Check permission inside a template in Django
Can I use the Auth application's permission checking inside a template in Django? (I want to display a simple form at the end of the template for privileged users)
And more importantly, should I do it at all or is this no the "Django way"?
Solution 1:
If you are looking to check for permissions in templates, the following code would suffice:
{% if perms.app_label.can_do_something %}
<form here>
{% endif %}
Where model refers to the model that the user need permissions to see the form for.
Refer to https://docs.djangoproject.com/en/stable/topics/auth/default/#permissions for more examples.
The currently logged-in user's permissions are stored in the template variable
{{ perms }}
(This requires the following context processor to be enabled: django.contrib.auth.context_processors.auth
)
Solution 2:
Tested on Django 2.0 +
If you want to see all the permissions the logged in user has, on your template (.html), print :
{{ perms.app_name }}
Or
{{ perms }}
In order to check if user has permission , use:
{% if perms.app_name.change_model_name_lower_cased %}
E.g :
{% if perms.Utilization.change_invoice %}
Here: Utilization is my App name. Invoice is a model name.
Note that in general, there will be 4 kinds of permissions:
- change [E.g Utilization.change_projectemail]
- view [E.g Utilization.view_invoice]
- delete [E.g Utilization.delete_invoicetype]
- add [E.g Utilization.add_invoicetype]
Also , if you want to see all permissions a user has due to the groups he belongs to, launch Django shell...
user = User.objects.get(username='somename')
user.get_group_permissions()
Here, all permissions listed, are due to the groups he belongs to.