %}

You can also use user.is_staff which might be more appropriate.

Share:
51,077
JohnnyCash
Author by

JohnnyCash

Updated on July 09, 2022

Comments

  • JohnnyCash
    JohnnyCash almost 2 years

    How do you get your template/view to recognize whether or not a logged in user is a super user or not?

    There are certain buttons on my forms (in the template) that I want completely hidden if the user is not a super-user

    How would you go about doing that?

  • JohnnyCash
    JohnnyCash about 12 years
    doesn't that just check if the user has been authenticated? I need to know if they are a super user
  • mustafa.0x
    mustafa.0x over 10 years
    @TimmyO'Mahony the code doesn't work and the link is broken... mind explaining why you rejected the edit?
  • Timmy O'Mahony
    Timmy O'Mahony over 10 years
    You changed the meaning. In a template, the user object is usually accessible via the request - you removed the request meaning that the user object would need to be added to the view's context which is wasteful when most people will have it on the request anyway. As for the link, you're right, it doesn't work. I've updated it.
  • mustafa.0x
    mustafa.0x over 10 years
    @TimmyO'Mahony I don't think you're correct: docs.djangoproject.com/en/1.5/topics/auth/default/#users
  • Timmy O'Mahony
    Timmy O'Mahony over 10 years
    Yes? What do you want? My example is perfectly valid and I've explained why. The documentation has decided not to use the request object that is normally available inherently in the template via context processor and instead make the assumption that you have added the user object in the view before rendering the template. I prefer not to make that assumption and use the request object. There's no right or wrong so please stop trying to incite an argument
  • mustafa.0x
    mustafa.0x over 10 years
    Sorry for trying to incite an argument; I'm just trying to understand this. I've got a vanilla Django-1.5 setup here, and request.user is not in the default context, mind checking this on your setup? :-)
  • mustafa.0x
    mustafa.0x over 10 years
    Ok, searched a bit more. It seems that user is in the default context, but request isn't. Also see: stackoverflow.com/a/10158892/2036971
  • Timmy O'Mahony
    Timmy O'Mahony over 10 years
    Ok sorry, I understand what you are saying now and you are correct. It's not that they are in the default context but that by default the context processor django.contrib.auth.context_processors.auth is included in the TEMPLATE_CONTEXT_PROCESSOR settings file meaning you do have access to the user object (as well as perms and messages) as they are added transparently. I'm used to always including my own TEMPLATE_CONTEXT_PROCESSOR instead of using the default global_settings.py values that I didn't realise the default settings. Apologies
  • Timmy O'Mahony
    Timmy O'Mahony over 10 years
    I've updated the answer with an edit to reflect what you're saying
  • Theo
    Theo almost 5 years
    Please do not add code as a link to an image. Instead, edit your answer and paste the code as formatted text.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

'NoneType' object has no attribute 'strftime'
django form error messages not showing
Django form with unknown number of checkbox fields and multiple actions
Dropdown select option to filter a Django list
How to create password input field in django
Django forms with Foreign keys
DISTINCT ON fields is not supported by this database backend
What are the steps to make a ModelForm work with a ManyToMany relationship with an intermediary model in Django?
Change clickable field in Django admin list_display
How to use a choiceField declared in the model, in a form. django