测试内容:当我单击登录页面登录的时候页面会弹出当前用户的个人信息
当我点击提交的时候可以看到我当前用户的所有权限:
测试成功,接下来看一下后台的简单代码:
class User(models.Model): ''' 用户信息表,与角色多对多(role) ''' username = models.CharField(max_length=32,verbose_name="用户名") password = models.CharField(max_length=32,verbose_name="密码") email = models.CharField(max_length=32,verbose_name="邮箱") roles = models.ManyToManyField(to="Role",related_name="user_role",verbose_name="具有的角色",blank=True) class Meta: verbose_name_plural = "用户表" def __str__(self): return self.username class Role(models.Model): ''' 角色表,和权限表多对多(permission) ''' title = models.CharField(max_length=32,verbose_name="角色名") permission = models.ManyToManyField(to="Permission",verbose_name="具有的所有权限",related_name="role_permission",blank=True) class Meta: verbose_name_plural = "角色表" def __str__(self): return self.title class Permission(models.Model): ''' 权限表,与用户信息表多对多(User) ''' url = models.CharField(max_length=32,verbose_name="含正则的URL") title = models.CharField(max_length=32,verbose_name="标题") is_menu = models.BooleanField(verbose_name="是否是菜单") class Meta: verbose_name = "权限表" def __str__(self): return self.title
from django.shortcuts import render,HttpResponse,redirect from . import models # Create your views here. def login(request): if request.method == 'GET': return render(request,"login.html") else: username = request.POST.get("username") password = request.POST.get("password") user = models.User.objects.filter(username=username,password=password).first() #获得当前用户的名字 role_list = user.roles.all().values_list("title") #通过user的外键获取到当前用户的角色 permission_list = user.roles.values_list("permission__title").distinct() #通过双下划线查找到权限,必须去重,否则会重复 if user: return render(request,"index.html",locals()) else: return HttpResponse("滚你大爷的蛋蛋...")
前端页面就不看了,测试效果如上,每个用户登录之后都可以看到他的角色和相应的权限