Check permission inside a template in Django

Can I use the Auth application's permission checking inside a template in Django? (I want to display a simple form at the end of the template for privileged users)

And more importantly, should I do it at all or is this no the "Django way"?


Solution 1:

If you are looking to check for permissions in templates, the following code would suffice:

{% if perms.app_label.can_do_something %}
<form here>
{% endif %}

Where model refers to the model that the user need permissions to see the form for.

Refer to https://docs.djangoproject.com/en/stable/topics/auth/default/#permissions for more examples.

The currently logged-in user's permissions are stored in the template variable {{ perms }}

(This requires the following context processor to be enabled: django.contrib.auth.context_processors.auth)

Solution 2:

Tested on Django 2.0 +

If you want to see all the permissions the logged in user has, on your template (.html), print :

{{ perms.app_name }}

Or

{{ perms }}

In order to check if user has permission , use:

{% if perms.app_name.change_model_name_lower_cased %}

E.g :

{% if perms.Utilization.change_invoice %}

Here: Utilization is my App name. Invoice is a model name.

Note that in general, there will be 4 kinds of permissions:

  • change [E.g Utilization.change_projectemail]
  • view [E.g Utilization.view_invoice]
  • delete [E.g Utilization.delete_invoicetype]
  • add [E.g Utilization.add_invoicetype]

Also , if you want to see all permissions a user has due to the groups he belongs to, launch Django shell...

user = User.objects.get(username='somename')
user.get_group_permissions()

Here, all permissions listed, are due to the groups he belongs to.