Group permissions in HTML Template with Django

Question

I'm getting a little problem with my project. I would to authorize a part from my Django website to all groups (visitor, customer, ...) except one (Superadmin).

This is my HTML template :

        <!-- Home tab -->

        <ul class="nav navbar-nav">
            <li><a href="{% url "accueil" %}"> <span class="glyphicon glyphicon-home"></span> Accueil </a></li>

            {% if request.user|has_group:"admin" %}

            <li class = "dropdown">
                <a href = "#" class = "dropdown-toggle" data-toggle = "dropdown">
                    Informations Mairie
                <b class = "caret"></b>
                </a>
                <ul class = "dropdown-menu">
                    <li><a href = "{% url "Mairieform" %}"> <span class="glyphicon glyphicon-pencil"></span> Créer/Editer les informations de la Mairie </a></li>
                    <li><a href = "{% url "Mairieresume" %}"> <span class="glyphicon glyphicon-home"></span> Consulter les informations de la Mairie </a></li>
                </ul>
            </li>

            <li class = "dropdown">
                <a href = "#" class = "dropdown-toggle" data-toggle = "dropdown">
                    Actes Etat Civil
                <b class = "caret"></b>
                </a>
                <ul class = "dropdown-menu">
                    <li><a href = "{% url "home" %}"> <span class="glyphicon glyphicon-user"></span> Fiches Individuelles </a></li>
                    <li><a href = "{% url "BChome" %}"> <span class="glyphicon glyphicon-baby-formula"></span> Actes de Naissance </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-heart"></span> Actes de Mariage </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-fire"></span> Actes de Divorce </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-alert"></span> Actes de Décès </a></li>
                </ul>
            </li>
        </ul>

            {% elif request.user |has_group:"visiteur","employé", "officier", "maire" %}

        <ul class="nav navbar-nav">
            <li><a href="{% url "accueil" %}"> <span class="glyphicon glyphicon-home"></span> Accueil </a></li>
            <li class = "dropdown">
                <a href = "#" class = "dropdown-toggle" data-toggle = "dropdown">
                    Informations Mairie
                <b class = "caret"></b>
                </a>
                <ul class = "dropdown-menu">
                    <li><a href = "{% url "Mairieresume" %}"> <span class="glyphicon glyphicon-home"></span> Consulter les informations de la Mairie </a></li>
                </ul>
            </li>

            <li class = "dropdown">
                <a href = "#" class = "dropdown-toggle" data-toggle = "dropdown">
                    Actes Etat Civil
                <b class = "caret"></b>
                </a>
                <ul class = "dropdown-menu">
                    <li><a href = "{% url "home" %}"> <span class="glyphicon glyphicon-user"></span> Fiches Individuelles </a></li>
                    <li><a href = "{% url "BChome" %}"> <span class="glyphicon glyphicon-baby-formula"></span> Actes de Naissance </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-heart"></span> Actes de Mariage </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-fire"></span> Actes de Divorce </a></li>
                    <li><a href = "{% url "BCnotfound" %}"> <span class="glyphicon glyphicon-alert"></span> Actes de Décès </a></li>
                </ul>
            </li>
        </ul>

            {% endif %}

As you can see, I just have one tab which have to be invisible for all groups except Superadmin group. It works for Superadmin, but my question is :

How I can write this line : {% if request.user|has_group:"admin" %} for :

all groups except Superadmin
or visitor, customer, ...

Something like this :

{% elif request.user |has_group:"visiteur","employé", "officier", "maire" %}

Thank you !

EDIT :

This is the views.py file from one of my application :

#-*- coding: utf-8 -*-

import requests, os, json, glob
from django.shortcuts import render, reverse, get_object_or_404
from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect, HttpResponse
from .models import BirthCertificate, Country
from .forms import BirthCertificateForm
from django.db import connection
from django.template import Context
from django.template.loader import get_template
from xhtml2pdf import pisa

import time, random

@login_required
def BirthCertificate_Home(request) :

    return render(request, 'BC_accueil.html')

@login_required
def BirthCertificate_notfound(request) :

    return render(request, 'Not_Found.html')

@login_required
def BirthCertificate_accueil(request) :

    return render(request, 'Accueil.html')

@login_required
def BirthCertificate_Form(request) :
    # Fonction permettant de créer le formulaire Acte de Naissance et le remplissage

    Bform = BirthCertificateForm(request.POST or None)
    template_name = 'BC_form.html'

    if Bform.is_valid() :   # Vérification sur la validité des données
        if '_preview2' in request.POST :
            post = Bform.save(commit=False)
            template_name = 'BC_preview.html'

        elif '_save2' in request.POST :
            post = Bform.save()
            return HttpResponseRedirect(reverse('BC_treated', kwargs={'id': post.id}))

    return render(request, template_name, {"Bform" : Bform})

@login_required
def BirthCertificate_Resume(request, id) : ...

@login_required
def BirthCertificate_PDF(request, id) : ...

Possible duplicate of [How to check (in template) whether user belongs to group](http://stackoverflow.com/questions/34571880/how-to-check-in-template-whether-user-belongs-to-group) — Jed Fox, Jan 26 '17 at 15:15

Dean Pienaar · Answer 1 · 2017-01-26T13:59:00.663

0

It might be best to do this in the view.

class MyView(ViewClass):
    def get_context_data(self, *args, **kwargs):
        context = super().get_context_data(*args, **kwargs)
        if self.request.user.is_superuser:
            context['show_tab'] = True
            return context
        return context

Then you can access this is the template

{% if show_tab %}
  <myHtml/>
{% endif %}

My answer above is for if you are using class based views. If you are using function based views this may look more familiar.

def my_view(request):
    context = {}
    if request.user.is_superuser<group logic>:
         context['show_tab'] = True
         return context
    return render(request, 'mytemplate.html', context)

The point here being that you can pass a dictionary (like context) into a view to have it available to you in the template.

edited Jan 26 '17 at 13:59

answered Jan 26 '17 at 13:21

Dean Pienaar

48
9

I have to write `MyAdminView` in admin.py ? I will try your example. Thank you – Essex Jan 26 '17 at 13:24
Sorry I accessed `request` incorrectly. Updated my answer. – Dean Pienaar Jan 26 '17 at 13:30
Where I have to write the first part of your answer ? in view.py or admin.py ? – Essex Jan 26 '17 at 13:32
And I thought I read that this was for your Admin side of your site. My apologies! In views.py. Use your normal view. Are you using class based views? Or can you provide an example of your view. – Dean Pienaar Jan 26 '17 at 13:33
I added in my question an exemple from my view.py file ;) When I'm authentificated as Superadmin in my website, I would like to see the tab and when I'm authentificated as visitor or something else, I don't want to see this tab ;) – Essex Jan 26 '17 at 13:35
I see. Try this – Dean Pienaar Jan 26 '17 at 13:39
`MyView(ViewClass) :` invalid syntax. If I add `class MyView(ViewClass) :` ViewClass is not defined. Then `if self.request.user:` I have to replace something right ? – Essex Jan 26 '17 at 13:46
Correct on both points. It means do your if statement to return what you want. Like `if request.user.is_superuser:`. Also I updated my answer for function based views – Dean Pienaar Jan 26 '17 at 13:49
Ignore my use of class based views in the first part :) Do the section that is recognisable to you. I'll leave it in for other people. – Dean Pienaar Jan 26 '17 at 13:53

Group permissions in HTML Template with Django

1 Answers1