1.为model添加权限
class Task(models.Model):
.......
class Meta:
permissions = (
('oprater_task','can change the tasks'),
)
2.views中可以使用如下方法来操作权限
print request.user.has_perm('conf.oprater_task') #conf为应用名,后面的为权限名
.....
myuser.user_permissions = [permission_list] #myuser为通过request.user获取的user对象
myuser.user_permissions.add(permission, permission, ...)
myuser.user_permissions.remove(permission, permission, ...)
myuser.user_permissions.clear()
3.在template中使用权限方法:
{% if perms.conf %}
<p>You have permission to do something in the foo app.</p>
{% if perms.conf.oprater_task %}
<p>You can vote!</p>
{% endif %}
{% if perms.conf.oprater_task %}
<p>You can drive!</p>
{% endif %}
{% else %}
<p>You don't have permission to do anything in the foo app.</p>
{% endif %}
4.permission提供的装饰器
from django.contrib.auth.decorators import login_required
@login_required
def my_view(request):
# ...
def user_can_vote(user):
return user.is_authenticated() and user.has_perm("polls.can_vote")
@user_passes_test(user_can_vote, login_url="/login/")
def vote(request):
# Code here can assume a logged-in user with the correct permission.
...
from django.contrib.auth.decorators import permission_required
@permission_required('polls.can_vote', login_url="/login/")
def vote(request):
5.user_passes_test的简便用法
@user_passes_test(lambda u: u.is_superuser)
#django源代码中的user_passes_test
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
"""
注意该函数的第一个参数
Decorator for views that checks that the user passes the given test,
redirecting to the log-in page if necessary. The test should be a callable
that takes the user object and returns True if the user passes.
"""
def decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
if test_func(request.user):
return view_func(request, *args, **kwargs)
path = request.build_absolute_uri()
# If the login url is the same scheme and net location then just
# use the path as the "next" url.
login_scheme, login_netloc = urlparse.urlparse(login_url or
settings.LOGIN_URL)[:2]
current_scheme, current_netloc = urlparse.urlparse(path)[:2]
if ((not login_scheme or login_scheme == current_scheme) and
(not login_netloc or login_netloc == current_netloc)):
path = request.get_full_path()
from django.contrib.auth.views import redirect_to_login
return redirect_to_login(path, login_url, redirect_field_name)
return _wrapped_view
return decorator
6.判断是否为超级管理员的过滤器:
@user_passes_test(lambda u: u.is_superuser)