Python 学习 第十篇 CMDB用户权限管理
Python 学习 第十篇 CMDB用户权限管理
2016-10-10 16:29:17
标签: python
版权声明:原创作品,谢绝转载!否则将追究法律责任。
不管是什么系统,用户权限都是至关重要的。所以我在注册用户的时候,就为他们分了两种权限。一种是普通用户的权限,一种是管理员权限。普通用户在数据库中的value是user,管理员的value是admin。
因为我想设计的系统是只有一位管理员的。所以这里我没有根据角色来进行判断。而是根据他的用户名来判断。管理员的用户名是唯一的,那就是admin。
闲话少说,先把注册用户的代码贴上来
逻辑端:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
@app .route( "/adduser" ,methods = [ 'GET' , 'POST' ]) def adduser(): if request.method = = "GET" : username = session.get( "name" ) return render_template( "register.html" ,username = username) #前端post请求,逻辑端通过request.form获取整个表单的值 if request.method = = "POST" : userlist = dict ((k,v[ 0 ]) for k,v in dict (request.form).items()) userlist[ 'password' ] = hashlib.md5(userlist[ 'password' ] + salt).hexdigest() userlist[ 're_password' ] = hashlib.md5(userlist[ 're_password' ] + salt).hexdigest() if userlist[ "name" ] in [ n.values()[ 0 ] for n in get_userlist([ "name" ]) ]: errmsg = "username is exist" return json.dumps({ 'code' : '1' , 'errmsg' :errmsg}) if not userlist[ "name" ] or not userlist[ "password" ]: errmsg = "username and password is not empty" return json.dumps({ 'code' : '1' , 'errmsg' :errmsg}) if userlist[ "password" ] ! = userlist[ "re_password" ]: errmsg = "password is error" return json.dumps({ 'code' : '1' , 'errmsg' :errmsg}) fields = [ "name" , "name_cn" , "password" , "mobile" , "email" , "role" , "status" ] values = [ '%s' % userlist[x] for x in fields] userdict = dict ([(k,values[i]) for i,k in enumerate (fields)]) add_user(userdict) return json.dumps({ 'code' : '0' , 'result' : "register sucess" }) |
数据端代码:
1
2
3
4
|
def add_user(userlist): sql = "insert into users(%s)values('%s')" % ( "," .join(userlist.keys()), "','" .join(userlist.values())) curs.execute(sql) conn.commit() |
前端代码:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
...省略 < div class = "form-group" > < label for = "password" class = "col-sm-2 control-label" >密码< span class = "red-fonts" ></ span ></ label > < div class = "col-sm-8" > < input id = "password" name = "password" placeholder = "密码" type = "password" class = "form-control" > </ div > </ div > < div class = "form-group" > < label for = "password" class = "col-sm-2 control-label" >确认密码</ label > < div class = "col-sm-8" > < input id = "re_password" name = "re_password" placeholder = "再次确认密码" type = "password" class = "form-control" > </ div > </ div > < div class = "form-group" > < label for = "role" class = "col-sm-2 control-label" >角色</ label > < div class = "col-sm-8" > < select name = "role" > < option value = "admin" class = "form-control" >管理员</ option > < option value = "user" class = "form-control" >普通用户</ option > </ select > </ div > </ div > < div class = "form-group" > < label for = "status" class = "col-sm-2 control-label" >状态</ label > < div class = "col-sm-8" > < select name = "status" > < option value = "0" class = "form-control" >激活</ option > < option value = "1" class = "form-control" >锁定</ option > </ select > </ div > </ div > ...省略 |
因为我的前端是从别的地方套用过来的。这里我采用了继承
判断用户权限就在base.html这个模板里面做
1
2
3
4
5
6
|
< ul class = "nav nav-second-level collapse" > < li class = "group" >< a href = "/userinfo" >个人中心</ a ></ li > {%if username=='admin'%} < li class = "user" >< a href = "/userlist" >用户列表</ a ></ li > {%endif%} </ ul > |
这里的username 是从逻辑端传到前端的。细心的同学好好看下就知道了
1
2
3
4
5
6
7
8
9
10
|
< li id = "jasset" > < a >< i class = "fa fa-inbox" ></ i > < span class = "nav-label" >资产管理</ span >< span class = "fa arrow" ></ span ></ a > {%if username=='admin'%} < ul class = "nav nav-second-level collapse" > < li class = "group" >< a href = "/idc" >机房管理</ a ></ li > < li class = "asset" > < a href = "/cabinet" >机柜管理</ a ></ li > < li class = "idc" > < a href = "/server" >服务器管理</ a ></ li > </ ul > {%endif%} </ li > <!-- 资产管理 --> |
到这里。用户权限就已经做完了
普通用户只可以看到他自己的个人信息。
管理员用户可以看到所有的信息
本文出自 “不抛弃!不放弃” 博客,谢绝转载!