Django基于角色的观点? [英] Django role based views?
问题描述
我正在寻找一些有关其他人如何建构这样的投入。我将提供基于类(django组)的视图。
例如,用户组将确定他或她将访问哪些视图/模板。我正在考虑可能存储路径来查看表中的功能,以确定用户的链接栏将由哪个组成。也可以存储过滤器规格,以确定哪些行将填充这些模板。
一个很好的例子是医院护理单位。一个单位的护士不需要看到整个医院的病人。他们只需要看病人。同一个单位的医生也只需要看病人,但是他们应该有更多的功能。
这是否通过第三方应用程序完成?你会如何处理这个问题?
谢谢,
Pete
Django已经有一个组和权限系统,这可能足以满足您的目的。
http://docs.djangoproject.com/en/dev/topics/auth/
通常在您的代码中,检查用户是否有权限。用户具有自己的权限和他所属的组的权限。您可以从管理控制台轻松管理这个。
有两个部分需要查看。
- 检查请求页面
的用户是否有权限执行此操作。 - 如果
具有
为1.您可以在装饰器中查看权限:
来自django.contrib.auth.decorators的$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
对于2.当前登录的用户权限存储在模板变量{{perms}}中。此代码检查与上述相同的权限。
{%if perms.polls.can_vote%}
< a HREF = /表决 >表决< / A>
{%endif%}
要生成链接列表,您可以迭代用户。 get_all_permissions()并从dict获取链接(或生成链接的函数):
def more_elaborate_list_of_links_for_a_perm(user):
return [/ link1,...]
_LINKS = {
'polls.can_vote':lambda u:[/ user / specific / link /+ u .id],
'polls.can_close':lambda u:['/ static / link / 1','static / link / 2'],
'polls.can_open':more_elaborate_list_of_links_for_a_perm
def gen_links(user):
#get_all_permissions也获取用户组的权限
perms = user.get_all_permissions()
返回总和((_ LINKS [p ](用户)p中的p在_LINKS中的p),[])
可能有很多其他方法。
I'm looking for some input on how others would architect this. I'm going to provide class (django group) based views.
For example, a user's group will determine what views/templates he or she will have access to. I'm thinking of perhaps storing paths to view functions in a table to determine what a user's link bar will consist of. Filter specifications can also be stored to determine what rows will fill these templates.
A good example is a hospital nursing units. Nurses at one unit need not see the entire hospital's patients. They only need to see their patients. Doctors on the same unit need only to see those patients as well, but they should have access to much greater functionality.
Has this been done via some third party application? And how would you approach this problem?
Thanks, Pete
Django already has a groups and permissions system, which may be sufficient for your purpose.
http://docs.djangoproject.com/en/dev/topics/auth/
Generally in your code you check if a user has a permission. A user has his own permissions and those of the groups he belongs to. You can administer this pretty easily from the admin console.
There are two parts you need to look at.
- Check that a user requesting a page has permission to do so.
- Only display links to the user if he has the permission.
For 1. you can check permissions in a decorator as such:
from django.contrib.auth.decorators import permission_required
@permission_required('polls.can_vote')
def some_view(request):
For 2. the currently logged-in user's permissions are stored in the template variable {{ perms }}. This code checks the same permission as above.
{% if perms.polls.can_vote %}
<a href="/vote">vote</a>
{% endif %}
To generate a list of links you can iterate over user.get_all_permissions() and fetch the links (or function that generates the link) from a dict:
def more_elaborate_list_of_links_for_a_perm(user):
return ["/link1", ...]
_LINKS = {
'polls.can_vote' : lambda u: ["/user/specific/link/" + u.id],
'polls.can_close': lambda u: ['/static/link/1', 'static/link/2'],
'polls.can_open' : more_elaborate_list_of_links_for_a_perm
}
def gen_links(user):
# get_all_permissions also gets permissions for users groups
perms = user.get_all_permissions()
return sum((_LINKS[p](user) for p in perms if p in _LINKS), [])
There are probably many other approaches.
这篇关于Django基于角色的观点?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
