I am trying to access the dashboard using specified user like:
Staff user can view the dashboard content.
Superuser can access the delete, edit, view, add content in the dashboard.
Admin can edit, view, add content in the dashboard
I have to do integration with LDAP and assign permissions to particular groups.
I configure ldap and integrate it with django login page but now my requirement is that I have to provide permissions to user to acess add only field or view only field.
Can you please guide me.
Thank you in advance.
Are you saying that you’re using LDAP to provide both authentication (login credentials) and authorization (permissions, or in this case, group membership)?
You may need to enhance your login process to retrieve whatever additional information you need from your LDAP server, (e.g. Group membership) and have your login view update the current user with that information.
In general terms in Django, access to a view is granted to a permission. The permissions are granted to Groups. Users are made members of Groups. All the details for this are provided in that referenced documentation page.
Yes, I am trying to using LDAP to provide both authentication (login credentials) and authorization (permissions, or in this case, group membership)
I configured all mentioned on Admin page but not able to configure it on dashboard panel.
Staff user can view the dashboard content.
Superuser can access the delete, edit, view, add content in the dashboard.
Admin can edit, view, add content in the dashboard
Can you tell me which topic helps me,specifically?
In the above pic, I can perform all operations like save, edit, delete using leaf user.
(here also I restrict the user from all CRUD operations but still it shows the options.)
Based on who logged in, I reverse to the specific dashboard for that user type (and I’m using a class based view).
class CustomLoginView(LoginView):
template_name = 'dashboard/login.html'
fields = '__all__'
redirect_authenticated_user = True
def get_success_url(self):
if self.request.user.is_superuser:
return reverse_lazy('dashboard')
else:
return reverse_lazy('dashboard_b')
In this case, if the user is not a superuser (but is a staff user) it will redirect to my dashboard_b template after the user logs in.
You can also do a lot with jinja2 here:
{% if request.user.is_superuser %}
<!-- If it's a superuser show this heading -->
{% else %}
<!-- If it's not a superuser show this heading -->
{% endif %}
{% if not request.user.is_superuser %}
<!-- If it's not a superuser display this particular link/button -->
{% endif %}
Yes, I edited the post to show how jinja2 can be used to divide everything also. It’s a bit more work, but it can provide well for separating what can be seen on the site depending on ones account privileges