概览:
权限管理,一般指根据系统设置的安全规则或者安全策略,用户可以访问而且只能访问自己被授权的资源,不多不少。权限管理几乎出现在任何系统里面,只要有用户和密码的系统。
废话不多说,直接开干!!!!!
效果预览:
前端Vue实现代码:
<template>
<div>
<div style="padding: 10px">
<div>
<el-button style="float: right" type="success" size="medium" @click="add_role_dialog">新增角色</el-button>
</div>
<div style="padding-top: 50px">
<el-table
:data="role_list_data"
element-loading-text="Loading"
border
fit
highlight-current-row
style="float:left;width:100%"
>
<el-table-column align="center" label="ID" width="100px">
<template slot-scope="scope">
{{ scope.row.id }}
</template>
</el-table-column>
<el-table-column align="center" label="角色名">
<template slot-scope="scope">
{{ scope.row.role_name }}
</template>
</el-table-column>
<el-table-column align="center" prop="create_time" label="create_time">
<template slot-scope="scope">
<span>{{ scope.row.create_time }}</span>
</template>
</el-table-column>
<el-table-column align="center" prop="update_time" label="update_time">
<template slot-scope="scope">
<span>{{ scope.row.update_time }}</span>
</template>
</el-table-column>
<el-table-column align="center" prop="action" label="操作" width="500px">
<template slot-scope="scope">
<el-button type="primary" size="mini" @click="view_role_user(scope.row.id)">查看角色用户</el-button>
<el-button type="success" size="mini" @click="view_change_role_user(scope.row.id)">添加角色用户</el-button>
<el-button type="danger" size="mini" @click="view_change_permission(scope.row.id)">修改权限</el-button>
<el-button type="info" size="mini" @click="delete_role_confirm(scope.row.id)">删除角色</el-button>
</template>
</el-table-column>
</el-table>
</div>
</div>
<div class="block">
<el-pagination
background
:current-page="role_page.current_page"
:page-sizes="[10, 20, 50]"
:page-size="role_page.size_page"
layout="total, sizes, prev, pager, next, jumper"
:total="role_total"
style="float: left; padding: 10px"
@size-change="handle_role_list_size_Change"
@current-change="handle_role_list_CurrentChange"
/>
</div>
<div>
<el-dialog width="90%" :visible.sync="role_user_dialog">
<div>
<el-button style="float: right" type="primary" size="mini" @click="add_role_user_dialog">新增用户</el-button>
</div>
<div style="height: 680px; padding-top: 35px">
<el-table
:data="role_user_data"
element-loading-text="Loading"
border
fit
highlight-current-row
style="float:left;width:100%"
>
<el-table-column align="center" label="ID" width="100px">
<template slot-scope="scope">
{{ scope.row.id }}
</template>
</el-table-column>
<el-table-column align="center" label="用户名" width="200px">
<template slot-scope="scope">
{{ scope.row.username }}
</template>
</el-table-column>
<el-table-column align="center" label="账号" width="300px">
<template slot-scope="scope">
{{ scope.row.account }}
</template>
</el-table-column>
<el-table-column align="center" label="邮箱" width="300px">
<template slot-scope="scope">
{{ scope.row.email }}
</template>
</el-table-column>
<el-table-column align="center" prop="update_time" label="update_time">
<template slot-scope="scope">
<span>{{ scope.row.update_time }}</span>
</template>
</el-table-column>
<el-table-column align="center" prop="create_time" label="create_time">
<template slot-scope="scope">
<span>{{ scope.row.create_time }}</span>
</template>
</el-table-column>
<el-table-column align="center" prop="action" label="操作" width="300px">
<template slot-scope="scope">
<el-button type="primary" size="small" @click="edit_role_user_dialog(scope.row)">编辑</el-button>
<el-button type="success" size="small" @click="edit_role_user_pwd_dialog(scope.row.id)">修改密码</el-button>
</template>
</el-table-column>
</el-table>
<div class="block">
<el-pagination
background
:current-page="role_user_page.current_page"
:page-sizes="[10, 20, 50]"
:page-size="role_user_page.size_page"
