在非管理员视图中使用 django 管理员站点身份验证
我正在编写一个简单的 django 应用程序来管理网站上的页面。 这些页面是通过管理站点创建的,可以使用“现场查看”功能进行预览。 每个页面都有一个“已发布”布尔值,用于确定显示页面的视图是否应在站点上显示该页面。 当然,一旦我更改视图以尊重“已发布”,管理页面的“现场查看”链接也不会显示该页面。 但我希望能够在编辑过程中预览未发布的页面。
因此,我决定更改视图以检查是否存在与请求关联的经过身份验证的用户。 例如:
if request.user.is_authenticated() and request.user.is_staff:
manager=Pages.objects #returns all pages
else:
manager=Pages.live #only returns published pages
然后,适当的管理器连同从 URL 捕获的 page_id 一起传递到 get_object_or_404
但是,在视图中,即使通过管理站点身份验证的用户单击“在站点上查看”链接,用户也始终是匿名的。 因此,“实时”管理器总是被使用,并且我得到与以前相同的结果:从管理站点访问未发布的页面时出现 404。 这是它应该表现的方式吗? 我真的认为会话信息将从管理站点的会话继承。
我很感激这里的任何指示,因为我可能不太清楚它应该如何工作。 我不需要该网站的登录机制,因此我希望借助管理员登录来获得在管理员中查看未发布页面的能力。
谢谢
I am writing a simple django app to manage pages on a website.
The pages are created through the admin site and can be previewed using the 'view on site' function.
Each page has a 'published' boolean that determines whether the view that displays pages should show it on site.
Of course, once I change the view to respect 'published' the admin page's 'view on site' link will not show the page either.
But I want to be able to preview unpublished pages during the editing process.
So I decided to change the view to check whether there is an authenticated user associated with the request.
For example:
if request.user.is_authenticated() and request.user.is_staff:
manager=Pages.objects #returns all pages
else:
manager=Pages.live #only returns published pages
Then the appropriate manager is passed to get_object_or_404 along with the page_id captured from the URL
However, in the view, user is always Anonymous even when a user who is authenticated with the admin site clicks the 'view on site' link.
So the 'live' manager always gets used and I have the same result as before: 404 when unpublished pages are accessed from the admin site.
Is this the way its supposed to behave?
I really thought the session information would be inherited from the admin site's session.
I would appreciate any direction here because I may not be too clear on how this should work.
I don't need a login mechanism for the site so I was hoping to piggyback off the admin's login to get the ability to view unpublished pages in the admin.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
问题就消失了。
现在,如果我登录到管理员,我可以查看未发布的页面,否则我会收到 404 错误。
不幸的是,我不确定它为什么开始起作用。
我运行了一些软件包更新(django 和 Firefox 都不在其中)并且必须重新启动我的(archlinux)机器。
当我重新启动django开发服务器并再次测试功能时,一切正常。
我怀疑 Firefox 是罪魁祸首,但这只是猜测。
无论如何,感谢任何对这个问题进行思考的人。
我现在可以停止拔头发了。
The problem is gone.
Now, if I am logged into admin I can view unpublished pages otherwise I get a 404 error.
Unfortunately, I'm not sure why it started working.
I ran some package updates (neither django nor Firefox was among them) and had to restart my (archlinux) machine.
When I restarted the django develpment server and tested the function again, all was well.
I suspect Firefox was the culprit but that's only a guess.
Anyway, thanks to anyone who gave the issue some thought.
I can stop pulling my hair out now.