day15 权限分配
思路
设置路由:rbac/urls.py
url(r'^distribute/permissions/$', menu.distribute_permissions, name='distribute_permissions'),
后端代码菜单视图新增分配权限逻辑
rbac/views/menu.py
def distribute_permissions(request):
"""
权限分配
:param request:
:return:
"""
user_id = request.GET.get('uid')
user_object = models.UserInfo.objects.filter(id=user_id).first()
if not user_object:
user_id = None
role_id = request.GET.get('rid')
role_object = models.Role.objects.filter(id=role_id).first()
if not role_object:
role_id = None
if request.method == 'POST' and request.POST.get('type') == 'role':
role_id_list = request.POST.getlist('roles')
# 用户和角色关系添加到第三张表(关系表)
if not user_object:
return HttpResponse('请选择用户,然后再分配角色!')
user_object.roles.set(role_id_list)
if request.method == 'POST' and request.POST.get('type') == 'permission':
permission_id_list = request.POST.getlist('permissions')
if not role_object:
return HttpResponse('请选择角色,然后再分配权限!')
role_object.permissions.set(permission_id_list)
# 获取当前用户拥有的所有角色
if user_id:
user_has_roles = user_object.roles.all()
else:
user_has_roles = []
user_has_roles_dict = {item.id: None for item in user_has_roles}
# 获取当前用户用户用户的所有权限
# 如果选中的角色,优先显示选中角色所拥有的权限
# 如果没有选择角色,才显示用户所拥有的权限
if role_object: # 选择了角色
user_has_permissions = role_object.permissions.all()
user_has_permissions_dict = {item.id: None for item in user_has_permissions}
elif user_object: # 未选择角色,但选择了用户
user_has_permissions = user_object.roles.filter(permissions__id__isnull=False).values('id',
'permissions').distinct()
user_has_permissions_dict = {item['permissions']: None for item in user_has_permissions}
else:
user_has_permissions_dict = {}
all_user_list = models.UserInfo.objects.all()
all_role_list = models.Role.objects.all()
menu_permission_list = []
# 所有的菜单(一级菜单)
all_menu_list = models.Menu.objects.values('id', 'title')
"""
[
{id:1,title:菜单1,children:[{id:1,title:x1, menu_id:1,'children':[{id:11,title:x2,pid:1},] },{id:2,title:x1, menu_id:1 },]},
{id:2,title:菜单2,children:[{id:3,title:x1, menu_id:2 },{id:5,title:x1, menu_id:2 },]},
{id:3,title:菜单3,children:[{id:4,title:x1, menu_id:3 },]},
]
"""
all_menu_dict = {}
"""
{
1:{id:1,title:菜单1,children:[{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },{id:2,title:x1, menu_id:1,children:[] },]},
2:{id:2,title:菜单2,children:[{id:3,title:x1, menu_id:2,children:[] },{id:5,title:x1, menu_id:2,children:[] },]},
3:{id:3,title:菜单3,children:[{id:4,title:x1, menu_id:3,children:[] },]},
}
"""
for item in all_menu_list:
item['children'] = []
all_menu_dict[item['id']] = item
# 所有二级菜单
all_second_menu_list = models.Permission.objects.filter(menu__isnull=False).values('id', 'title', 'menu_id')
"""
[
{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },
{id:2,title:x1, menu_id:1,children:[] },
{id:3,title:x1, menu_id:2,children:[] },
{id:4,title:x1, menu_id:3,children:[] },
{id:5,title:x1, menu_id:2,children:[] },
]
"""
all_second_menu_dict = {}
"""
{
1:{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },
2:{id:2,title:x1, menu_id:1,children:[] },
3:{id:3,title:x1, menu_id:2,children:[] },
4:{id:4,title:x1, menu_id:3,children:[] },
5:{id:5,title:x1, menu_id:2,children:[] },
}
"""
for row in all_second_menu_list:
row['children'] = []
all_second_menu_dict[row['id']] = row
menu_id = row['menu_id']
all_menu_dict[menu_id]['children'].append(row)
# 所有三级菜单(不能做菜单的权限)
all_permission_list = models.Permission.objects.filter(menu__isnull=True).values('id', 'title', 'pid_id')
"""
[
{id:11,title:x2,pid:1},
{id:12,title:x2,pid:1},
{id:13,title:x2,pid:2},
{id:14,title:x2,pid:3},
{id:15,title:x2,pid:4},
{id:16,title:x2,pid:5},
]
"""
for row in all_permission_list:
pid = row['pid_id']
if not pid:
continue
all_second_menu_dict[pid]['children'].append(row)
"""
[
{
id:1,
title:'业务管理'
children:[
{
'id':11,
title:'账单列表',
children:[
{'id':12,title:'添加账单'}
]
},
{'id':11, title:'客户列表'},
]
},
]
"""
return render(
request,
'rbac/distribute_permissions.html',
{
'user_list': all_user_list,
'role_list': all_role_list,
'all_menu_list': all_menu_list,
'user_id': user_id,
'role_id': role_id,
'user_has_roles_dict': user_has_roles_dict,
'user_has_permissions_dict': user_has_permissions_dict,
}
)
前端代码模板
rbac/templates/rbac/distribute_permissions.html
{% extends 'layout.html' %}
{% load rbac %}
{% block css %}
<style>
table {
font-size: 12px;
}
.user-area ul {
padding-left: 20px;
}
.user-area li {
cursor: pointer;
padding: 2px 0;
}
.user-area li a {
display: block;
