权限分配之角色管理
作者:互联网
""" 权限分配 a. 角色管理 b. 用户管理 c. 菜单和权限管理 d. 批量的权限操作 e. 分配权限 """
角色管理示例图:
第一步:总路由进行分发
Example/urls.py
from django.contrib import admin from django.urls import path, include, re_path urlpatterns = [ path('admin/', admin.site.urls), re_path(r"^rbac/", include(("rbac.urls", "rbac"))), re_path(r"^", include("app01.urls")), ]
第二步:之前对权限进行了判断,所以先把权限判断的代码注释掉,方便后续的代码书写
1. 中间件的注释(Example/settings.py) # 'rbac.middlewares.rbac.RbacMiddleware', 2. 模板中的注释(app01/templates/layout.html) {#{% menu request %}#} {#{% url_record request %}#}
第三步:路由的创建
rbac/urls.py
from django.urls import re_path from rbac.views import role urlpatterns = [ re_path(r'^role/list/$', role.role_list, name="role_list"), re_path(r'^role/add/$', role.role_add, name="role_add"), re_path(r'^role/edit/(?P<pk>\d+)$', role.role_edit, name="role_edit"), re_path(r'^role/del/(?P<pk>\d+)$', role.role_del, name="role_del"), ]
第四步:ModelForm的创建
rbac/forms/role.py
from django import forms from rbac import models class RoleModelForm(forms.ModelForm): class Meta: model = models.Role # 关联的表 fields = ["title",] # 字段 widgets = { "title": forms.TextInput(attrs={"class": "form-control"}) # 添加bootstrap样式 }
第五步:视图的创建
rbac/views/role.py
"""角色管理""" from rbac import models from django.shortcuts import render, redirect, HttpResponse from django.urls import reverse from rbac.forms.role import RoleModelForm def role_list(request): """ 角色列表 :param request: :return: """ role_queryset = models.Role.objects.all().order_by("pk") return render(request, "rbac/role_list.html", {"roles": role_queryset}) def role_add(request): """ 添加角色 :param request: :return: """ if request.method == "GET": form = RoleModelForm() return render(request, "rbac/change.html", {"form": form}) form = RoleModelForm(data=request.POST) # 保存 if form.is_valid(): form.save() return redirect(reverse("rbac:role_list")) return render(request, "rbac/change.html", {"form": form}) def role_edit(request, pk): """ 角色编辑 :param request: :param pk: 要修改的角色ID :return: """ obj = models.Role.objects.filter(id=pk).first() if not obj: return HttpResponse("角色不存在...") if request.method == "GET": form = RoleModelForm(instance=obj) # 将原有的数据展示 return render(request, "rbac/change.html", {"form": form}) form = RoleModelForm(instance=obj, data=request.POST) # 保存编辑后的数据 if form.is_valid(): form.save() return redirect(reverse("rbac:role_list")) return render(request, "rbac/change.html", {"form": form}) def role_del(request, pk): """ 删除角色 :param request: :param pk: :return: """ origin_url = reverse("rbac:role_list") if request.method == "GET": return render(request, "rbac/delete.html", {"cancel_url": origin_url}) models.Role.objects.filter(id=pk).delete() return redirect(origin_url) """ 1. 添加和编辑页面基本一样,所以再添加和编辑的视图函数中,返回相同的html 2. 删除功能都可以用到二次确认的操作,所以delete.html也可以共用,取消则代表返回的上一级页面,上一级页面的url 由后端传递给前端即可,而确认的url是根据form表单,而form表单没有填写url,则代表提交数据的url是浏览器窗口当前 的url """
第六步:模板的创建
rbac/templates/rbac/role_list.html
{% extends 'layout.html' %} {% block content %} <div class="luffy-container"> <div class="btn-group" style="margin: 5px 0"> <a class="btn btn-default" href="{% url 'rbac:role_add' %}"> <i class="fa fa-plus-square" aria-hidden="true"></i> 添加角色 </a> </div> <table class="table table-bordered table-hover"> <thead> <tr> <th>ID</th> <th>名称</th> <th>选项</th> </tr> </thead> <tbody> {% for row in roles %} <tr> <td>{{ row.id }}</td> <td>{{ row.title }}</td> <td> <a style="color: #333333;" href="{% url 'rbac:role_edit' pk=row.id %}"> <i class="fa fa-edit" aria-hidden="true"></i></a> <a style="color: #d9534f;" href="{% url 'rbac:role_del' pk=row.id %}"><i class="fa fa-trash-o"></i></a> </td> </tr> {% endfor %} </tbody> </table> </div> {% endblock %}
rbac/templates/rbac/change.html
{% extends 'layout.html' %} {% block content %} <div class="luffy-container"> <form class="form-horizontal" method="post" novalidate> {% csrf_token %} {% for foo in form %} <div class="form-group"> <label class="col-sm-2 control-label">{{ foo.label }}</label> <div class="col-sm-8"> {{ foo }} <span style="color: red">{{ foo.errors.0 }}</span> </div> </div> {% endfor %} <div class="form-group"> <div class="col-sm-offset-2 col-sm-8"> <input type="submit" value="保存" class="btn btn-primary"> </div> </div> </form> </div> {% endblock %}
rbac/templates/rbac/delete.html
{% extends 'layout.html' %} {% block content %} <div class="luffy-container"> <div class="alert alert-danger" role="alert"> <form method="post"> {% csrf_token %} <p style="font-size: 13px;"> <i class="fa fa-warning" aria-hidden="true"></i> 删除后将不可恢复,请确定是否删除 </p> <div style="margin-top: 20px;"> <a href="{{ cancel_url }}" class="btn btn-default btn-sm">取消</a> <input type="submit" class="btn btn-danger btn-sm" value="确认"> </div> </form> </div> </div> {% endblock %}
知识点:
- ModelForm
- 根据namespace和name反向生成URL
- 模板的查找顺序(先从根目录的templates查找,然后根据所注册的app顺序进行查找,所以为了避开重名,在app的templates目录中再创建一个目录)
标签:return,form,角色,request,rbac,html,role,权限,分配 来源: https://www.cnblogs.com/xuewei95/p/15862448.html