Python Django管理员,自定义权限复选框
请帮帮我。在我的django项目中,我被困在一个地方,由教师生成问卷。我已经实现了自己的UserAdmin模型,尽管有is\u staff、is\u superuser字段,但我有自己的布尔字段“is\u teacher”。创建新用户时,如果勾选了“is_teacher”框,我想授予该用户管理整个问卷模型的权限,但删除管理Python Django管理员,自定义权限复选框,python,django,permissions,Python,Django,Permissions,请帮帮我。在我的django项目中,我被困在一个地方,由教师生成问卷。我已经实现了自己的UserAdmin模型,尽管有is\u staff、is\u superuser字段,但我有自己的布尔字段“is\u teacher”。创建新用户时,如果勾选了“is_teacher”框,我想授予该用户管理整个问卷模型的权限,但删除管理MyUser模型的权限(创建、更改和删除用户) 这就是我实现的全部内容: 在models.py中 class MyUserManager(BaseUserManager):
MyUser
模型的权限(创建、更改和删除用户)
这就是我实现的全部内容:
在models.py中
class MyUserManager(BaseUserManager):
def create_user(self, username, email=None, password=None):
if not username:
raise ValueError('The given username must be set')
email = MyUserManager.normalize_email(email)
user = self.model(username=username, email=email, is_staff=True, is_active=True, is_superuser=False, is_teacher=True)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, email, password):
u = self.create_user(username, email, password)
u.is_staff = True
u.is_active = True
u.is_superuser = True
u.is_teacher = True
u.save(using=self._db)
return u
class MyUser(AbstractBaseUser):
username = models.CharField(max_length=30, unique=True)
email = models.EmailField(blank=True)
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=True)
is_superuser = models.BooleanField(default=False)
is_teacher = models.BooleanField(default=True)
objects = MyUserManager()
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = ['email']
def get_full_name(self):
return self.username
def get_short_name(self):
return self.username
def __unicode__(self):
return self.username
def has_perm(self, perm, obj=None):
return True
def has_module_perms(self, module):
return True
在admin.py中
class UserCreationForm(forms.ModelForm):
"""
A form that creates a user, with no privileges, from the given username and
password.
"""
error_messages = {
'password_mismatch': "The two password fields didn't match.",
}
password1 = forms.CharField(label="Password",
widget=forms.PasswordInput)
password2 = forms.CharField(label="Password confirmation",
widget=forms.PasswordInput)
class Meta:
model = MyUser
fields = ("username",)
def clean_password2(self):
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError(
self.error_messages['password_mismatch'],
code='password_mismatch',
)
return password2
def save(self, commit=True):
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
class UserChangeForm(forms.ModelForm):
password = ReadOnlyPasswordHashField(label="Password")
class Meta:
model = MyUser
fields = ('username', 'password', 'email', 'is_active', 'is_staff', 'is_superuser', 'is_teacher')
def clean_password(self):
# Regardless of what the user provides, return the initial value.
# This is done here, rather than on the field, because the
# field does not have access to the initial value
return self.initial["password"]
class MyUserAdmin(UserAdmin):
form = UserChangeForm
add_form = UserCreationForm
list_display = ('username', 'email', 'is_teacher')
list_filter = ('is_staff', 'is_superuser', 'is_active')
fieldsets = (
(None, {'fields': ('username', 'password')}),
('Personal info', {'fields': ('email',)}),
('Permissions', {'fields': ('is_superuser', 'is_teacher',)}),
)
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('username', 'email', 'password1', 'password2')}
),
)
search_fields = ('username', 'email')
ordering = ('username',)
filter_horizontal = ()
有两种方法可以做到这一点。一种是手动添加权限。您应该在MyUserAdmin类中执行此操作,覆盖默认的save方法。大概是这样的:
def save_model(self, request, obj, form, change):
# ADD THE PERMISSIONS HERE LIKE SO:
obj.save()
if obj.is_teacher:
# This is just an example of a permission you can add
obj.user_permissions.add('questionaires_questionire_change', '......')
else:
# Remove the permissions in case a user was demoted from teacher status
obj.user_permissions.remove('questionaires_questionire_change', '......')
现在,另一种方法,我认为更好(因为它不依赖于保存用户模型,并且您可以在将来进行更改,而无需运行所有用户的更新权限):
您可以在模型管理员中覆盖您的调查问卷和所需的其他模型的“更改”权限、“添加”权限和“删除”权限。这是您的问卷模型示例(此处仅显示更改权限):
建议您创建一个具有所需权限的“教师”组,然后在用户的
is\u teacher
字段设置为True
时将该组添加到任何用户中。谢谢您的建议,但我不能这样做。必须这样做:超级用户正在创建新帐户,勾选“is_teacher”字段,必须添加所有权限。我只是不知道在哪里放置权限以及如何对其进行编码。是的,我曾研究过几次该网站,但我太新手了,无法找到实际的编码位置:/@Skiben我不明白为什么你认为你不能使用权限组来实现这一点?这就是他们的目的
class QuestionnaireAdmin(admin.ModelAdmin):
def has_change_permission(self, request, obj=None):
if request.user.is_teacher:
return True
# If a user is not a teacher, let Django evaluate their specific permissions (a superusuer will always have permission if you do it this way)
return super(QuestionnaireAdmin, self).has_change_permission(request, obj=None)