1

我正在开发一个 Django 系统,其中有四个用户级别:1.基本(仅限访问)2.管理员(可以更新/更改/删除)3.网守(只能创建管理员用户,不能更新/更改/删除) 4. 开发者(真正的超级用户)

我想我有一些权限:

    from django.conf import settings
from django.contrib.auth.models import (
    BaseUserManager, AbstractBaseUser
)
from django.core.validators import RegexValidator
from django.db import models
from django.db.models.signals import post_save


class CustomUserManager(BaseUserManager):
    """Customer User."""

    def create_user(self, email, password=None):
        """Creates and saves a user."""
        if not email:
            raise ValueError('Users must have an email address')

        user = self.model(
            email=self.normalize_email(email),
        )

        user.set_password(password)
        user.save(using=self._db)
        return user

    def create_admin(self, email):
        """Creates and saves an admin user with a temporary password."""
        user = self.create_user(
            email,
            password=BaseUserManager.make_random_password(self, 12)
        )
        user.is_admin = True
        user.save(using=self.db)
        return user


    def create_gatekeeper(self, email, password):
        """Creates and saves a gatekeeper."""
        user = self.create_user(
            email,
            password=password,
        )
        user.is_admin = True
        user.is_gatekeeper = True
        user.save(using=self.db)
        return user

    def create_superuser(self, email, password):
        """Creates and saves a superuser."""
        user = self.create_user(
            email,
            password=password,
        )
        user.is_admin = True
        user.is_gatekeeper = True
        user.is_developer = True
        user.save(using=self._db)
        return user


class CustomUser(AbstractBaseUser):
    email = models.EmailField(
        verbose_name='email address',
        max_length=255,
        unique=True,
    )

    is_active = models.BooleanField(default=True)
    is_admin = models.BooleanField(default=False)
    is_gatekeeper = models.BooleanField(default=False)
    is_developer = models.BooleanField(default=False)

    objects = CustomUserManager()

    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = []

    # def __str__(self):
    #     return self.email

    def __str__(self):
        return self.email

    def has_perm(self, perm, obj=None):
        # Does the user have a specific permission?
        # Simplest possible answer: Yes, always
        return True

    def has_module_perms(self, app_label):
        # "Does the user have permissions to view the app `app_label`?"
        # Simplest possible answer: Yes, always
        return True

    class Meta:
        db_table = 'customuser'
        verbose_name = 'CustomUser'

但是,我并没有与如何创建网守和管理员建立联系。我知道我可以通过命令行做到这一点,但我想要

a) 开发人员可以创建看门人的表单 b) 看门人可以创建管理员的表单

由于我们的管理站点需要大量定制,我们不会使用 Django Admin 并且可能会构建我们自己的功能。我将如何去调用类似create_gatekeeperDjango 表单内部的东西?将 Django 管理页面子类化并自定义它们是更好的方法吗?

4

1 回答 1

1

您可能应该使用群组并向这些群组添加权限;;;但是在您的 3 个演员中,您可以使用来自用户模型的 django 内置属性...

用户:您的普通用户只需将其他任何内容创建为 User 类,例如 is_something ...

管理员您可以使用属性 is_staff 该属性来自用户模型,并允许您的用户访问 django 管理员...

开发人员您可以将他创建为超级用户,因此所有权限都会自行添加到您的模型中

事情是关于网守的,所以如果你开始创建标志,如 is_admin、is_gatekeeper 等......你将开始处理多个属性,这是一个坏主意,所以当你使用组时,你可以创建用户组、开发人员组(因为他们是超级管理员,你真的不需要这样做),管理员组(添加你想给这个组的每个权限[例如,你可以给他的博客模型博客 add_blog、change_blog 和 delete_blog,但你可以添加您的自定义也是])与其他组相同...

例如。

# List of my Permissions that i want to add to my groups
PERMISSIONS = {
    STUDENT : ['add_student', 'change_student',
                  'delete_student', 'editpreview_student'],
    PROJECT: ['add_project', 'change_project', 'delete_project', 'editpreview_project'],

}

# Creating 2 Groups
grupo_admin, created = Group.objects.get_or_create(name='admin') 
grupo_teachers, created = Group.objects.get_or_create(name='teacher')    


for func_perm in PERMISSIONS [STUDENT]:
    perm = Permission.objects.get(codename=func_perm)
    grupo_admin.permissions.add(perm) # Adding Student Permission to my Admin Group
    grupo_teachers.permissions.add(perm)  # Adding Student Permission to my Teachers Group
for func_perm in PERMISSOES[PROJECT]:
    perm = Permission.objects.get(codename=func_perm)
    grupo_admin.permissions.add(perm) # Adding Project Permission only to my Admin Group

在您的视图中,您可以像这样检查权限

@user_passes_test(lambda u: u.has_perm('myapp.permission_code'))
def some_view(request):
    # ...

你的HTML你可以这样检查

{% if perms.student.change_student %}
  <li>
    <a href="/admin/student/student/">
      <i class="fa fa-graduation-cap" aria-hidden="true"></i> 
      <span>Students</span>
    </a>
   </li>  
{% endif %}
于 2018-07-24T19:58:08.287 回答