layout="total, sizes, prev, pager, next, jumper"
:total="role_user_total"
style="float: left; padding: 10px"
@size-change="handle_role_user_size_Change"
@current-change="handle_role_user_CurrentChange"
/>
</div>
</div>
</el-dialog>
</div>
<div>
<el-dialog width="20%" :visible.sync="view_add_role_dialog" title="新增角色">
<div>
<el-form :model="add_role_form">
<el-form-item label="角色名:">
<el-input v-model="add_role_form.role_name" style="width: 260px" />
</el-form-item>
<el-form-item>
<el-button type="primary" size="medium" style="float: right" @click="add_role_confirm">确认新增</el-button>
</el-form-item>
</el-form>
</div>
</el-dialog>
</div>
<div>
<el-dialog
title="修改权限"
:visible.sync="permission_dialog"
width="40%"
>
<div>
<div style="border: 1px solid #e5e5e5; height: 600px; overflow: auto; padding: 10px">
<el-tree
ref="tree"
:key="new Date().getTime()"
:data="permission_tree"
show-checkbox
node-key="id"
:default-expand-all="true"
:default-checked-keys="permission_checked"
:props="defaultProps"
@check-change="handleCheckChange"
>
<span slot-scope="{ node, data }" class="custom-tree-node">
<span v-if="data.type === 2">{{ node.label + "(" + data.permission_url + ")" }}</span>
<span v-if="data.type !== 2">{{ node.label }}</span>
<span v-if="data.type === 1" style="padding-right: 40%">
<el-button
type="text"
size="small"
@click="() => add_permission_dialog(node, data)"
>
<i :class="icon1" />新增
</el-button>
</span>
<span v-if="data.type === 2" style="padding-right: 10%">
<el-button
type="text"
size="small"
@click="() => remove_permission_menu(node, data)"
>
<i :class="icon2" />删除
</el-button>
</span>
</span>
</el-tree>
</div>
<div style="padding-top: 10px; padding-left: 85%">
<el-button type="primary" size="medium" @click="confirm_permission()">确认修改</el-button>
</div>
</div>
</el-dialog>
</div>
<div>
<el-dialog width="20%" :visible.sync="view_add_permission_dialog" title="新增权限菜单">
<div>
<el-form :model="add_permission_form">
<el-form-item label="菜单名称:">
<el-input v-model="add_permission_form.label" style="width: 260px" />
</el-form-item>
<el-form-item label="接口地址:">
<el-input v-model="add_permission_form.permission_url" style="width: 260px" />
</el-form-item>
<el-form-item>
<el-button type="primary" size="medium" style="float: right" @click="add_permission_menu_confirm">确认新增</el-button>
</el-form-item>
</el-form>
</div>
</el-dialog>
</div>
<div>
<el-dialog width="20%" :visible.sync="view_add_role_user_dialog" title="新增角色用户">
<div>
<el-form>
<el-form-item label="请选择用户:">
<el-select v-model="add_role_user_list" multiple>
<el-option
v-for="item in role_user_list"
:key="item.id"
:label="item.username"
:value="item.id"
/>
</el-select>
</el-form-item>
<el-form-item>
<el-button type="primary" size="medium" style="float: right" @click="add_role_user">确认新增</el-button>
</el-form-item>
</el-form>
</div>
</el-dialog>
</div>
<div style="padding: 50px">
<el-dialog
:visible.sync="view_add_user_dialog"
width="30%"
>
<el-form ref="form" :model="add_user_form" label-width="100px">
<el-form-item label="用户名:">
<el-input v-model="add_user_form.username" />
</el-form-item>
<div v-show="1 === add_edit_type">
<el-form-item label="账户:">
<el-input v-model="add_user_form.account" />
</el-form-item>
</div>
<el-form-item v-show="1 === add_edit_type" label="密码:">
<el-input v-model="add_user_form.password" />
</el-form-item>
<div>
<el-form-item label="email:">
<el-input v-model="add_user_form.email" />
</el-form-item>
</div>
<!-- <div>-->
<!-- <el-form-item label="邮箱密码:">-->
<!-- <el-input v-model="add_user_form.email_password" />-->
<!-- </el-form-item>-->
<!-- </div>-->
<el-form-item>
<div v-show="1 === add_edit_type">
<el-button type="primary" style="float: right" @click="add_user_confirm">确认新增</el-button>
</div>
