Enhancing templates with authentication data
In Exercise 9.02 – adding a profile page, we saw that we can pass the request.user object to the template to render the current user’s attributes in the HTML. We can also take the approach of giving different template renderings according to the user type or permissions held by a user. Consider that we want to add an edit link that only appears to staff users. We might apply an if condition to achieve this:
{% if user.is_staff %}
<p><a href="{% url 'review:edit' %}">Edit this Review</a>
</p>
{% endif %}
If we didn’t take the time to conditionally render links based on permissions, users would have a frustrating experience navigating the application as many of the links that they click on would lead to 403 Forbidden pages. The following exercise will show how we can use templates and authentication to present contextually appropriate links in our...
