這篇文章主要介紹了Django 權限認證(根據不同的用戶,設置不同的顯示和訪問權限),文中通過示例代碼介紹的非常詳細,對大家的學習或者工作具有一定的參考學習價值,需要的朋友們下面隨着小編來一起學習學習吧
示意圖:
html:(模態框等 html和js代碼,參考:Django 創建/刪除用戶)
{# 權限管理 #} <div id="permissionManageDiv" style="margin-left: 10px; display: none;"> <div> <h4 style="margin-top: 15px;">選擇用戶</h4> <hr style="margin-top: 5px;" /> <select name="usernamePermission" id="usernamePermission" class="selectpicker" data-live-search="true"> {% for user in users %} <option value="{{ user.username }}">{{ user.username }}</option> {% endfor %} </select> <hr /> </div> <div> <h4 style="margin-top: 15px;">勾選權限</h4> <hr style="margin-top: 5px;" /> <div style="margin-bottom: 10px;"> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">玩家管理</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="0" /> </span> </div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">聯盟管理</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="1" /> </span> </div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">公告郵件</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="2" /> </span> </div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">訂單系統</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="3" /> </span> </div> <div class="input-group input-group-lg" style=""> <span class="input-group-addon">禮包獎勵</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="4" /> </span> </div> </div> <div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">客服反饋</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="5" /> </span> </div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">玩家日誌</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="6" /> </span> </div> <div class="input-group input-group-lg" style="float: left; margin-right: 10px;"> <span class="input-group-addon">服務器管理</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="7" /> </span> </div> <div class="input-group input-group-lg"> <span class="input-group-addon">管理員管理</span> <span class="input-group-addon"> <input type="checkbox" name="permissionList" value="8" /> </span> </div> </div> </div> <button type="button" id="changePermissionBtn" class="btn btn-default" style="width: 100px; margin-top: 15px;" data-toggle="modal" data-target="#alertTip" data-whatever="重置權限?" >提 交</button> </div>
js:
// 修改權限 function changePermission() { var permissionList = $('input[name="permissionList"]:checked'); var permissions = ''; $.each(permissionList, function (index, value, array) { if (index+1 == permissionList.length) { // 最後一位,不加逗號 permissions += permissionList[index].value; } else { permissions += permissionList[index].value + ', '; } }); $.ajax({ url: '/changePermission', type: 'POST', data: { username: $('#usernamePermission').val(), permissions: permissions }, success: function (data, textStatus) { if (data == 1) { alert('修改成功!'); window.location.href = 'index'; } else if (data == -1) { alert('未知錯誤!'); } }, error: function (XMLHttpRequest, textStatus, errorThrown) { alert(errorThrown); } }) }
Django models 中,建立 模型: (這一步很重要!!!)
– 建立好後,記得用 makemigrations 和 migrate 同步一下!!
from django.db import models class Permission(models.Model): class Meta: #權限信息,這裏定義的權限的名字,後面是描述信息,描述信息是在django admin中顯示權限用的 permissions = ( ('views_slg_users_tem', '查看玩家管理'), ('views_slg_alliance_tem', '查看聯盟管理'), ('views_slg_mail_notice_tem', '查看公告郵件'), ('views_slg_order_tem', '查看訂單系統'), ('views_slg_reward_tem', '查看禮包獎勵'), ('views_slg_service_reply_tem', '查看客服反饋'), ('views_slg_user_log_tem', '查看玩家日誌'), ('views_slg_server_tem', '查看服務器管理'), ('views_slg_manager_tem', '查看管理員管理'), )
建立好後,數據庫表(auth_permission)類似於這樣: (id 那一列,很重要!!我們後面添加權限要用到的!!)