<div v-show="2 === add_edit_type">
<el-button type="primary" style="float: right" @click="edit_user_confirm">编辑保存</el-button>
</div>
</el-form-item>
</el-form>
</el-dialog>
</div>
<div style="padding: 50px">
<el-dialog
title="修改密码"
:visible.sync="edit_user_pwd_dialog"
width="40%"
>
<el-form ref="form" :model="pwd_form" label-width="100px">
<el-form-item label="原密码:">
<el-input v-model="pwd_form.old_password" />
</el-form-item>
<el-form-item label="新密码:">
<el-input v-model="pwd_form.new_password" />
</el-form-item>
<el-form-item>
<el-button type="primary" style="float: right" @click="edit_user_pwd_confirm">保存</el-button>
</el-form-item>
</el-form>
</el-dialog>
</div>
</div>
</template>
<script>
import {
get_role_list,
get_role_users,
add_role,
get_permission_tree,
get_role_permission,
edit_role_permission,
delete_permission_menu,
add_permission_menu,
delete_role,
get_all_user,
change_user_role,
add_user_info,
edit_user_info, edit_user_password
} from "@/api/user";
export default {
name: "Permission",
data() {
return {
edit_user_id: null,
pwd_form: {},
edit_user_pwd_dialog: false,
add_edit_type: null,
view_add_user_dialog: false,
add_user_form: {},
role_user_list: [],
add_role_user_list: [],
view_add_role_user_dialog: false,
node_parent: {},
view_add_permission_dialog: false,
add_permission_form: {
label: "",
permission_url: "",
parent_id: null,
type: 2
},
icon1: "el-icon-circle-plus-outline",
icon2: "el-icon-delete",
role_id: null,
permission_dialog: false,
permission_tree: [],
permission_checked: [],
defaultProps: {
children: 'children',
label: 'label'
},
add_role_form: {
role_name: ""
},
view_add_role_dialog: false,
role_user_dialog: false,
role_user_data: [],
role_list_data: [],
role_user_total: null,
role_total: null,
role_page: {
size_page: 10,
current_page: 1
},
role_user_page: {
size_page: 10,
current_page: 1
}
}
},
created() {
this.get_role()
},
methods: {
// 页签-条/页 跳转
handle_role_list_size_Change(val) {
this.role_page.size_page = val
this.get_role()
},
// 底部页签跳转
handle_role_list_CurrentChange(val) {
this.role_page.current_page = val
this.get_role()
},
// 页签-条/页 跳转
handle_role_user_size_Change(val) {
this.role_user_page.size_page = val
this.get_role_user_list(this.role_id)
},
// 底部页签跳转
handle_role_user_CurrentChange(val) {
this.role_user_page.current_page = val
this.get_role_user_list(this.role_id)
},
get_role() {
get_role_list(this.role_page).then(res => {
if (res.data.code === 200) {
this.role_list_data = res.data.content
this.role_total = res.data.role_total
this.role_page.current_page = res.data.current_page
this.role_page.size_page = res.data.size_page
} else {
this.$message.error(res.data.message)
}
})
},
view_role_user(role_id) {
this.get_role_user_list(role_id)
this.role_user_dialog = true
this.role_id = role_id
},
get_role_user_list(role_id) {
const req = this.role_user_page
req.role_id = role_id
get_role_users(req).then(res => {
if (res.data.code === 200) {
this.role_user_data = res.data.content
this.role_user_total = res.data.role_user_total
this.role_user_page.current_page = res.data.current_page
this.role_user_page.size_page = res.data.size_page
} else {
this.$message.error(res.data.message)
}
})
},
add_role_dialog() {
this.view_add_role_dialog = true
},
add_role_confirm() {
add_role(this.add_role_form).then(res => {
if (res.data.code === 200) {
this.get_role()
this.view_add_role_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
view_change_permission(data) {
this.permission_dialog = true
this.role_id = data
this.get_permission()
this.get_role_permission_list(data)
},
get_permission() {
get_permission_tree({}).then(res => {
if (res.data.code === 200) {
this.permission_tree = res.data.content
} else {
this.permission_dialog = false
