如何使用 Django 组和权限?
我了解基本的用户知识。我知道身份验证、登录、创建帐户等。但现在我想处理组和权限。
django 组/权限的文档在哪里?不是这样: http://docs.djangoproject.com/en/dev/topics/auth/
I understand the basic user stuff. I know authentication, login, creating accounts, etc. But now I want to work on groups and permissions.
Where is the documentation for django groups/permissions? This is not it: http://docs.djangoproject.com/en/dev/topics/auth/
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我想您需要问的第一个问题是您需要什么权限以及类型。我的意思是您想要模型级还是对象级。为了澄清差异,假设您有一辆模型车。如果您想授予所有汽车的权限,则模型级别是合适的,但如果您想为每辆车授予权限,则需要对象级别。您可能两者都需要,正如我们将看到的,这不是问题。
对于模型权限,Django 会为您处理这些......主要是。对于每个模型,Django 将以“appname.permissionname_modelname”的形式创建权限。如果您有一个名为“drivers”且具有汽车模型的应用程序,那么一项权限将是“drivers.delete_car”。 Django 自动创建的权限将是创建、更改和删除。由于某些奇怪的原因,他们决定不包含 CRUD 的读取权限,您必须自己执行此操作。请注意,出于某种原因,Django 决定将 CRUD 的“更新”更改为“更改”。要向模型添加更多权限(例如读取权限),请使用 Meta 类:
请注意,权限是一组元组,其中元组项是如上所述的权限以及该权限的描述。您不必遵循 permname_modelname 约定,但我通常坚持它。
最后,要检查权限,您可以使用 has_perm:
其中 obj 是用户或组实例。我认为为此编写一个函数更简单:
其中实体是要检查权限的对象(组或用户),模型是模型的实例,权限是要检查的字符串形式的权限列表(例如 ['read ', 'change']),app 是字符串形式的应用程序名称。要执行与上面的 has_perm 相同的检查,您可以这样调用:
如果您需要使用对象或行权限(它们的意思是相同的),那么 Django 本身无法真正帮助您。好处是您可以同时使用模型和对象权限。如果您想要对象权限,则必须 编写您的自己的(如果使用1.2+)或找到其他人编写的项目,我喜欢的一个是 django -来自华盛顿时报的objectpermissions。
I suppose the first question you need to ask are what permissions do you need and what sort. By what sort, I mean do you want Model- or Object-level. To clarify the difference say you have a model Car. If you want to give permissions on all cars, then Model-level is appropriate, but if you want to give permissions on a per-car basis you want Object-level. You may need both, and this isn't a problem as we'll see.
For Model permissions, Django handles these for you... mostly. For each model Django will create permissions in the form 'appname.permissionname_modelname'. If you have an app called 'drivers' with the Car model then one permission would be 'drivers.delete_car'. The permissions that Django automatically creates will be create, change, and delete. For some strange reason they decided not to include read permissions from CRUD, you will have to do this yourself. Note that Django decided to change CRUD's 'update' to 'change' for some reason. To add more permissions to a model, say read permissions, you use the Meta class:
Note that permissions is a set of tuples, where the tuple items are the permission as described above and a description of that permission. You don't have to follow the permname_modelname convention but I usually stick with it.
Finally, to check permissions, you can use has_perm:
Where obj is either a User or Group instance. I think it is simpler to write a function for this:
Where entity is the object to check permissions on (Group or User), model is the instance of a model, perms is a list of permissions as strings to check (e.g. ['read', 'change']), and app is the application name as a string. To do the same check as has_perm above you'd call something like this:
If you need to use object or row permissions (they mean the same thing), then Django can't really help you by itself. The nice thing is that you can use both model and object permissions side-by-side. If you want object permissions you'll have to either write your own (if using 1.2+) or find a project someone else has written, one I like is django-objectpermissions from washingtontimes.