class UserProfile(auth.AbstractBaseUser, auth.PermissionsMixin): email = models.EmailField( verbose_name='email address', max_length=255, unique=True, ) is_active = models.BooleanField(default=True) # 是否是admin账户 is_admin = models.BooleanField(default=False) is_staff = models.BooleanField( verbose_name='staff status', default=False, help_text='Designates whether the user can log into this admin site.', ) name = models.CharField(max_length=32) # token = models.CharField('token', max_length=128,default=None,blank=True,null=True) department = models.ForeignKey('Department', verbose_name='部门', blank=True, null=True, on_delete=models.CASCADE) host_groups = models.ManyToManyField('HostGroups', verbose_name='授权主机组', blank=True) bind_hosts = models.ManyToManyField('BindHosts', verbose_name='授权主机', blank=True) memo = models.TextField('备注', blank=True, null=True, default=None) date_joined = models.DateTimeField(blank=True, null=True, auto_now_add=True) valid_begin_time = models.DateTimeField(default=django.utils.timezone.now, help_text="yyyy-mm-dd HH:MM:SS") valid_end_time = models.DateTimeField(blank=True, null=True, help_text="yyyy-mm-dd HH:MM:SS") # 把哪个字段当做用户名 USERNAME_FIELD = 'email' # REQUIRED_FIELDS = ['name','token','department','tel','mobile','memo'] # 必须有的字段 REQUIRED_FIELDS = ['name'] def get_full_name(self): # The user is identified by their email address return self.email def get_short_name(self): # The user is identified by their email address return self.email def __str__(self): # __str__ on Python 2 return self.email # def has_perm(self, perm, obj=None): # "Does the user have a specific permission?" # # Simplest possible answer: Yes, always # return True def has_perms(self, perm, obj=None): "Does the user have a specific permission?" # Simplest possible answer: Yes, always return True def has_module_perms(self, app_label): "Does the user have permissions to view the app `app_label`?" # Simplest possible answer: Yes, always return True # @property # def is_staff(self): # "Is the user a member of staff?" # # Simplest possible answer: All admins are staff # return self.is_admin @property def is_superuser(self): "Is the user a member of staff?" # Simplest possible answer: All admins are staff return self.is_admin objects = auth.UserManager() class Meta: verbose_name = '用户信息' verbose_name_plural = "用户信息" def __str__(self): return self.name class Meta: verbose_name = 'CrazyEye账户' verbose_name_plural = 'CrazyEye账户' permissions = ( ('web_access_dashboard', '可以访问 审计主页'), ('web_batch_cmd_exec', '可以访问 批量命令执行页面'), ('web_batch_batch_file_transfer', '可以访问 批量文件分发页面'), ('web_config_center', '可以访问 堡垒机配置中心'), ('web_config_items', '可以访问 堡垒机各配置列表'), ('web_invoke_admin_action', '可以进行admin action执行动作'), ('web_table_change_page', '可以访问 堡垒机各配置项修改页'), ('web_table_change', '可以修改 堡垒机各配置项'), ) 最后还需要在配置文件加上:AUTH_USER_MODEL = 'web.UserProfile'