}
.user-area li.active {
font-weight: bold;
color: red;
}
.user-area li.active a {
color: red;
}
.role-area tr td a {
display: block;
}
.role-area tr.active {
background-color: #f1f7fd;
border-left: 3px solid #fdc00f;
}
.panel-body {
font-size: 12px;
}
.permission-area tr.root {
background-color: #f1f7fd;
}
.permission-area tr.root td i {
margin: 3px;
}
.permission-area .node {
}
.permission-area .node input[type='checkbox'] {
margin: 0 5px;
}
.permission-area .node .parent {
padding: 5px 0;
}
.permission-area .node label {
font-weight: normal;
margin-bottom: 0;
font-size: 12px;
}
.permission-area .node .children {
padding: 0 0 0 20px;
}
.permission-area .node .children .child {
display: inline-block;
margin: 2px 5px;
}
.select-help {
float: right;
}
.select-help label {
font-weight: normal;
cursor: pointer;
}
.select-help .check-all {
float: left;
display: inline-block;
margin-right: 8px;
}
</style>
{% endblock %}
{% block content %}
<div class="luffy-container">
<div class="col-md-3 user-area">
<div class="panel panel-default">
<!-- Default panel contents -->
<div class="panel-heading">
<i class="fa fa-book" aria-hidden="true"></i> 用户信息
</div>
<div class="panel-body">
<ul>
{% for row in user_list %}
<li class="{% if row.id|safe == user_id %}active{% endif %}">
<a href="?uid={{ row.id }}">{{ row.name }}</a>
</li>
{% endfor %}
</ul>
</div>
</div>
</div>
<div class="col-md-3 role-area">
<form method="post">
{% csrf_token %}
<input type="hidden" name="type" value="role">
<div class="panel panel-default">
<!-- Default panel contents -->
<div class="panel-heading">
<i class="fa fa-gavel" aria-hidden="true"></i> 角色信息
{% if user_id %}
<button
class="right btn btn-success btn-xs"
style="padding: 2px 8px;margin: -3px;">
<i class="fa fa-save" aria-hidden="true"></i>
保存
</button>
{% endif %}
</div>
<div class="panel-body" style="color: #d4d4d4;padding:10px 5px;">
提示:点击用户后才能为其分配角色
</div>
<!-- Table -->
<table class="table">
<thead>
<tr>
<th>角色</th>
<th>选项</th>
</tr>
</thead>
<tbody>
{% for row in role_list %}
<tr class="{% if row.id|safe == role_id %}active{% endif %}">
<td>
{% if user_id %}
<a href="?uid={{ user_id }}&rid={{ row.id }}">{{ row.title }}</a>
{% else %}
<a href="?rid={{ row.id }}">{{ row.title }}</a>
{% endif %}
</td>
<td>
<input type="checkbox" name="roles" value="{{ row.id }}"
{% if row.id in user_has_roles_dict %}checked{% endif %}>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</form>
</div>
<div class="col-md-6 permission-area">
<form method="post">
{% csrf_token %}
<input type="hidden" name="type" value="permission">
<div class="panel panel-default">
<div class="panel-heading">
<i class="fa fa-gavel" aria-hidden="true"></i> 权限分配
{% if role_id %}
<button href="#"
class="right btn btn-success btn-xs"
style="padding: 2px 8px;margin: -3px;">
<i class="fa fa-save" aria-hidden="true"></i>
保存
</button>
{% endif %}
</div>
<div class="panel-body" style="color: #d4d4d4;padding:10px 5px;">
提示:点击角色后才能为其分配权限
</div>
<table class="table">
<tbody>
{% for item in all_menu_list %}
<tr class="root">
<td>
<i class="fa fa-caret-down" aria-hidden="true"></i>
{{ item.title }}
<div class="select-help">
<div class="check-all">
<label for="check_all_{{ item.id }}">全选</label>
<input id="check_all_{{ item.id }}" type="checkbox">
</div>
</div>
</td>
</tr>
{% if item.children %}
<tr class="node">
<td>
{% for node in item.children %}
<div class="parent">
<input id="permission_{{ node.id }}" name="permissions"
{% if node.id in user_has_permissions_dict %}checked{% endif %}
value="{{ node.id }}" type="checkbox">
<label for="permission_{{ node.id }}">{{ node.title }}(菜单)</label>
</div>
<div class="children">
{% for child in node.children %}
<div class="child">
<input id="permission_{{ child.id }}" name="permissions"
{% if child.id in user_has_permissions_dict %}checked{% endif %}
type="checkbox" value="{{ child.id }}">
<label for="permission_{{ child.id }}">{{ child.title }}</label>
</div>
{% endfor %}
</div>
{% endfor %}
</td>
</tr>
{% endif %}
{% endfor %}
</tbody>
</table>
</div>
</form>
</div>
</div>
{% endblock %}
{% block js %}
<script type="text/javascript">
$(function () {
$('.check-all input:checkbox').change(function () {
$(this).parents('.root').next().find(':checkbox').prop('checked',$(this).prop('checked'));
})
})
</script>
{% endblock %}
权限代码可以放开了
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· AI技术革命,工作效率10个最佳AI工具