181π
Use the user_passes_test
decorator:
from django.contrib.auth.decorators import user_passes_test
@user_passes_test(lambda u: u.is_superuser)
def my_view(request):
...
97π
In case staff membership is sufficient and you do not need to check whether the user is a superuser, you can use the @staff_member_required
decorator:
from django.contrib.admin.views.decorators import staff_member_required
@staff_member_required
def my_view(request):
...
- [Django]-Django filter JSONField list of dicts
- [Django]-Django model one foreign key to many tables
- [Django]-Get model's fields in Django
7π
If you want to have similar functionality to @staff_member_required you can easily write your own decorator. Taking @staff_member as an example we can do something like this:
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.admin.views.decorators import user_passes_test
def superuser_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME,
login_url='account_login_url'):
"""
Decorator for views that checks that the user is logged in and is a
superuser, redirecting to the login page if necessary.
"""
actual_decorator = user_passes_test(
lambda u: u.is_active and u.is_superuser,
login_url=login_url,
redirect_field_name=redirect_field_name
)
if view_func:
return actual_decorator(view_func)
return actual_decorator
This example is a modified staff_member_required, just changed one check in lambda.
- [Django]-Django filter queryset __in for *every* item in list
- [Django]-Substring in a django template?
- [Django]-VueJS + Django Channels
4π
For class based views, creating a reusable decorator:
from django.contrib.auth.mixins import UserPassesTestMixin
from django.views.generic import View
def superuser_required():
def wrapper(wrapped):
class WrappedClass(UserPassesTestMixin, wrapped):
def test_func(self):
return self.request.user.is_superuser
return WrappedClass
return wrapper
@superuser_required()
class MyClassBasedView(View):
def get(self, request):
# ...
- [Django]-Laravel's dd() equivalent in django
- [Django]-How to test auto_now_add in django
- [Django]-How to get value from form field in django framework?
4π
I recommend using Mixins, example:
from django.contrib.auth.mixins import UserPassesTestMixin
class SuperUserCheck(UserPassesTestMixin, View):
def test_func(self):
return self.request.user.is_superuser
Then you can add SuperUserCheck
to View
class:
class MyView(SuperUserCheck, View):
- [Django]-What is a NoReverseMatch error, and how do I fix it?
- [Django]-Error: could not determine PostgreSQL version from '10.3' β Django on Heroku
- [Django]-How to pass multiple values for a single URL parameter?
2π
if you have your profile of user you can simply do this
@login_required
@user_passes_test(lambda u: True if u.profile.role==2 else False )
def add_listing(request):
#...
- [Django]-Django return redirect() with parameters
- [Django]-Paginating the results of a Django forms POST request
- [Django]-Django urlsafe base64 decoding with decryption
2π
To require a superuser on a class based view without writing new code:
from django.utils.decorators import method_decorator
from django.contrib.auth.decorators import user_passes_test
@method_decorator(user_passes_test(lambda u: u.is_superuser), name='dispatch')
class AdminCreateUserView(LoginRequiredMixin, FormView):
...
...
...
- [Django]-Django DB Settings 'Improperly Configured' Error
- [Django]-Auth.User.groups: (fields.E304) Reverse accessor for 'User.groups' clashes with reverse accessor for 'UserManage.groups'
- [Django]-Django: ImproperlyConfigured: The SECRET_KEY setting must not be empty
0π
To check if user is logged in use @login_required decorator and check if logged in user is superuser or not inside the function through if/else condition and return your response accordingly.
ββ
from django.shortcuts import HttpResponse, redirect
from django.contrib.auth.decorators import login_required
@login_required
def function_name(request):
if not request.user.is_superuser:
return redirect('profile')
else:
return HttpResponse('Superuser')
ββ
- [Django]-How do I use Django templates without the rest of Django?
- [Django]-Django: Open uploaded file while still in memory; In the Form Clean method?
- [Django]-How to use MySQLdb with Python and Django in OSX 10.6?