发表新帖
发表新帖

Django Group permission how to print it in template

前端 未结
关注
2 777
故里飘歌
故里飘歌 2021-02-09 06:56

if the customer sign in and he has permission to see the data that the admin has given to him, he will see the data after he sign in, but if the admin doesn\'t give him permissi

相关标签:
2条回答
  • 挽巷
    2021-02-09 07:34 
    def staff_only(view_func):
    def wrapper_function(request, *args, **kwargs):
        group = None
        if request.user.groups.exists():
            group = request.user.groups.all()[0].name
        if group == 'registrar':
            return redirect('adminpage')

        if group == 'admin':
            return view_func(request, *args, **kwargs)
        return redirect("loginpage")

    return wrapper_function

    This function is missing case when a user does not have required groups, in this case, either we should either redirect a user to login page send to another page or display like "You don't have access to this page"

    0 讨论(0)
  • 感动是毒
    2021-02-09 07:36

    You are asking how to print but as obvious you have some other problems. The other answer has solved the problem on your staff_only decorator. Since you did not cover every case your decorator where returning None. It has been corrected by the other user but to make all in one place i will give detail too.

    def staff_only(view_func):
    def wrapper_function(request, *args, **kwargs):
        group = None
        if request.user.groups.exists():
            groups = list(request.user.groups.all().values_list('name', flat=True))

        if 'admin' in groups or 'registrar' in groups:
            """I assume that registrar is also staff"""
            return view_func(request, *args, **kwargs)

        return redirect("loginpage")

    return wrapper_function

    In your decorator you were only taking users first group and compare it's name. However users may have multiple groups. Thus you need to check the whole list. My solution above gets all groups in a list and check if it fits the conditions and do continue to the view or redirect.

    In your template you are using not existing template filter group.

    You may change it as following:

    <body>
{% for group in request.user.groups.all %}
    {% if group.name == 'registrar' %}
        <p>User belongs to my group</p>
    {% endif %}
{% endfor %}
</body>

    If you want to print all groups you may do the following.

    <body>
<ul>
{% for group in request.user.groups.all %}
    <li>{{group.name}}</li>
{% endfor %}
</ul>
</body>

    However the best way of checking if user has a group in template is creating a template filter for that purpose. You can check documentation.

    @register.filter(name='has_group')
def has_group(user, group_name):
    return user.groups.filter(name=group_name).exists()

    in your template:

    <body>
{% if request.user|has_group:"registrar" %}
    <p>User belongs to my group</p>
{% else %}
    <p>User does not belong to my group</p>
{% endif %}
</body>
    0 讨论(0)
 看不清?
提交回复
热议问题