Add is_anonymous, is_active, and is_superuser as built-in user attribute permissions (#215)

Author: joshuadavidthomas

CHANGELOG.md

@@ -18,6 +18,10 @@ and this project attempts to adhere to [Semantic Versioning](https://semver.org/
 
 ## [Unreleased]
 
+### Added
+
+- Added `is_anonymous`, `is_active`, and `is_superuser` as built-in user attribute permission checks, joining the existing `is_authenticated` and `is_staff`.
+
 ## [0.14.0]
 
 ### Added

docs/reference.md

@@ -97,7 +97,7 @@ Permissions are evaluated in order. **All** must pass (AND logic).
 
 | Permission type | How it's checked |
 |---|---|
-| `"is_authenticated"`, `"is_staff"`, `"is_superuser"` | Read as a boolean attribute on `request.user`. |
+| `"is_anonymous"`, `"is_authenticated"`, `"is_active"`, `"is_staff"`, `"is_superuser"` | Read as a boolean attribute on `request.user`. |
 | `"app.codename"` (any other string) | Checked via `request.user.has_perm()`. |
 | Callable | Called with `request`; must return `bool`. |
 

docs/usage.md

@@ -15,7 +15,9 @@ NavItem(title="Dashboard", url="/dashboard/", permissions=["is_authenticated"])
 Use a string matching a boolean attribute on `request.user`:
 
 ```python
+NavItem(title="Login", url="/login/", permissions=["is_anonymous"])
 NavItem(title="Dashboard", url="/dashboard/", permissions=["is_authenticated"])
+NavItem(title="Dashboard", url="/dashboard/", permissions=["is_active"])
 NavItem(title="Staff Area", url="/staff/", permissions=["is_staff"])
 ```
 

example/navigation.py

@@ -57,6 +57,11 @@ class PermissionsNav(Nav):
     template_name = "navs/basic.html"
     items = [
         NavItem(title="Everyone can see this link", url="#"),
+        NavItem(
+            title="You are not logged in",
+            url="#",
+            permissions=["is_anonymous"],
+        ),
         NavItem(
             title="You are authenticated",
             url="#",

src/django_simple_nav/nav.py

@@ -27,6 +27,14 @@
 
 logger = logging.getLogger(__name__)
 
+USER_ATTRIBUTE_PERMISSIONS = frozenset({
+    "is_anonymous",
+    "is_authenticated",
+    "is_active",
+    "is_staff",
+    "is_superuser",
+})
+
 
 class NavItemContext(dict):
     """A dict subclass that can render itself as HTML in templates.
@@ -272,7 +280,7 @@ def check_permissions(self, request: HttpRequest) -> bool:
                 break
             elif callable(perm):
                 has_perm = perm(request)
-            elif perm in ["is_authenticated", "is_staff"]:
+            elif perm in USER_ATTRIBUTE_PERMISSIONS:
                 has_perm = getattr(user, perm, False)
             else:
                 has_perm = user.has_perm(perm)

tests/test_navitem.py

@@ -240,11 +240,14 @@ def test_get_items(req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], True),
         (["is_authenticated"], False),
+        (["is_active"], False),
         (["is_staff"], False),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], False),
         (["is_authenticated", "is_superuser"], False),
+        (["is_anonymous", "is_authenticated"], False),
     ],
 )
 def test_check_permissions_anonymous(permissions, expected, req):
@@ -259,7 +262,9 @@ def test_check_permissions_anonymous(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], False),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], False),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], False),
@@ -278,7 +283,9 @@ def test_check_permissions_is_authenticated(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], False),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], True),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], True),
@@ -297,7 +304,9 @@ def test_check_permissions_is_staff(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], True),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], True),
         (["is_superuser"], True),
         (["is_authenticated", "is_staff"], True),
@@ -316,7 +325,9 @@ def test_check_permissions_is_superuser(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], False),
         (["is_authenticated"], False),
+        (["is_active"], False),
         (["is_staff"], False),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], False),
@@ -333,7 +344,9 @@ def test_check_permissions_no_request_user(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], True),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], True),
         (["is_superuser"], True),
         (["is_authenticated", "is_staff"], True),
@@ -381,7 +394,9 @@ def check_is_authenticated(request):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], False),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], False),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], False),
@@ -414,7 +429,9 @@ def test_check_permissions_auth_permission_is_authenticated(permissions, expecte
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], False),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], True),
         (["is_superuser"], False),
         (["is_authenticated", "is_staff"], True),
@@ -447,7 +464,9 @@ def test_check_permissions_auth_permission_is_staff(permissions, expected, req):
     "permissions,expected",
     [
         ([], True),
+        (["is_anonymous"], True),
         (["is_authenticated"], True),
+        (["is_active"], True),
         (["is_staff"], True),
         (["is_superuser"], True),
         (["is_authenticated", "is_staff"], True),