this.$message.error(res.data.message)
}
})
},
get_role_permission_list(data) {
get_role_permission({ "role_id": data }).then(res => {
if (res.data.code === 200) {
this.get_permission()
this.permission_checked = res.data.content
} else {
this.permission_dialog = false
this.$message.error(res.data.message)
}
})
},
handleCheckChange(nodeData, nodeSelected) {
if (nodeData.type === 2 && nodeSelected === true) {
this.permission_checked.push(nodeData.id)
} else if (nodeSelected === false && this.permission_checked.includes(nodeData.id)) {
this.permission_checked = this.permission_checked.filter(id => id !== nodeData.id);
} else if (nodeSelected === true && nodeData.type === 1) {
nodeData.children.forEach(item => {
this.permission_checked.push(item.id)
})
}
},
confirm_permission() {
edit_role_permission({
"role_id": this.role_id,
"permissions": Array.from(new Set(this.permission_checked))
}).then(res => {
if (res.data.code === 200) {
this.permission_dialog = false
this.$message.success(res.data.message)
} else {
this.permission_dialog = true
this.$message.error(res.data.message)
}
})
},
add_permission_dialog(node, data) {
this.view_add_permission_dialog = true
this.add_permission_form.parent_id = data.id
this.node_parent = data
},
add_permission_menu_confirm() {
const req = this.add_permission_form
add_permission_menu(req).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.node_parent.children.push(res.data.content)
this.view_add_permission_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
remove_permission_menu(node, data) {
this.$confirm("确认删除这个菜单?", "温馨提示", {
confirmButtonText: "确定",
cancelButtonText: "取消",
type: "warning", }).then(res => {
if (res === "confirm") {
const req = {}
req.id = data.id
delete_permission_menu(req).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
const parent = node.parent;
const children = parent.data.children || parent.data;
const index = children.findIndex(d => d.id === data.id);
children.splice(index, 1);
} else {
this.$message.error(res.data.message)
}
})
}
})
},
delete_role_confirm(data) {
this.$confirm("确认删除这个角色?", "温馨提示", {
confirmButtonText: "确定",
cancelButtonText: "取消",
type: "warning", }).then(res => {
if (res === "confirm") {
delete_role({ "id": data }).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.get_role()
} else {
this.$message.error(res.data.message)
}
})
}
})
},
get_all_user_list() {
get_all_user({}).then(res => {
if (res.data.code === 200) {
this.role_user_list = res.data.content
} else {
this.$message.error(res.data.message)
}
})
},
view_change_role_user(data) {
this.view_add_role_user_dialog = true
this.role_id = data
this.get_all_user_list()
},
add_role_user() {
const req = {}
req.users = this.add_role_user_list
req.role_id = this.role_id
change_user_role(req).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.view_add_role_user_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
add_role_user_dialog() {
this.add_edit_type = 1
this.view_add_user_dialog = true
},
edit_role_user_dialog(data) {
this.add_edit_type = 2
this.view_add_user_dialog = true
this.add_user_form = data
},
edit_role_user_pwd_dialog(user_id) {
this.edit_user_pwd_dialog = true
this.edit_user_id = user_id
},
edit_user_pwd_confirm() {
const req = this.pwd_form
req.old_password = this.$md5(this.pwd_form.old_password)
req.new_password = this.$md5(this.pwd_form.new_password)
req.id = this.edit_user_id
edit_user_password(this.pwd_form).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.edit_user_pwd_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
add_user_confirm() {
const req = this.add_user_form
req.role_id = this.role_id
add_user_info(req).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.get_role_user_list(this.role_id)
