这个针对 django 中每个对象权限的 hack 有效吗?
根据文档,一个类可以具有元选项权限,描述如下:
Options.permissions创建此对象时进入权限表的额外权限。为每个具有管理员设置的对象自动创建添加、删除和更改权限。此示例指定额外权限 can_deliver_pizzas:
permissions = (("can_deliver_pizzas", "Can deliver pizzas"),)
这是一个列表或二元组的元组,格式为(permission_code, human_read_permission_name)。
是否可以通过以下方式在运行时定义权限:
permissions = (("can_access_%s" % self.pk, /
"Has access to object %s of type %s" % (self.pk,self.__name__)),)
?
According to the documentation, a class can have the meta option permissions, described as such:
Extra permissions to enter into the permissions table when creating this object. Add, delete and change permissions are automatically created for each object that has admin set. This example specifies an extra permission, can_deliver_pizzas:
permissions = (("can_deliver_pizzas", "Can deliver pizzas"),)
This is a list or tuple of 2-tuples in the format (permission_code, human_readable_permission_name).
Would it be possible to define permissions at run time by:
permissions = (("can_access_%s" % self.pk, /
"Has access to object %s of type %s" % (self.pk,self.__name__)),)
?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我认为在
Meta类的上下文中,您无权访问self。如果您正在寻找管理应用程序的解决方案,请阅读有关行级别权限的内容。
也有这样的说法:
I think in the context of the
Metaclass, you don't have access toself.If you look for a solution for the admin application, read this about row level permissions.
There is also says:
不,由于多种原因,这行不通。首先,正如 Felix 指出的那样,此时您无法访问 self 。其次,正如您引用的文档所述,这是要输入权限表的项目列表 - 换句话说,这些是实际的数据库行,由
manage.pysyncdb< 创建/代码>。No, this wouldn't work, for a number of reasons. Firstly, as Felix points out, you have no access to
selfat that point. Secondly, as the documentation you quoted states, this is a list of items to enter into the permissions table - in other words these are actual database rows, which are created bymanage.py syncdb.