1 from django.db import models 2 3 # Create your models here. 4 class User(models.Model): 5 name=models.CharField(max_length=11) 6 pwd=models.CharField(max_length=11) 7 roles=models.ManyToManyField('Role') 8 def __str__(self): 9 return self.name 10 11 class Role(models.Model): 12 title=models.CharField(max_length=11) 13 permissions=models.ManyToManyField('Permission') 14 def __str__(self): 15 return self.title 16 17 class Menu(models.Model): 18 title=models.CharField(max_length=32,verbose_name="菜单") 19 icon=models.CharField(max_length=32,verbose_name="图标",null=True,blank=True) 20 21 class Permission(models.Model): 22 title=models.CharField(max_length=32) 23 url=models.CharField(max_length=32) 24 menu=models.ForeignKey('Menu',on_delete=models.CASCADE,null=True) 25 name=models.CharField("url别名",max_length=32,default="") 26 pid=models.ForeignKey('self',on_delete=models.CASCADE,null=True,verbose_name="父权限") 27 28 def __str__(self): 29 return self.title
1 from app01.models import Role 2 3 def initial_session(user,request): 4 permissions = Role.objects.filter(user=user).values('permissions__url', 5 'permissions__title', 6 'permissions__name', 7 'permissions__pk', 8 'permissions__pid', 9 'permissions__menu__title', 10 'permissions__menu__icon', 11 'permissions__menu__pk', 12 ).distinct() 13 permission_list = [] 14 permission_names = [] 15 permission_menu_dict = {} 16 for item in permissions: 17 permission_list.append({ 18 "url":item["permissions__url"], 19 "id":item["permissions__pk"], 20 "pid":item["permissions__pid"], 21 "title":item["permissions__title"], 22 }) 23 permission_names.append(item['permissions__name']) 24 menu_pk = item['permissions__menu__pk'] 25 if menu_pk: 26 if menu_pk not in permission_menu_dict: 27 permission_menu_dict[menu_pk] = { 28 "menu_title": item['permissions__menu__title'], 29 "menu_icon": item['permissions__menu__icon'], 30 "children": [ 31 { 32 "title": item['permissions__title'], 33 "url": item['permissions__url'], 34 "pk": item['permissions__pk'], 35 } 36 ], 37 } 38 else: 39 permission_menu_dict[menu_pk]["children"].append({ 40 "title": item['permissions__title'], 41 "url": item['permissions__url'], 42 }) 43 print(permission_menu_dict) 44 request.session['permission_list'] = permission_list 45 request.session['permission_names'] = permission_names 46 request.session['permission_menu_dict'] = permission_menu_dict
1 import re 2 3 from django.template import Library 4 5 register=Library() 6 @register.inclusion_tag("rbac/menu.html") 7 def get_menu_style(request): 8 permission_menu_dict = request.session.get('permission_menu_dict') 9 for val in permission_menu_dict.values(): 10 for item in val["children"]: 11 val["class"] = "active" 12 if request.show_id==item["pk"]: 13 val["class"] = "" 14 return {'permission_menu_dict':permission_menu_dict} 15 16 @register.filter 17 def has_permission(btn_url, request): 18 permission_names=request.session.get("permission_names") 19 return btn_url in permission_names
1 import re 2 3 from django.utils.deprecation import MiddlewareMixin 4 from django.shortcuts import HttpResponse,redirect 5 6 class PermissionMiddleWare(MiddlewareMixin): 7 def process_request(self,request): 8 current_path = request.path 9 for reg in ['/login/','/admin/']: 10 ret=re.search(reg,current_path) 11 if ret: 12 return None 13 user_id=request.session.get('user_id') 14 if not user_id: 15 return redirect('/login/') 16 17 18 permission_list=request.session.get('permission_list') 19 for item in permission_list: 20 reg='^%s$'%item["url"] 21 ret=re.search(reg,current_path) 22 if ret: 23 show_id=item["pid"] or item["id"] 24 request.show_id = show_id 25 return None 26 return HttpResponse('无权限访问')