Modify templates based on permissions assigned to roles

[mZneit]

For every permission assigned in a view, you need to modify the template to allow the user to access or edit content.

[ZhongweiL]

@mZneit To check user permission, I will need to use the has_permission() function imported from rolepermissions.checkers, should I import it in views.py and pass it to the templates? Or is there any way I can import them directly to the templates?

[mZneit]

From this page, you can use it in the template: https://django-role-permissions.readthedocs.io/en/stable/utils.html#template-tags

[ZhongweiL]

@mZneit user|can:"ponder.view_categorization" is always returning false, it this the correct permission name that I should be checking? I also tried user|can:"view_categorizations" but its also returning false.

[mZneit]

Did you define "user" or pass it in the context to the template? if you didn't then it might not work.

[ZhongweiL]

"user" has been used in other parts of the template, so I assume it has already been defined

[mZneit]

What's the template file name? and what role are you using to view the categorizations?

[ZhongweiL]

index.html, I'm using categorizer

[mZneit]

A categorizer can view the categorizations. If you login locally to the admin page, and go to the Categorizer group, you should have the permission view_categorization added to that group. Or are you removing that permission temporarily for testing?

[ZhongweiL]

The permission is still there and I am still able to access the categorizations page.

[mZneit]

ok I will look into this tonight.

[mZneit]

@ZhongweiL use the condition: {% if perms.ponder.view_categorization %} This worked for me and the "View your categorizations" button was hidden if a user was not granted permission to view the categorizations table.

[ZhongweiL]

@mZneit It worked, thanks. Do you just want to hide the button? Or the heading and the text above it as well?

[mZneit]

Yes the heading and the text should also be hidden. The user with the assigned role shouldn't see anything related to the restricted view.

[mZneit]

@ZhongweiL please see the last commit 249c857e2cd6eacab575fcd952a61c5e725cd8b0 on how to hide columns in a table based on a role. Hiding columns is done in views.py instead of tables.py.

[ZhongweiL]

@mZneit I get the exception 'CommitsTable' object is not callable when I try to do that to the commits table and assign it to table_class

[mZneit]

This is because it's a class-based view. I'll try to find a way to modify the code from tables.py in that case.

[mZneit]

This commit 07c587a2fe55d21442e2e3ccfdde66b9fc6440ab hides a column in a table if the user has no permission to view the column @ZhongweiL

[ZhongweiL]

@mZneit Is the add_form column in the Commits table the only column I should be hiding?

[mZneit]

Yes true.