this.view_add_user_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
edit_user_confirm() {
const req = this.add_user_form
edit_user_info(req).then(res => {
if (res.data.code === 200) {
this.$message.success(res.data.message)
this.get_role_user_list(this.role_id)
this.view_add_user_dialog = false
} else {
this.$message.error(res.data.message)
}
})
},
}
}
</script>
<style>
.custom-tree-node {
flex: 1;
display: flex;
align-items: center;
justify-content: space-between;
font-size: 14px;
padding-right: 8px;
}
</style>
后端Django + 中间件实现:
定义数据模型
class Userinfo(models.Model):
"""
用户信息表
"""
id = models.AutoField("id", unique=True, primary_key=True)
account = models.CharField("用户账号", max_length=20, null=False)
username = models.CharField("用户名", max_length=20, null=False)
password = models.CharField("密码", max_length=255, null=False)
token = models.TextField("token", max_length=500, default="")
token_time = models.DateTimeField("token过期时间", null=True)
email = models.TextField("邮箱地址", max_length=500, null=True)
email_password = models.TextField("邮箱地址", max_length=500, null=True)
create_time = models.DateTimeField("创建时间", auto_now=True)
update_time = models.DateTimeField("更新时间", auto_now=True)
def __str__(self):
return self.username
class Role(models.Model):
role_type = models.IntegerField(verbose_name="用户名", null=True, default=1)
role_name = models.CharField(verbose_name="角色名", max_length=20, null=False)
create_time = models.DateTimeField("创建时间", auto_now=True)
update_time = models.DateTimeField("更新时间", auto_now=True)
def __str__(self):
return self.role_name
class Role_user(models.Model):
user = models.ForeignKey(Userinfo, on_delete=models.CASCADE)
role = models.ForeignKey(Role, on_delete=models.CASCADE)
create_time = models.DateTimeField("创建时间", auto_now=True)
update_time = models.DateTimeField("更新时间", auto_now=True)
class Permission(models.Model):
label = models.CharField(max_length=20, null=True, verbose_name="权限名称")
permission_url = models.TextField(null=True, verbose_name="接口地址")
parent_id = models.IntegerField(verbose_name="父id", null=True, default=1)
type = models.IntegerField(verbose_name="权限类型", null=True, default=1)
user = models.ForeignKey(Userinfo, on_delete=models.CASCADE)
create_time = models.DateTimeField("创建时间", auto_now=True)
update_time = models.DateTimeField("更新时间", auto_now=True)
def __str__(self):
return self.label
class Role_permission(models.Model):
permission = models.ForeignKey(Permission, on_delete=models.CASCADE)
role = models.ForeignKey(Role, on_delete=models.CASCADE)
中间件实现:
# -*- coding: gbk -*-
class Permission_check(MiddlewareMixin):
def process_request(self, request):
try:
data = json.loads(request.body)
path = request.path_info
white_list = ["/api/user/login"]
if path in white_list:
return
token = data['token']
user_id = data['user_id']
user = Userinfo.objects.filter(id=user_id)
if user:
for i in user:
if token == i.token and datetime.now() < i.token_time:
role_id = Role_user.objects.get(user_id=user_id).role_id
if role_id == 1:
# 超管默认赋予所有权限
return
permission = Role_permission.objects.filter(role_id=role_id)
for j in permission:
if j.permission.permission_url == path:
return
return JsonResponse({
"code": 1002,
"message": "没有操作权限,请联系-管理员"
})
else:
return JsonResponse({
"code": 1001,
"message": "登录状态失效,请重新登录"
})
else:
return JsonResponse({
"code": 1005,
"message": "账户异常,请重试"
})
except Exception as e:
return JsonResponse({
"code": 1003,
"message": f"系统异常,请联系-管理员,原因:{str(e)}"
})
序列化权限目录树
from rest_framework import serializers
from lapi_app.models.user_model.user_info import Permission
class OrganizeTableModelSerializer(serializers.ModelSerializer):
class Meta:
model = Permission
fields = ["id", "label", 'permission_url', 'parent_id', 'type']
def xTree(data):
# 递归处理数据
lists = []
