使用django的权限管理系统permission
1.为model添加权限
class Task(models.Model): ....... class Meta: permissions = ( ('oprater_task','can change the tasks'), )
2.views中可以使用如下方法来操作权限
print request.user.has_perm('conf.oprater_task') #conf为应用名,后面的为权限名 ..... myuser.user_permissions = [permission_list] #myuser为通过request.user获取的user对象 myuser.user_permissions.add(permission, permission, ...) myuser.user_permissions.remove(permission, permission, ...) myuser.user_permissions.clear()
3.在template中使用权限方法:
{% if perms.conf %} <p>You have permission to do something in the foo app.</p> {% if perms.conf.oprater_task %} <p>You can vote!</p> {% endif %} {% if perms.conf.oprater_task %} <p>You can drive!</p> {% endif %} {% else %} <p>You don't have permission to do anything in the foo app.</p> {% endif %}
4.permission提供的装饰器
from django.contrib.auth.decorators import login_required @login_required def my_view(request): # ... def user_can_vote(user): return user.is_authenticated() and user.has_perm("polls.can_vote") @user_passes_test(user_can_vote, login_url="/login/") def vote(request): # Code here can assume a logged-in user with the correct permission. ... from django.contrib.auth.decorators import permission_required @permission_required('polls.can_vote', login_url="/login/") def vote(request):
5.user_passes_test的简便用法
@user_passes_test(lambda u: u.is_superuser) #django源代码中的user_passes_test def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """ 注意该函数的第一个参数 Decorator for views that checks that the user passes the given test, redirecting to the log-in page if necessary. The test should be a callable that takes the user object and returns True if the user passes. """ def decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): if test_func(request.user): return view_func(request, *args, **kwargs) path = request.build_absolute_uri() # If the login url is the same scheme and net location then just # use the path as the "next" url. login_scheme, login_netloc = urlparse.urlparse(login_url or settings.LOGIN_URL)[:2] current_scheme, current_netloc = urlparse.urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() from django.contrib.auth.views import redirect_to_login return redirect_to_login(path, login_url, redirect_field_name) return _wrapped_view return decorator
6.判断是否为超级管理员的过滤器:
@user_passes_test(lambda u: u.is_superuser)