Restricting whole django app to the normal users

Question

I am not using django built-in admin panel for the admin page but I am trying to add functionality like django-admin.I want to restrict normal users to the admin app and for this I check like this if not request.user.is_superuser in every function where I want to restrict.It does the job pretty well but in the app there can be so many functions and i have to check this in every function inside the app and I think this should not be the good solution.So is there any solution so that I can give access the whole admin functionality to only superuser without checking user with if not request.user.is_superuser in every function inside the admin app ?

views.py

    def a(request):
    if not request.user.is_superuser:
        return redirect('login')
     ..........
    
    def b(request):
    if not request.user.is_superuser:
        return redirect('login')
    .............
    
    def c(request):
    if not request.user.is_superuser:
        return redirect('login')
    ...........
  
    def d(request):
    if not request.user.is_superuser:
        return redirect('login')
    ....

views.py

    def a(request):
    if not request.user.is_superuser:
        return redirect('login')
     ..........
    
    def b(request):
    if not request.user.is_superuser:
        return redirect('login')
    .............
    
    def c(request):
    if not request.user.is_superuser:
        return redirect('login')
    ...........
  
    def d(request):
    if not request.user.is_superuser:
        return redirect('login')
    ....

anjaneyulubatta505 · Accepted Answer

custom decorator

decorators.py

from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import user_passes_test


def superuser_only(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME,
                          login_url='login'):
    """
    Decorator for views that checks that the user is logged in and is a staff
    member, redirecting to the login page if necessary.
    """
    actual_decorator = user_passes_test(
        lambda u: u.is_active and u.is_superuser,
        login_url=login_url,
        redirect_field_name=redirect_field_name
    )
    if view_func:
        return actual_decorator(view_func)
    return actual_decorator

To apply `decorator` to all of your urls

urls.py

def dec_patterns(patterns):
    decorated_patterns = []
    for pattern in patterns:
        callback = pattern.callback
        pattern.callback = superuser_only(callback)
        pattern._callback = superuser_only(callback)
        decorated_patterns.append(pattern)
    return decorated_patterns

url_patterns = [
    path("my-path/", views.my_view),
]
url_patterns = dec_patterns(url_patterns)

Restricting whole django app to the normal users

Tags:

django

django-views

arjun

1 Answers

custom decorator

decorators.py

To apply `decorator` to all of your urls

urls.py

anjaneyulubatta505

Recent Activity

Donate For Us

Restricting whole django app to the normal users

Tags:

django

django-views

arjun

1 Answers

custom decorator

decorators.py

To apply decorator to all of your urls

urls.py

anjaneyulubatta505

Related questions

Recent Activity

Donate For Us

To apply `decorator` to all of your urls