1. 项目配置
项目结构
构建 Django 项目,结构如下
- MyProj03/
|__ Assets/
|__perms.py
|__models.py
|__views.py
|__urls.py
|__...
|__ MyProj03/
|__settings.py
|__urls.py
|__...
|__ UserManagement/
|__models.py
|__...
配置项目
MyProj03/MyProj03/settings.py
代码如下
INSTALLED_APPS = [
...
'rest_framework',
'UserManagement',
'Assets',
]
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
'Devices.perms.RbacPermission', # 自定义权限认证
],
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
)
}
AUTH_USER_MODEL = 'UserManagement.SysUsers'
用户模型
MyProj03/UserManagement/models.py
代码如下
class SysUsers(AbstractBaseUser):
id = models.BigAutoField(primary_key=True)
username = models.CharField(max_length=40, unique=True)
is_staff = models.BooleanField(
('staff status'),
default=False,
)
is_admin = models.BooleanField(default=False)
last_login = models.DateTimeField(blank=True, null=True)
is_active = models.SmallIntegerField(blank=True, null=True)
is_alive = models.SmallIntegerField(blank=True, null=True)
objects = UserManager()
USERNAME_FIELD = 'username'
class Meta:
db_table = 'sys_users'
verbose_name = "用户"
verbose_name_plural = "用户"
def __str__(self):
return self.username
添加几条数据
id | username | password | is_staff | is_admin | last_login_time | is_active | is_alive |
---|---|---|---|---|---|---|---|
1 | 吴敬中 | 123456 | 0 | 0 | 2021-06-24 14:58:22.118504 | 1 | 1 |
2 | 余则成 | 123456 | 0 | 1 | 2021-06-24 14:58:22.118504 | 1 | 1 |
3 | 王翠萍 | 123456 | 0 | 0 | 2021-06-24 14:58:22.118504 | 1 | 1 |
4 | 穆晚秋 | 123456 | 0 | 0 | 2021-06-24 14:58:22.118504 | 1 | 1 |
设备模型
MyProj03/Assets/models.py
代码如下
from django.db import models
# Create your models here.
class Devices(models.Model):
id = models.BigAutoField(primary_key=True)
name = models.CharField(max_length=32, blank=True, null=True)
dept_id = models.BigIntegerField(blank=True, null=True)
is_alive = models.SmallIntegerField(blank=True, null=True)
class Meta:
db_table = 'devices'
verbose_name = "设备"
verbose_name_plural = "设备"
def __str__(self):
return self.name
添加数据
id | name | dept_id | is_alive |
---|---|---|---|
1 | 总经办电话 | 1 | 1 |
2 | 总经办台式机1号 | 1 | 1 |
3 | 总经办台式机2号 | 1 | 1 |
4 | 总经办打印机1号 | 1 | 1 |
5 | 市场一部电话1号 | 2 | 1 |
6 | 市场一部电话2号 | 2 | 1 |
2. 权限设置
自定义权限
MyProj03/Assets/perms.py
from rest_framework.permissions import BasePermission
class UserPermission(BasePermission):
def has_permission(self, request, view):
if not request.user.is_admin:
return True
return False
视图模型
MyProj03/Assets/views.py
from .models import Assets
from rest_framework import serializers, viewsets
from Devices.perms import UserPermission
class DevicesSerializer(serializers.ModelSerializer):
class Meta:
model = Assets
fields = "__all__"
class DevicesViewSet(viewsets.ModelViewSet):
permission_classes = [UserPermission, ]
queryset = Assets.objects.all()
serializer_class = DevicesSerializer
路由设置
MyProj03/Assets/urls.py
from django.urls import path, include
from rest_framework import routers
from Assets.views import DevicesViewSet
router = routers.SimpleRouter()
router.register('devices', DevicesViewSet)
urlpatterns = [
path('', include(router.urls)),
]
MyProj03/MyProj03/urls.py
from django.urls import path, include
urlpatterns = [
path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
path('assets/', include('Assets.urls')),
]
3. 测试
使用 余则成 账号访问(is_admin==True
)数据,可访问
使用 吴敬中 账号访问(is_admin==False
)数据,不可访问
.
.
.
.
.
.
桃花仙人种桃树,又摘桃花换酒钱_