Limit access to views in Django based on account type

Question

How to limit access to views in Django? My Account model is like this:

class Account(AbstractBaseUser):
      ...
      account_type    = models.PositiveSmallIntegerField(default=0, choices=ACCOUNT_TYPE_CHOICES)

I want to use a custom decorator to all my views based on account type but I don't know where to start.

Currently on my views, this is what I have done:

@login_required(login_url='/login/')
def dashboard(request, *args, **kwargs):
   if request.user.is_authenticated:
        if request.user.account_type == 1:
            return redirect('admin_page')
        else:
            ....

But this one is very repetitive.

Answer 1

You can create a custom decorator with user_passes_test method, like this:

from django.contrib.auth.decorators import user_passes_test, login_required

user_limit = user_passes_test(lambda user: user.account_type != 1, login_url='admin_page')

def account_redirect(view_func):
    decorated_view_func = login_required(user_limit(view_func), login_url='/login/')
    return decorated_view_func

@account_redirect
def dashboard(request, *args, **kwargs):
    # rest of the code

Basically what I am doing is that if user's account type is 1, I am redirecting it to 'admin_page' url.

Also I found this medium article very useful for using user_passes_test method with dectorators.