0

I have the below model. Departments, users. Users are assigned to a department. How can I restrict the access of templates based on the department_name of a user? For eg : User can view Application Template_1 if department_name == "Computer_Department". Here user belong to "computer" department. User can view Application Template_2 if department_name == "Electrical_Department". Here user belong to "electrical".

******My code are as below models.py

class Departments(models.Model):
    id = models.AutoField(primary_key=True)
    department_name = models.CharField(max_length=255) # here department name can be computer, electrical etc
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)
    objects = models.Manager()

class Users(models.Model):
    id = models.AutoField(primary_key=True)
    admin = models.OneToOneField(CustomUser, on_delete = models.CASCADE)
    department_id = models.ForeignKey(Departments, on_delete=models.DO_NOTHING, default=1)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)
    objects = models.Manager()

UserViews.py

def bi_powise(request):
    return render ( request, 'user_template/application_template/bi_powise.html', {})

urls.py

path ( 'bi_powise_user', UserViews.bi_powise, name = 'bi_powise_user' )

sidebar_template.html

      {% url 'bi_powise_user' as bi_powise_user %}
      <a href="{{ bi_powise_user }}" class="nav-link {% if request.path == bi_powise_user %} active {% endif %}">
        <i class="nav-icon fas fa-chalkboard"></i>
        <p>
          BI PO-Wise
        </p>
      </a>
    </li>

bi_powise.html

{% extends 'user_template/base_template.html' %}

{% block page_title %}
ANSwer BI PO-WISE  
{% endblock page_title %}

{% block main_content %}

    <!-- Main content -->
    <body>
      <section class="content">
      <center>
        <iframe width="1400" height="1300" src="https://app.powerbi.com/reportEmbed?reportId=****************************************" frameborder="0" allowFullScreen="true"></iframe>

      </center>
       
      <!-- </div> -->
    
      </section>

   </body>


{% endblock %}
Raj
  • 1
  • 2
  • Literally Raj you are working at 4. Really Admirable. – ash May 05 '22 at 22:52
  • You can use the if and else statement Based Upon the department name. And according to that use Custom Templates – ash May 05 '22 at 22:55
  • Clarification of terminology: You can't really "restrict access to a template". A user shouldn't even know what a template is. On the other hand, you can define permissions for each route in your app which can restrict access to view a page or other resource. – Code-Apprentice May 05 '22 at 23:00
  • With that out of the way, is there anything about the `bi_powise()` view that has to do with a department? Please show `bi_powise.html` template. – Code-Apprentice May 05 '22 at 23:02
  • @Code-Apprentice: I want bi_powise.html to be seen by user who belong to "computer" department only. Users model have department_id. – Raj May 05 '22 at 23:28
  • @Raj Yes, I understand that. I was just asking for some clarification about how the current `bi_powise()` view is implemented. I suggest you read [the django authentication documentation](https://docs.djangoproject.com/en/4.0/topics/auth/default/) to see what you can use. – Code-Apprentice May 06 '22 at 19:01
  • @Code-Apprentice: i have added bi_powise.html template. – Raj May 08 '22 at 12:10
  • @Code-Apprentice : can we use the user_passes_test decorator for my case. If you know can you help me out. – Raj May 08 '22 at 13:51
  • @Raj Yes, that sounds like a good place to start. – Code-Apprentice May 09 '22 at 01:01

1 Answers1

0

You can add logic directly inside your view or write a decorator to enforce permissions. For examples, check out the django authentication documentation.

Code-Apprentice
  • 81,660
  • 23
  • 145
  • 268