tree = {}
for i in data:
item = i
tree[item['id']] = item
for i in data:
obj = i
if not obj['parent_id']:
root = tree[obj['id']]
lists.append(root)
else:
parent_id = obj['parent_id']
if 'children' not in tree[parent_id]:
tree[parent_id]['children'] = []
tree[parent_id]['children'].append(tree[obj['id']])
return lists
业务逻辑实现:
# -*- coding: gbk -*-
# 获取接口目录树
def permission_tree(request):
menu_list = Permission.objects.filter(type__in=(0, 1, 2)).order_by("type", "id")
Serializer = OrganizeTableModelSerializer(menu_list, many=True)
result = OrganizeTableModelSerializer.xTree(Serializer.data)
return JsonResponse({"code": 200, "content": result})
def get_role_permission(request):
try:
data = json.loads(request.body)
role_id = data["role_id"]
result_list = []
if role_id == 1:
permissions = Permission.objects.filter(type=2)
for i in permissions:
result_list.append(i.id)
else:
permissions = Role_permission.objects.filter(role_id=role_id)
for i in permissions:
result_list.append(i.permission_id)
return JsonResponse({
"code": 200,
"message": "角色权限获取成功",
"content": result_list
})
except Exception as e:
return JsonResponse({
"code": 200,
"message": f"角色权限获取失败,原因:{str(e)}"
})
def get_role_list(request):
try:
data = json.loads(request.body)
size_page = data["size_page"]
current_pages = data["current_page"]
role = Role.objects.all().order_by("-id")
role_total = len(role)
result = []
for i in role:
res_dict = {
"id": i.id,
"role_name": i.role_name,
"create_time": datetime.strftime(i.create_time, "%Y-%m-%d %H:%M:%S"),
"update_time": datetime.strftime(i.update_time, "%Y-%m-%d %H:%M:%S")
}
result.append(res_dict)
p = Paginator(result, size_page)
page1 = p.page(current_pages)
current_page = page1.object_list
return JsonResponse({
"code": 200,
"message": "获取角色列表成功",
"content": current_page,
"role_total": role_total,
"size_page": size_page,
"current_page": current_pages
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"获取角色列表失败,原因:{str(e)}"
})
def get_role_users(request):
try:
data = json.loads(request.body)
size_page = data["size_page"]
current_pages = data["current_page"]
user = Role_user.objects.filter(role_id=data["role_id"]).order_by("-id")
user_total = len(user)
result = []
for i in user:
res_dict = {
"id": i.user.id,
"account": i.user.account,
"username": i.user.username,
"email": i.user.email,
"email_password": i.user.email_password,
"create_time": datetime.strftime(i.user.create_time, "%Y-%m-%d %H:%M:%S"),
"update_time": datetime.strftime(i.user.update_time, "%Y-%m-%d %H:%M:%S"),
}
result.append(res_dict)
p = Paginator(result, size_page)
page1 = p.page(current_pages)
current_page = page1.object_list
return JsonResponse({
"code": 200,
"message": "获取用户列表成功",
"content": current_page,
"role_user_total": user_total,
"size_page": size_page,
"current_page": current_pages
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"获取用户列表失败,原因:{str(e)}"
})
def add_role(request):
try:
data = json.loads(request.body)
Role.objects.create(role_name=data["role_name"])
return JsonResponse({
"code": 200,
"message": "新增角色成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"新增角色失败,原因:{str(e)}"
})
def add_role_user(request):
try:
data = json.loads(request.body)
user = Userinfo.objects.create(
user_name=data["user_name"],
account=data["account"],
email=data["email"],
password=data["password"],
email_password=data["email_password"],
token=""
)
Role_user.objects.create(role_id=data["role_id"], user_id=user.id)
return JsonResponse({
"code": 200,
"message": "新增用户成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"新增用户失败,原因:{str(e)}"
})
def add_permission_menu(request):
try:
data = json.loads(request.body)
permission = Permission.objects.create(label=data["label"], permission_url=data["permission_url"],
