用户权限
当我们修改用户权限模型时
在djg1->settings:末尾添加
# 自动用户模型为我们自己创建的MyUser模型
AUTH_USER_MODEL='permission.MyUser'
permission->models.py:
from django.contrib.auth.models import User,Group,Permission, AbstractUser
from django.db import models
class MyUser(AbstractUser):
'''
自定义Django自带的User模型
'''
is_delete=models.BooleanField(default=0,verbose_name='是否删除')
class Meta:
# ('描述','权限')
permissions=(
('change_myuser_username','修改用户名'),
('change_myuser_password','修改密码')
)
permission->urls:
urlpatterns=[
# 创建admin用户
url(r'^create_user/',views.create_user,name='create_user'),
# 给用户添加权限
url(r'^add_user_permission/',views.add_user_permission,name='add_user_permission'),
# 给组分配权限
url(r'^add_group_permission/',views.add_group_permission,name='add_group_permission'),
# 给admin用户分配审核组
url(r'^add_user_group/',views.add_user_group,name='add_user_group'),
# 查询某个用户的权限列表
url(r'^user_permission/',views.user_permission,name='user_permission'),
url(r'^index/',views.index,name='index')
]
permission->views:
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.models import Permission,Group
from django.http import HttpResponse
from django.shortcuts import render
from permission.models import MyUser
def create_user(requset):
if requset.method=='GET':
MyUser.objects.create_user(username='admin',
password='123456')
return HttpResponse('用户创建成功')
def add_user_permission(request):
if request.method=='GET':
# 给姓名叫admin的用户添加修改用户名的权限
user=MyUser.objects.filter(username='admin').first()
per=Permission.objects.filter(codename='change_myuser_password').first()
# 添加权限
user.user_permissions.add(per)
# 删除权限
user.user_permissions.remove(per)
# 清空权限
user.user_permissions.clear()
return HttpResponse('添加用户权限成功')
def add_group_permission(request):
if request.method=='GET':
# 创建审核组,并分配查看和编辑
group=Group.objects.filter(name='审查组').first()
if group:
per_list=['change_myuser',
'delete_myuser',
'change_myuser_username',
'change_myuser_password']
# 获取四个权限
pers=Permission.objects.filter(codename__in=per_list)
for per in pers:
# 添加组和权限之间的关系
group.permissions.add(per)
# 删除组和权限之间的关系
# group.permissions.remove(per)
return HttpResponse('给组添加权限成功')
else:
# 添加审查组
Group.objects.create(name='审查组')
return HttpResponse('没有审核组,正在创建')
def add_user_group(request):
if request.method=='GET':
# 获取admin用户
user=MyUser.objects.filter(username='admin').first()
# 获取审查组
group=Group.objects.filter(name='审查组').first()
user.groups.add(group)
return HttpResponse('分配组成功')
def user_permission(request):
if request.method=='GET':
user=MyUser.objects.filter(username='admin').first()
permission=[]
# 1.用户和权限的关联关系
per1s=user.user_permissions.all()
for per1 in per1s:
permission.append(per1.codename)
# 2.用户和组的关联关系
groups=user.groups.all()
for group in groups:
# 组和权限的关联关系
per2s=group.permissions.all()
for per2 in per2s:
permission.append(per2.codename)
# 3.通过用户查询所有的权限
pers_all=user.get_all_permissions()
# 4.通过用户获取组权限
pers_group=user.get_group_permissions()
return HttpResponse(permission)
@permission_required('permission.change_myuser_username')
def index(request):
if request.method=='GET':
# change_myuser_username
return render(request, 'index.html')
utils->middleware:
from django.utils.deprecation import MiddlewareMixin
from permission.models import MyUser
class UserAuthMiddleWare(MiddlewareMixin):
def process_request(self, request):
user = MyUser.objects.get(username='admin')
request.user = user
return None
templates->index.html:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>首页</title>
</head>
<body>
{{user}}
{# perms全局变量,可以存储当前用户的所有权限,通过{{perms.应用名}}可以打印出当前用户的所有权限 #}
{{perms.permission}}
{% if perms.permission.add_myuser %}
<p>添加用户</p>
{% endif %}
{% if perms.permission.change_myuser %}
<p>修改用户</p>
{% endif %}
{% if perms.permission.delete_myuser %}
<p>删除用户</p>
{% endif %}
{% if perms.permission.change_myuser_username %}
<p>修改用户名</p>
{% endif %}
{% if perms.permission.change_myuser_password %}
<p>修改密码</p>
{% endif %}
</body>
</html>
