zoukankan      html  css  js  c++  java
  • python-Web-django-路由保护

    from django.shortcuts import redirect,HttpResponse
    from app01.models import *
    import re
    
    def ddff(module):
        '''登陆控制'''
        def deco(request):
            try:
                if request.session['manage_name']:
                    return module(request)
                else:
                    return redirect("/back/login/login/")
            except KeyError:
                return redirect("/back/login/login/")
        return deco
    
    # list
    def ddff_list(module):
        '''登陆控制'''
        def deco(request):
            try:
                if request.session['manage_name']:
    
                    # 获取所有权限
                    functions = getfunctions(request)
                    # 获取url查询条件
                    function_ = geturlf(request)
                    if function_ in functions:
                        '''有权限'''
                        print('有权限')
                        return module(request)
                    else:
                        '''无权限'''
                        print('无权限')
                        return HttpResponse('<h1 align="center">无权限</h1>')
                        # return redirect("/back/login/login/")
                else:
                    return redirect("/back/login/login/")
            except KeyError:
                return redirect("/back/login/login/")
        return deco
    
    # add
    def defense_url(module):
        '''防御url'''
        def deco(request,aid=None):
            if aid != None:
                return module(request,aid)
            try:
                if request.session['manage_name']:
    
                    # 获取所有权限
                    functions = getfunctions(request)
                    # 获取url查询条件
                    function_ = geturlf(request)
                    if function_ in functions:
                        '''有权限'''
                        print('有权限')
                        return module(request,aid)
                    else:
                        '''无权限'''
                        print('无权限')
                        return HttpResponse('<h1 align="center">无权限</h1>')
                        # return redirect("/back/login/login/")
                else:
                    return redirect("/back/login/login/")
            except KeyError:
                return redirect("/back/login/login/")
        return deco
    
    def geturlf(request):
        '''url权限'''
        requesturl = request.path
        # 链接
        if re.findall('list', requesturl):
            function_ = Function.objects.filter(href_list=requesturl).first()
        elif re.findall('add', requesturl):
            function_ = Function.objects.filter(href_add=requesturl).first()
        else:
            function_ = Function.objects.filter(href_t=requesturl).first()
        return function_
    
    def getfunctions(request):
        '''权限拼接'''
        manage_id = request.session['manage_id']
        if manage_id == 1:
            # 超管
            functions = Function.objects.all()
        else:
            functions = []
            manage_id = request.session['manage_id']
            # 个人所有职位
            mp_objs = MP.objects.filter(manage_id=manage_id)
            for mp_obj in mp_objs:
                # 一个职位所有权限
                pf_objs = PF.objects.filter(position_id=mp_obj.position_id)
                # 一个职位权限id列表
                id_list = []
                for pf_obj in pf_objs:
                    id_str = (pf_obj.function).split(',')
                    for i in id_str:
                        if i not in id_list:
                            id_list.append(i)
                print(id_list)
                for i in id_list:
                    # 一个权限id对应一个权限
                    function_obj = Function.objects.filter(id=i).first()
                    if function_obj not in functions:
                        functions.append(function_obj)
                        # 一会做限制
        return functions
  • 相关阅读:
    端口服务
    系统设计的主要原则是什么?
    Dynamics CRM2015 Custom Code Validation Tool工具的使用
    CONFIGURE ADFS 3.0 WITH SHAREPOINT 2013
    Sharepoint Solution Gallery Active Solution时激活按钮灰色不可用的解决方法
    Dynamics CRM 2015Online Update1 new feature之 插件跟踪日志
    Dynamics CRM2013/2015 Plugin注册工具Register New Assembly时无法看到注册按钮的解决办法
    Dynamics CRM 2015 站点地图公告配置实体显示名称的变更
    Dynamics CRM 2015 Online Update1 UI界面的更新变化
    SQL Server2012 AlwaysOn 无法将数据库联接到可用性组 针对主副本的连接未处于活动状态
  • 原文地址:https://www.cnblogs.com/person1-0-1/p/11390864.html
Copyright © 2011-2022 走看看