zoukankan html css js c++ java

使用django的权限管理系统permission

1.为model添加权限

class Task(models.Model):
    .......
    class Meta:
        permissions = (
            ('oprater_task','can change the tasks'),
        )

2.views中可以使用如下方法来操作权限

print request.user.has_perm('conf.oprater_task')  #conf为应用名，后面的为权限名
.....
myuser.user_permissions = [permission_list]   #myuser为通过request.user获取的user对象
myuser.user_permissions.add(permission, permission, ...)
myuser.user_permissions.remove(permission, permission, ...)
myuser.user_permissions.clear()

3.在template中使用权限方法：

{% if perms.conf %}
    <p>You have permission to do something in the foo app.</p>
    {% if perms.conf.oprater_task %}
        <p>You can vote!</p>
    {% endif %}
    {% if perms.conf.oprater_task %}
        <p>You can drive!</p>
    {% endif %}
{% else %}
    <p>You don't have permission to do anything in the foo app.</p>
{% endif %}

4.permission提供的装饰器

from django.contrib.auth.decorators import login_required

@login_required
def my_view(request):
    # ...

def user_can_vote(user):
    return user.is_authenticated() and user.has_perm("polls.can_vote")

@user_passes_test(user_can_vote, login_url="/login/")
def vote(request):
    # Code here can assume a logged-in user with the correct permission.
    ...

from django.contrib.auth.decorators import permission_required

@permission_required('polls.can_vote', login_url="/login/")
def vote(request):

5.user_passes_test的简便用法

@user_passes_test(lambda u: u.is_superuser)

#django源代码中的user_passes_test
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
    """
    注意该函数的第一个参数
    Decorator for views that checks that the user passes the given test,
    redirecting to the log-in page if necessary. The test should be a callable
    that takes the user object and returns True if the user passes.
    """

    def decorator(view_func):
        @wraps(view_func, assigned=available_attrs(view_func))
        def _wrapped_view(request, *args, **kwargs):
            if test_func(request.user):
                return view_func(request, *args, **kwargs)
            path = request.build_absolute_uri()
            # If the login url is the same scheme and net location then just
            # use the path as the "next" url.
            login_scheme, login_netloc = urlparse.urlparse(login_url or
                                                        settings.LOGIN_URL)[:2]
            current_scheme, current_netloc = urlparse.urlparse(path)[:2]
            if ((not login_scheme or login_scheme == current_scheme) and
                (not login_netloc or login_netloc == current_netloc)):
                path = request.get_full_path()
            from django.contrib.auth.views import redirect_to_login
            return redirect_to_login(path, login_url, redirect_field_name)
        return _wrapped_view
    return decorator

6.判断是否为超级管理员的过滤器：

@user_passes_test(lambda u: u.is_superuser)

ok！

查看全文

相关阅读:
Object类学习
 Thread.State 线程状态
 Thread.UncaughtExceptionHandler
apply和call的区别
 如何实现border-width:0.5px;
table固定头部，表格tbody可上下左右滑动
 canvas画布实现手写签名效果
 ES6学习笔记
 for循环中执行setTimeout问题
 javaScript函数提升及作用域

原文地址：https://www.cnblogs.com/chenjianhong/p/4144818.html