Reputation: 459
Django admin group permissions not working at template level
My question is about the scope of the permissions set for a group in Django Admin. I have a few groups set up; User, Manager, and Admin. User has basic permissions, Manager has some edit/add permissions, and Admin has all permissions.
I've added a user to each group and tried to test it. In my Django templates I have steps to add a Part model object. The expected result of this as a User is for this not to work, as they don't have permission. However this went through just fine and nothing stopped the User account from creating a Part.
My question is why did this happen even though I set it not to happen. Do I need to add anything specific into my code for this to work?
I'm not sure what code if any will help for this question so feel free to comment with requests and I will edit it in.
Upvotes: 0
Views: 563
Answers (1)
Reputation: 4432
In Django templates you need to explicitly control the permissions. You can read more in docs. And the example from docs:
{% if perms.foo %}
<p>You have permission to do something in the foo app.</p>
{% if perms.foo.can_vote %}
<p>You can vote!</p>
{% endif %}
{% if perms.foo.can_drive %}
<p>You can drive!</p>
{% endif %}
{% else %}
<p>You don't have permission to do anything in the foo app.</p>
{% endif %}
Upvotes: 2
Related Questions
- Django-admin won't allow me to modify user permissions and groups
- Django: get all permissions on template separated by groups
- django admin - group permissions to edit or view models
- Django admin groups permissions and access
- Assign permissions to users in Django groups
- django model permission vs group permissions
- Django user not getting the assigned group's permissions
- django permission groups
- Django model permissions not picked up on admin
- Django admin, how to check properly user's permission in django template?