最近完成这样的一个需求,比如说一个网页有几个按钮(添加,编辑,删除,查看),张三用户可以访问这几个按钮,李四只能查看(没有其它权限),怎么办?我相信对于初学者来说,完成这样的需求,确实有点难度,作者也是折腾了2天,才懂的一点皮毛,在这里非常感谢我的同事雪姐,耐心的给我讲解。言归正传,把这个流程跟大家分享一下.(高手勿喷)
首先设计表结构
创建一个用户表,并且做了一对一关联django user表
1.自定义用户表
from __future__ import unicode_literals
from django.db import models
from django.contrib.auth.models import User
# Create your models here.
#自定义用户表
class Userinfo(models.Model):
user = models.OneToOneField(User) #关联django user表
username = models.CharField(max_length=100)
password = models.CharField(max_length=100)
def __unicode__(self):
return self.username
2.自定义权限表
class quanxian(models.Model):
shuoming=models.CharField(max_length=100)
def __unicode__(self):
return self.shuoming
class Meta:
permissions = (
('edit', u'编辑权限'),
('add', u'添加权限'),
('DEL',u'删除权限'),
('list',u'查看权限'),
)
3.views.py定义一个login视图方法
from test01.models import Userinfo
from django import forms
from django.contrib import auth
from django.contrib.auth.models import User
from django.contrib.auth import authenticate
from django.template import RequestContext
# Create your views here.
class UserForm(forms.Form):
username = forms.CharField(label="user",max_length=100)
password = forms.CharField(label="passwd",widget=forms.PasswordInput())
def index(request):
return render_to_response('index.html')
def login(request):
if request.method == 'POST':
uf = UserForm(request.POST)
if uf.is_valid():
username = uf.cleaned_data['username']
password = uf.cleaned_data['password']
print username,password,"[*******]"
user1 = authenticate(username=username, password=password)
is_add = True if user1.has_perm('test01.add') else False
print 'user1--->',user1,user1.has_perm('test01.add'), is_add
if user1:
return render_to_response('index.html',locals(), context_instance=RequestContext(request))
else:
return HttpResponseRedirect('/login/')
else:
uf = UserForm()
return render_to_response('login.html',{'uf':uf})
4.在admin.py注册models.py里的表
from django.contrib import admin
from test01 import models
admin.site.register(models.quanxian)
admin.site.register(models.Userinfo)
5.urls.py
from django.conf.urls import url
from django.contrib import admin
from test01 import views
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^index/$',views.index),
url(r'^$', views.login, name='login'),
]
6.初始化数据表,创建后台admin管理员
python manage.py makemigrations
python manage.py migrate
创建后台admin管理员
bogon:model_test will.xin$ python manage.py createsuperuser
Username (leave blank to use 'will.xin'): admin
Email address:
Password:
Password (again):
Superuser created successfully.
7.登录admin后台,创建用户
点击张三用户,赋予张三用户增加,编辑,删除权限
李四用户不给任何权限
8.前端页面
vim login.html
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>登录</title>
</head>
<body>
<h1>登录页面:</h1>
<form method = 'post' enctype="multipart/form-data">
{{uf.as_p}}
<input type="submit" value = "ok" />
</form>
</body>
</html>
index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>index</title>
</head>
<body>
{% if is_add %}
<button>编辑</button>
<button>添加</button>
<button>删除</button>
{% else %}
<button>查看</button>
{% endif %}
<div>欢迎{{ username }} 登录</div>
</body>
</html>
9.测试
首先用zhangsan用户登录
lisi用户登录后