django权限模块

1.models.py
添加class Meta:permissions来使权限可以通过django管理。
当同步到数据库后,才能生效


class Customer(models.Model):
    qq = models.CharField(max_length=64, unique=True)

    class Meta:
        permissions = (
            ('can_del_customer', '可以删除用户'),
        )

数据库同步:

PS D:\python\stu_crm> python.exe .\manage.py makemigrations                                            
Migrations for 'stucrm':                                                                               
  stucrm\migrations\0002_auto_20170625_1005.py                                                         
    - Change Meta options on customer                                                                  
PS D:\python\stu_crm> python.exe .\manage.py migrate                                                   
Operations to perform:                                                                                 
  Apply all migrations: admin, auth, contenttypes, sessions, stucrm                                    
Running migrations:                                                                                    
  Applying stucrm.0002_auto_20170625_1005... OK                                                        
PS D:\python\stu_crm>                                                                                  

django显示效果

这里写图片描述

2.权限如何验证
注意权限选项属于django的user表,用has_perm控制

In [1]: from stucrm import models

In [2]: u1=models.UserProfile.objects.last()

In [3]: u1
Out[3]: <UserProfile: 姜惠贞>

In [11]: u2=models.User.objects.last()

In [12]: u2
Out[12]: <User: HyejeongKang>

In [13]: u2.has_perm('can_del_customer')
Out[13]: False

In [14]: u2.has_perm('stucrm.can_del_customer')
Out[14]: True

3.较好的方式就是通过装饰器去实现权限功能。

4.权限优化
将权限存至models,并进行migrate
D:\python\stu_crm\stucrm\models.py

class UserProfile(models.Model):
    user = models.OneToOneField(User)
    name = models.CharField(max_length=64)
    class Meta:
        permissions = (
            ('view_customer_list', '查看用户列表'),
            ('view_customer_info', '查看用户详情'),
            ('edit_own_customer_info', '可以修改自己的客户的信息'),
        )

5.配置

定义监控选项具体的关联关系

# D:\python\stu_crm\stucrm\permissions.py
perm_dic = {
    'view_customer_list': ['customer_list','GET',[]],
    'view_customer_info': ['customer_detail','GET',[]],
    'edit_own_customer_info': ['customer_detail','POST',['test']],
}
# D:\python\stu_crm\stucrm\urls.py
url(r'^customers/(\d+)/$', views.customer_detail, name='customer_detail'),

# 实现url name代理固定域名
# D:\python\stu_crm\templates\crm\customers.html
<td><a href="{% url 'customer_detail' item.id %}">{{ item.id }}</a></td>


# D:\python\stu_crm\stucrm\urls.py
urlpatterns = [
    url(r'^$', views.dashboard),
    url(r'^customers/$', views.customers, name='customer_list'),
    url(r'^customers/(\d+)/$', views.customer_detail, name='customer_detail'),
]

引用permissions并采用装饰器的方式添加验证权限

from stucrm.permissions import check_permission
@check_permission
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值