rbac组件
创建新项目
新建一个项目untitled,注意django 版本为1.11
修改models.py,增加2个表
from django.db import models class Classes(models.Model): name = models.CharField(max_length=32) class Student(models.Model): name = models.CharField(max_length=32)
修改urls.py,增加路径
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^login/$', views.login), url(r'^student/$', views.student), url(r'^student/add/$', views.student_add), ]
修改views.py,增加视图函数
from django.shortcuts import render # Create your views here. def login(request): """ 用户登陆 :param request: :return: """ if request.method == 'GET': return render(request,'login.html') def student(request): return render(request,'student.html') def student_add(request): return render(request, 'student_add.html')
在templates新增文件layout.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <div style="height: 48px;background-color: aquamarine"></div> <div> <div style="width: 20%;float: left;background-color: #dddddd"> 菜单 </div> <div style="width: 80%;float: left"> {% block content %} {% endblock %} </div> </div> </body> </html>
student_add.html
{% extends 'layout.html' %}
{% block content %}
<h1>添加学生</h1>
{% endblock %}
login.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form method="post"> {% csrf_token %} <input type="text" name="user"> <input type="password" name="pwd"> <input type="submit" value="提交"> {{ msg }} </form> </body> </html>
student.html
{% extends 'layout.html' %}
{% block content %}
<h1>学生列表</h1>
{% endblock %}
启动djang项目,访问页面
http://127.0.0.1:8000/student/add/
效果如下:
添加rbac组件
拷贝rbac组件
清空migrations目录
数据库迁移
录入权限信息
创建超级用户
查看admin.py
from django.contrib import admin from rbac import models class PermissionAdmin(admin.ModelAdmin): list_display = ['title','url'] # 显示的字段 list_editable = ['url'] # 允许编辑 admin.site.register(models.Permission,PermissionAdmin) admin.site.register(models.Role) admin.site.register(models.UserInfo)
登录后台,添加数据
添加角色
添加用户
用户登陆做权限和菜单的初始化
修改app01目录下的views.py
from django.shortcuts import render, redirect,HttpResponse from rbac import models from rbac.service.init_permission import init_permission def login(request): """ 用户登陆 :param request: :return: """ if request.method == 'GET': return render(request,'login.html') # 1. 获取提交的用户名和密码 user = request.POST.get('user') pwd = request.POST.get('pwd') # 2. 检验用户是否合法 obj = models.UserInfo.objects.filter(name=user,password=pwd).first() if not obj: return render(request, 'login.html',{'msg':'用户名或密码错误'}) request.session['user_info'] = {'id': obj.id, 'name': obj.name} init_permission(request,obj) return redirect('/student/') def student(request): return render(request,'student.html') def student_add(request): return render(request, 'student_add.html')
应用中间件进行权限校验
注册中间件
MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'rbac.middleware.rbac.RbacMiddleware', ]
设置配置文件
########################## 权限相关 ####################### PERMISSION_SESSION_KEY = "permission_list" MENU_SESSION_KEY = "menu_list" VALID_URL = [ '^/login/$', '^/admin/.*', ]
总结
如何在其他系统中应用目前的rbac组件。 a. 拷贝rbac组件 b. 清空migrations目录 c. 注册rbac 到app d. 数据库迁移并录入权限信息 e. 用户登陆做权限和菜单的初始化 init_permission f. 应用中间件进行权限校验 g. 设置配置文件 ########################## 权限相关 ####################### PERMISSION_SESSION_KEY = "permission_list" MENU_SESSION_KEY = "menu_list" VALID_URL = [ '^/login/$', '^/admin/.*', ] h. 显示动态菜单 - 引入css {% load staticfiles %} <link rel="stylesheet" href="{% static 'rbac/rbac.css' %}" /> - 调用动态菜单 {% load rbac %} {% menu request %} 合起来: {% load staticfiles %} {% load rbac %} <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> <link rel="stylesheet" href="{% static 'rbac/rbac.css' %}" /> {% block css %} {% endblock %} </head> <body> <div style="height: 48px;background-color: aquamarine"></div> <div> <div style="width: 20%;float: left;background-color: #dddddd"> {% menu request %} </div> <div style="width: 80%;float: left"> {% block content %} {% endblock %} </div> </div> {% block js %} {% endblock %} </body> </html>
浙公网安备 33010602011771号