後端python–views視圖:
from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.models import User from django.views.decorators.http import require_http_methods from django.http import HttpResponse from django.shortcuts import render from slg.models.slg.slg_manager_tem import db_change_permission) # 修改權限 @login_required(login_url='slg:login') @require_http_methods(["POST"]) @permission_required('slg.views_slg_manager_tem', login_url='slg:get_permissionDenied') def change_permission(request): permissionsList = [ 'views_slg_users_tem', 'views_slg_mail_notice_tem', 'views_slg_order_tem', 'views_slg_reward_tem', 'views_slg_service_reply_tem', 'views_slg_user_log_tem', 'views_slg_server_tem', 'views_slg_manager_tem' ] username = request.POST['username'] permissions = request.POST['permissions'].split(', ') if permissions[0] != '': # 不爲空時 for index, value in enumerate(permissions): permissions[index] = permissionsList[int(value)] # 將 數字 替換爲 上面數組中的 字符串 print(permissions) else: permissions = [] changeResult = db_change_permission(username, permissions) return HttpResponse(changeResult)
後端python–models視圖:
from django.contrib.auth.models import User from django.contrib.auth import authenticate from django.db.utils import IntegrityError from . import db_models as db # 修改權限 def db_change_permission(username, permissions): try: user = User.objects.get(username=username) if permissions: pers = [] for per in permissions: db_per = db.AuthPermission.objects.filter(codename=per).values('id')[0]['id'] # 只把 id 取出來 pers.append(db_per) #print(pers) # 形如: [147, 150, 152] 數字爲 auth_permission 中的 id user.user_permissions = pers # 這裏,只能 加 id,加 codename 是不行的!!! else: user.user_permissions.clear() User.objects.get(username=username) # 刷新 緩存 #print(user.get_all_permissions()) except Exception: return -1 else: return 1 # 修改成功
錯誤頁面相關: (它是類似於:403, 404 等頁面的彙總,也需要設置相關路由)
permissionDenied.html:
<!DOCTYPE html> <html lang="en"> {% load staticfiles %} <head> <meta charset="UTF-8"> <title>403</title> </head> <body> <h1>403</h1> <h2>You don't have enought permissions to this action!</h2> </body> </html>
view視圖:
from django.contrib.auth.decorators import login_required from django.views.decorators.http import require_http_methods from django.shortcuts import render # GET 渲染 403頁面 @login_required(login_url='slg:login') @require_http_methods(["GET", "POST"]) def get_permissionDenied(request): return render(request, 'slg/permissionDenied.html')
url路由:
'''總路由,路由分發地''' from django.conf.urls import url, include urlpatterns = [ url(r'^', include('slg.urls.slg.error')), # 錯誤頁面 相關路由 ]
'''子路由,這裏進入具體的html頁面''' from django.conf.urls import url from slg.views.slg import error urlpatterns = [ url(r'^permissionDenied$', error.get_permissionDenied, name='get_permissionDenied'), # 403頁面 ]
正常頁面的 權限設置:
base.html:(模板頁面,所有頁面都繼承於此)
{% if 'slg.views_slg_users_tem' in perms %} {# 判斷 是否 有訪問權限,沒有的話,就不顯示該菜單 #} <li role="presentation" class="main-menu" id="top_one"> <a href="{% url 'slg:get_slg_users_tem' %}" rel="external nofollow" style="margin-left: 5px;"><span class="glyphicon glyphicon-fire"></span>玩家管理</a> </li> {% endif %}
其他 veiws視圖 中的設置:
from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.models import User from django.views.decorators.http import require_http_methods from django.shortcuts import render # GET 渲染頁面 (其他的POST請求中,最好也加入 @permission_required 用來限制訪問) @login_required(login_url='slg:login') @require_http_methods(["GET"]) @permission_required('slg.views_slg_users_tem', login_url='slg:get_permissionDenied') #權限裝飾器 def get_users_tem(request): perms = User.get_all_permissions(request.user) #獲取 訪問請求 用戶的 所有權限 context = {"perms": perms} return render(request, 'slg/slg_users_tem.html', context=context)
以上就是本文的全部內容,希望對大家的學習有所幫助,也希望大家多多支持神馬文庫。