将权限添加到Django Admin [英] Add Permission to Django Admin
问题描述
上个月我在Gover和Django网站上发布了stackoverflow和Django用户组的问题。但是我没有找到可以解决问题的答案。我想做的是在django管理面板中添加名为 view
的新权限,因此用户只能查看数据!我也遵循django网站的不同补丁,尝试了 django-databrowse
,但没有预期的工作。然后我最终决定修改auth / admin 的视图。现在我要做的是添加视图权限,如:
1。将视图添加到默认权限列表
#。/ contrib / auth / management / init.py
/ pre>
def _get_all_permissions(opts):
给定选择中的所有权限返回(codename,name)。
perms = []
for('add','change','delete','view'):
perms.append((_ get_permission_codename(action,选择),u'Can%s%s'%(action,opts.verbose_name_raw))
return perms + list(opts.permissions)
2。测试'视图'权限添加到所有模型
运行manage.py syncdb
此后,我可以只为用户分配查看权限。现在这个视图许可也是必须的。所以我正在写这段代码:django-admin的view.py中的
for request inuser.user_permissions_all():
print per
此代码打印权限分配给登录用户,如
auth |许可|可以查看部门
等
现在我可以通过分割这个句子来获得权限类型和模型名称。我将获得所有应用程序的型号名称,并将匹配哪个数据必须b可见。这不是我真正需要的,但可以工作。
所以我的问题是:
这是我应该做的还是有什么其他的方式。我只想要一个可以按预期工作的解决方案。需要您的帮助*
解决方案
将查看权限添加到默认权限列表
您的解决方案有效,但您应该真的避免编辑源代码,如果可能的话。有一些方法可以在框架内完成:
1。 在 https://docs.djangoproject.com/en/1.7/ref/signals/#post-syncdb>
post_syncdb()
:
在django.db.models.signals下的your_app / management /
下的文件从django.contrib.contenttypes.models导入post_syncdb
从django.contrib.auth.models导入ContentType
许可
def add_view_permissions(sender,** kwargs):
这个syncdb钩子也照顾了我们所有
内容类型的视图权限
#为我们的每个内容类型
在ContentType.objects.all()中的content_type:
#构建我们的权限slug
codename =view_%s%content_type.model
#如果不存在..
如果不是Permission.objects.filter(content_type = content_type,代码name = codename):
#add it
Permission.objects.create(content_type = content_type,
codename = codename,
name =可以查看%s%content_type.name )
print添加%s的视图权限%content_type.name
#检查syncdb后的所有查看权限
post_syncdb.connect(add_view_permissions)
每当您发出syncdb命令时,所有内容类型都可以是
检查他们是否有查看权限,如果没有,请创建
一个。
- 资料来源: Nyaruka博客
2。将权限添加到元权限选项:
在每个模型下,您都可以向其 Meta
选项添加类似的内容:
cheesiness = models.IntegerField()
class Meta:
permissions =(
('view_pizza','可以查看比萨饼'),
)
将完成与 1 相同的操作,除非您必须手动将其添加到每个类。
3。在Django 1.7中添加新功能,将权限添加到元数据default_permissions选项 :
在Django 1.7中,他们添加了default_permissions Meta选项。在每个模型下,您将添加view到default_permissions选项:
class Pizza(models.Model):
cheesiness = models.IntegerField()
class Meta:
default_permissions =('add','change','delete','view')
测试视图权限被添加到所有模型
对于测试用户是否有权限,您可以测试 has_perm()
功能。例如:
user.has_perm('appname.view_pizza')#返回True,如果用户'可以查看比萨饼'
Last Month i posted question on stackoverflow and on Django-Users group on G+ and on django website too. But i didn't find any answer that can solve my problem. What i want to do is to add new permission named as view
in django admin panel, so user can only view data!. I also followed different patches from django website and tried django-databrowse
but nothing works as expected. I then finally decide to edit views of auth/admin
. Now what i am going to do is to add view permission like:
1. Added 'view' to default permission list
#./contrib/auth/management/init.py
def _get_all_permissions(opts):
"Returns (codename, name) for all permissions in the given opts."
perms = []
for action in ('add', 'change', 'delete', 'view'):
perms.append((_get_permission_codename(action, opts), u'Can %s %s' % (action, opts.verbose_name_raw)))
return perms + list(opts.permissions)
2. Test the 'view' permission is added to all models
run manage.py syncdb
After this i can assign only view permission to user. Now this view permission must work too. So i am writing this code: in view.py of django-admin
for per in request.user.user_permissions_all():
print per
This code prints permissions assigned to login user like auth | permission | can view department
etc
Now i can get permission type and model name by splitting this sentence. I will get all the model name of application and will match that which data must b visible. This is again not what i really need but can work.
So my question is :
* Is this is what i should do or is there any other way too. I just want a solution that must works as expected. Need Your Assistance *
Adding 'view' permission to default permissions list
Your solution works, but you should really avoid editing source code if possible. There's a few ways to accomplish this within the framework:
1. Add the permission during post_syncdb()
:
In a file under your_app/management/
from django.db.models.signals import post_syncdb
from django.contrib.contenttypes.models import ContentType
from django.contrib.auth.models import Permission
def add_view_permissions(sender, **kwargs):
"""
This syncdb hooks takes care of adding a view permission too all our
content types.
"""
# for each of our content types
for content_type in ContentType.objects.all():
# build our permission slug
codename = "view_%s" % content_type.model
# if it doesn't exist..
if not Permission.objects.filter(content_type=content_type, codename=codename):
# add it
Permission.objects.create(content_type=content_type,
codename=codename,
name="Can view %s" % content_type.name)
print "Added view permission for %s" % content_type.name
# check for all our view permissions after a syncdb
post_syncdb.connect(add_view_permissions)
Whenever you issue a 'syncdb' command, all content types can be checked to see if they have a 'view' permission, and if not, create one.
- SOURCE: The Nyaruka Blog
2. Add the permission to the Meta permissions option:
Under every model you would add something like this to its Meta
options:
class Pizza(models.Model):
cheesiness = models.IntegerField()
class Meta:
permissions = (
('view_pizza', 'Can view pizza'),
)
This will accomplish the same as 1 except you have to manually add it to each class.
3. NEW in Django 1.7, Add the permission to the Meta default_permissions option:
In Django 1.7 they added the default_permissions Meta option. Under every model you would add 'view' to the default_permissions option:
class Pizza(models.Model):
cheesiness = models.IntegerField()
class Meta:
default_permissions = ('add', 'change', 'delete', 'view')
Test the 'view' permission is added to all models
As for testing the whether a user has the permission, you can test on the has_perm()
function. For example:
user.has_perm('appname.view_pizza') # returns True if user 'Can view pizza'
这篇关于将权限添加到Django Admin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!