parent_id=data["parent_id"], type=data["type"], user_id=data["user_id"])
return JsonResponse({
"code": 200,
"message": "新增权限菜单成功",
"content": {
"id": permission.id,
"label": data["label"],
"type": data["type"],
"parent_id": data["parent_id"],
"permission_url": data["permission_url"],
}
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"新增权限菜单失败,原因:{str(e)}"
})
def edit_role_permission(request):
try:
data = json.loads(request.body)
Role_permission.objects.filter(role_id=data["role_id"]).delete()
if data["user_id"] == 1:
for i in data["permissions"]:
Role_permission.objects.create(role_id=data["role_id"], permission_id=i)
return JsonResponse({
"code": 200,
"message": "修改权限成功"
})
else:
return JsonResponse({
"code": 1002,
"message": "没有操作权限,请联系-林吉永"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"修改权限失败,原因:{str(e)}"
})
def delete_permission_menu(request):
try:
data = json.loads(request.body)
if data["user_id"] != 1:
return JsonResponse({
"code": 1002,
"message": "没有操作权限,请联系-林吉永"
})
Permission.objects.filter(id=data["id"]).delete()
Role_permission.objects.filter(permission_id=data["id"]).delete()
return JsonResponse({
"code": 200,
"message": "删除权限菜单成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"删除权限菜单失败,原因:{str(e)}"
})
def delete_role(request):
try:
data = json.loads(request.body)
Role.objects.filter(id=data["id"]).delete()
Role_permission.objects.filter(role_id=data["id"]).delete()
Role_user.objects.filter(role_id=data["id"]).delete()
return JsonResponse({
"code": 200,
"message": "删除角色成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"删除角色失败,原因:{str(e)}"
})
def get_all_user(request):
try:
result = []
users = Userinfo.objects.all()
for i in users:
user_dict = {
"id": i.id,
"username": i.username
}
result.append(user_dict)
return JsonResponse({
"code": 200,
"message": "获取用户列表成功",
"content": result
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"获取用户列表失败,原因:{str(e)}"
})
def change_user_role(request):
try:
data = json.loads(request.body)
for i in data["users"]:
Role_user.objects.update_or_create(user_id=i, role_id=data["role_id"])
return JsonResponse({
"code": 200,
"message": "添加角色用户成功",
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"添加角色用户失败,原因:{str(e)}"
})
def add_user_info(request):
try:
data = json.loads(request.body)
user = Userinfo.objects.create(
username=data["username"],
password=data["password"],
email=data["email"],
account=data["account"],
)
Role_user.objects.create(role_id=data["role_id"], user_id=user.id)
return JsonResponse({
"code": 200,
"message": "新增用户成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"新增用户失败,原因:{str(e)}"
})
def edit_user_info(request):
try:
data = json.loads(request.body)
print(data)
user = Userinfo.objects.filter(id=data["id"])
user.update(
username=data["username"],
email=data["email"],
update_time=datetime.now().strftime("%Y-%m-%d %H:%M:%S")
)
return JsonResponse({
"code": 200,
"message": "编辑用户成功"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"编辑用户失败,原因:{str(e)}"
})
def edit_user_password(request):
try:
data = json.loads(request.body)
user = Userinfo.objects.filter(id=data["id"])
for i in user:
if data["old_password"] == i.password:
user.update(password=data["new_password"])
return JsonResponse({
"code": 200,
"message": "修改密码成功"
})
else:
return JsonResponse({
"code": 1001,
"message": "修改密码失败,原密码不正确"
})
except Exception as e:
return JsonResponse({
"code": 1001,
"message": f"修改密码失败,原因:{str(e)}"
})
settings.py文件中注册中间件,让其起到拦截作用
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.cache.UpdateCacheMiddleware', # 其他中间件...
'django.middleware.cache.FetchFromCacheMiddleware',
'xxx.xxx.xxx.xxx.Permission_check'
]
总结:
饭都喂到嘴边了,想学习的同学,冲锋!!!!!
此文章仅代表个人观点,仅供参考!
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
