获得"拒绝权限"在管理页面,而用户有权限 [英] Getting "Permission denied" page in the admin, while user has permission
问题描述
Magasin
模型添加了一些权限,如下所示: add_magasin = Permission.objects.get(codename =add_magasin)
change_magasin = Permission.objects.get(codename =change_magasin)
delete_magasin = Permission.objects.get(codename =delete_magasin)
user.user_permissions.add(add_magasin)
user.user_permissions.add(change_magasin)
user.user_permissions.add(delete_magasin)
user.save()
然后当我查看我获得的权限:
在[100]中:user.has_perm(delete_magasin)
/ pre>
Out [100]:False
在[101]中:user.has_perm(add_magasin)
Out [101]:False
在[102]中:user.has_perm(change_magasin)
Out [102]:False
在管理员中,与同一用户连接,我可以添加一个Magasin实例,但不删除一个(Permission denied)。我甚至不能用超级用户删除Magasin实例。
我使用的是Django 1.3,我没有使用任何外部权限相关的应用程序...
编辑:sql查询
mysql> ; select * from django_content_type;
+ ---- + ----------------------- + -------------- + - ----------------- +
| id |名称| app_label |模型|
+ ---- + ----------------------- + -------------- + - ----------------- +
***更多东西***
| 9 | magasin | securite_v2 | magasin |
***更多东西***
mysql> select * from auth_permission;
+ ---- + ---------------------------------- + ----- ------------ + ------------------------- +
| id |名称| content_type_id | codename |
+ ---- + ---------------------------------- + ----- ------------ + ------------------------- +
***更多的东西** *
| 25 |可以添加magasin | 9 | add_magasin |
| 26 |可以改变magasin | 9 | change_magasin |
| 27 |可以删除magasin | 9 | delete_magasin |
***更多东西***
mysql> select a from auth_user where id = 135;
+ ----- + --------------- + ------------ + ---------- - + ------------------------------- + ---------------- ------------------------------- + ---------- + - ---------- + -------------- + --------------------- + - ------------------- +
| id |用户名| first_name | last_name |电子邮件|密码| is_staff | is_active | is_superuser | last_login | date_joined |
+ ----- + --------------- + ------------ + ---------- - + ------------------------------- + ---------------- ------------------------------- + ---------- + - ---------- + -------------- + --------------------- + - ------------------- +
| 135 | admingrandest | | | admingrandest@xxx.com | sha1 $ 14f21 $ 02a50f37be16f27aba3f677618b663edfb0ce5a7 | 1 | 1 | 0 | 2012-06-25 11:16:35 | 2012-06-22 16:42:46 |
+ ----- + --------------- + ------------ + ---------- - + ------------------------------- + ---------------- ------------------------------- + ---------- + - ---------- + -------------- + --------------------- + - ------------------- +
mysql>从auth_user_user_permissions中选择*
+ ---- + --------- + --------------- +
| id | user_id | permission_id |
+ ---- + --------- + --------------- +
| 1 | 135 | 25 |
| 2 | 135 | 26 |
| 3 | 135 | 27 |
***更多的东西***
可能是什么错误?
解决方案它似乎与文件权限有关,而不是Django用户权限。
I've got some issue with user permissions in Django. I added some permissions for the
Magasin
model as shown below:add_magasin=Permission.objects.get(codename="add_magasin") change_magasin=Permission.objects.get(codename="change_magasin") delete_magasin=Permission.objects.get(codename="delete_magasin") user.user_permissions.add(add_magasin) user.user_permissions.add(change_magasin) user.user_permissions.add(delete_magasin) user.save()
then when I check the permission I get:In [100]: user.has_perm(delete_magasin) Out[100]: False In [101]: user.has_perm(add_magasin) Out[101]: False In [102]: user.has_perm(change_magasin) Out[102]: False
and in the admin, connected with the same user, I can add a Magasin instance, but not delete one ("Permission denied"). I can't even delete a Magasin instance with the superuser.
I'm using Django 1.3 and I'm not using any external permission-related app...
EDIT: sql queries
mysql> select * from django_content_type; +----+-----------------------+--------------+------------------+ | id | name | app_label | model | +----+-----------------------+--------------+------------------+ ***more stuff*** | 9 | magasin | securite_v2 | magasin | ***more stuff*** mysql> select * from auth_permission; +----+----------------------------------+-----------------+-------------------------+ | id | name | content_type_id | codename | +----+----------------------------------+-----------------+-------------------------+ ***more stuff*** | 25 | Can add magasin | 9 | add_magasin | | 26 | Can change magasin | 9 | change_magasin | | 27 | Can delete magasin | 9 | delete_magasin | ***more stuff*** mysql> select * from auth_user where id=135; +-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+ | id | username | first_name | last_name | email | password | is_staff | is_active | is_superuser | last_login | date_joined | +-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+ | 135 | admingrandest | | | admingrandest@xxx.com | sha1$14f21$02a50f37be16f27aba3f677618b663edfb0ce5a7 | 1 | 1 | 0 | 2012-06-25 11:16:35 | 2012-06-22 16:42:46 | +-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+ mysql> select * from auth_user_user_permissions; +----+---------+---------------+ | id | user_id | permission_id | +----+---------+---------------+ | 1 | 135 | 25 | | 2 | 135 | 26 | | 3 | 135 | 27 | ***more stuff***
What could be wrong?
解决方案It seems it has to do with file permissions, not Django user permissions.
这篇关于获得"拒绝权限"在管理页面,而用户有权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!