Re: Make an element on a page visible only to logged in users

Hi,

I disagree with Mike Dewhirst answer, here's mine.

The simplest way is in the template, to see if it's logged in:

{% if user.is_authenticated %}

Then maybe a much more powerful way is to write your right management this way: first you write what you need beginning with "has_right_" like

{% if user.person.has_right_modify_account %}{% endif %}
{% if user.person.has_right_view_customers %}{% endif %}

and so on.

Then you create your "role" model (which implies the rights to do something), and the "person" model that has a user foreign key:

class Role(BaseModel):
    R_TYPE_SUPER_ADMIN = 1
    R_TYPE_ADMIN = 2
    R_TYPE_EMPLOYEE = 3

    TAB_R_TYPE = {
        R_TYPE_SUPER_ADMIN: _("Super-admin"),
        R_TYPE_ADMIN: _("Co-branding admin"),
        R_TYPE_EMPLOYEE: _("Co-branding employee"),
    }
    authorization_level = models.IntegerField(
        choices=[(a, b) for a, b in list(TAB_R_TYPE.items())],
        default=R_TYPE_CO_BRANDING_EMPLOYEE)

    def authorization_level_description(self):
        return Role.TAB_R_TYPE[self.authorization_level]

    description = models.CharField(max_length=200, default=None,
                                   blank=True, null=True)

    def __str__(self):
        return str(self.description) if self.description is not None else '?'



class Person(models.Model):
    user = models.ForeignKey(User)
    roles = models.ManyToManyField(Role)

And then, in that "Person" class, you implement the functions you called in the template: has_right_modify_account and has_right_view_customers:

class Person(models.Model):
    user = models.ForeignKey(User)
    roles = models.ManyToManyField(Role)
    def has_right_modify_account(self):

        # only admin and super admin
        return len(self.roles.all() & [Role.R_TYPE_SUPER_ADMIN, Role.R_TYPE_ADMIN]) > 0

    def has_right_view_customers(self):
        # everybody = at least one role:
        return len(self.roles.all()) > 0

I'm pretty sure that code wont work out of the box, but you can fix it easily.

Le mercredi 22 août 2018 02:50:42 UTC+2, chanman a écrit :

I want to have a page look different for users who are logged in and those who aren't. For users that are signed in the page will have a sidebar with account management options. For users who aren't signed in, this sidebar shouldn't show up. The most obvious way to do this would be to have a common layout inherited by the member viewable and outsider viewable pages. But is there a way to do this by having some kind of optional component on the page?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/e4de489f-810d-41f5-ba26-6cc7a104bf82%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.