菜单接口
from django.contrib import auth
from django.contrib.auth.decorators import login_required,permission_required
from django.shortcuts import render,HttpResponse,HttpResponseRedirect,redirect,reverse
from django.http import HttpRequest,JsonResponse,HttpResponseForbidden
from django.views.decorators.csrf import csrf_exempt
from django.contrib.auth.models import User, Permission
@login_required(login_url="/login")
@csrf_exempt
def menu(request):
data=[{'text': '系统功能','iconCls': 'icon-more','state': 'open','children': [
{'text': '系统管理','url':'/admin'}]
},
{'text': '功能','iconCls': 'icon-more','state': 'open','children': [
{'text': '首页', 'url':'/about'},
{'text': '数据管理', 'url': '/datalist'},
]}
]
permissions = Permission.objects.filter(user=request.user)
codenames=[]
for per in permissions:
per:Permission
codenames.append(per.codename)
lib.expel_permission(data, codenames)
# Permissions that the user has via a group
# group_permissions = Permission.objects.filter(group__user=request.user)
response=JsonResponse(data=data,safe=False)
return response
视图接口
@login_required(login_url="/login")
@permission_required("views.about",login_url="/login/") #此处定义了这个接口对应的权限
def about(request):
return render(request,"about.html")
Lib库函数
def expel_permission(menu:list,codenames):
for m in menu:
if 'url' in m.keys() and m["url"] not in [f"/{codename}" for codename in codenames]:
menu.remove(m)
if 'children' in m.keys() and m["children"]:
expel_permission(m["children"],codenames)
配置接口权限类型,表django_content_type
配置权限内容,表auth_permission