day8 客户管理之默认展开非菜单URL
思路
表结构更改
rbac/models.py
from django.db import models
class Menu(models.Model):
"""
菜单表
"""
title = models.CharField(verbose_name='一级菜单名称', max_length=32)
icon = models.CharField(verbose_name='图标', max_length=32, null=True, blank=True)
def __str__(self):
return self.title
class Permission(models.Model):
"""
权限表
"""
title = models.CharField(verbose_name='标题', max_length=32)
url = models.CharField(verbose_name='含正则的URL', max_length=128)
menu = models.ForeignKey(verbose_name='所属菜单', to='Menu', null=True, blank=True, help_text='null表示不是菜单;非null表示是二级菜单')
pid = models.ForeignKey(verbose_name='关联的权限', to='Permission', null=True, blank=True,related_name='parents',
help_text='对于非菜单权限需要选择一个可以成为菜单的权限,用户做默认展开和选中菜单')
def __str__(self):
return self.title
class Role(models.Model):
"""
角色
"""
title = models.CharField(verbose_name='角色名称', max_length=32)
permissions = models.ManyToManyField(verbose_name='拥有的所有权限', to='Permission', blank=True)
def __str__(self):
return self.title
class UserInfo(models.Model):
"""
用户表
"""
name = models.CharField(verbose_name='用户名', max_length=32)
password = models.CharField(verbose_name='密码', max_length=64)
email = models.CharField(verbose_name='邮箱', max_length=32)
roles = models.ManyToManyField(verbose_name='拥有的所有角色', to='Role', blank=True)
def __str__(self):
return self.name
权限初始化逻辑修改
rbac/service/init_Permission.py
# -*- encoding: utf-8 -*-
"""
@File : init_Permission.py
@Time : 2021-12-16 22:30
@Author : tangsai
@Email : 294168604@qq.com
@Software: PyCharm
"""
from django.conf import settings
def init_Permission(current_user, request):
"""
用户权限的初始化
:param current_user: 当前用户对象
:param request: 请求相关所有数据
:return:
"""
# 2. 权限信息初始化
# 根据当前用户信息获取此用户所拥有的所有权限,并放入session。
# 当前用户所有权限
permission_queryset = current_user.roles.filter(permissions__isnull=False).values("permissions__id",
"permissions__title",
"permissions__url",
"permissions__pid_id",
"permissions__menu_id",
"permissions__menu__title",
"permissions__menu__icon"
).distinct()
# 3. 获取权限+菜单信息
permission_list = []
menu_dict = {}
for item in permission_queryset:
permission_list.append(
{'id': item['permissions__id'], 'url': item['permissions__url'], 'pid': item['permissions__pid_id']})
menu_id = item['permissions__menu_id']
if not menu_id:
continue
node = {'id': item['permissions__id'], 'title': item['permissions__title'], 'url': item['permissions__url']}
if menu_id in menu_dict:
menu_dict[menu_id]['children'].append(node)
else:
menu_dict[menu_id] = {
'title': item['permissions__menu__title'],
'icon': item['permissions__menu__icon'],
'children': [node, ]
}
request.session[settings.PERMISSION_SESSION_KEY] = permission_list
request.session[settings.MENU_SESSION_KEY] = menu_dict
inclusion_tag修改 rbac/templatetags/rbac.py
#!/usr/bin/env python
# -*- coding:utf-8 -*-
from django.template import Library
from django.conf import settings
from collections import OrderedDict
import re
register = Library()
@register.inclusion_tag('rbac/static_menu.html')
def static_menu(request):
"""
创建一级菜单
:return:
"""
menu_list = request.session[settings.MENU_SESSION_KEY]
return {'menu_list': menu_list}
@register.inclusion_tag('rbac/multi_menu.html')
def multi_menu(request):
"""
创建二级菜单
:return:
"""
menu_dict = request.session[settings.MENU_SESSION_KEY]
# 对字典的key进行排序
key_list = sorted(menu_dict)
# 空的有序字典
ordered_dict = OrderedDict()
for key in key_list:
val = menu_dict[key]
val['class'] = 'hide'
for per in val['children']:
if per['id'] == request.current_selected_permission:
per['class'] = 'active'
val['class'] = ''
ordered_dict[key] = val
return {'menu_dict': ordered_dict}
中间件修改
rbac/middlewares/rbac.py
#!/usr/bin/env python
# -*- coding:utf-8 -*-
import re
from django.utils.deprecation import MiddlewareMixin
from django.shortcuts import HttpResponse
from django.conf import settings
class RbacMiddleware(MiddlewareMixin):
"""
用户权限信息校验
"""
def process_request(self, request):
"""
当用户请求刚进入时候出发执行
:param request:
:return:
"""
"""
1. 获取当前用户请求的URL
2. 获取当前用户在session中保存的权限列表 ['/customer/list/','/customer/list/(?P<cid>\\d+)/']
3. 权限信息匹配
"""
current_url = request.path_info
for valid_url in settings.VALID_URL_LIST:
if re.match(valid_url, current_url):
# 白名单中的URL无需权限验证即可访问
return None
permission_list = request.session.get(settings.PERMISSION_SESSION_KEY)
if not permission_list:
return HttpResponse('未获取到用户权限信息,请登录!')
flag = False
for item in permission_list:
reg = "^%s$" % item['url']
if re.match(reg, current_url):
flag = True
request.current_selected_permission = item['pid'] or item['id']
break
if not flag:
return HttpResponse('无权访问')
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· AI技术革命,工作效率10个最佳AI工具