V2AS问路
Python-S9——Day82-CRM项目实战
阅读原文时间:2021年04月21日阅读:1

1、权限的概念;

2、RBAC的设计;

3、注册登录用户所有权限到session中;

4、权限的校验;

5、基于中间件的权限校验;

1、权限的概念;

  • Project
  • App

  1.2.1 who what how  <------>True or False

1.2.2 表相关,如UserInfo、Permission、UserInfo_Permission;

1.2.3 管理员权限,比如腾旭视频的VIP会员,这个世界上权限无处不在;

1.2.4 应用范围最广泛;

1.2.5 Who、What、How------>True Or Flase

2、RBAC的设计;

  • UserInfo
  • Role
  • Permission

3、注册登录用户所有权限到session中;

from django.db import models

Create your models here.

class User(models.Model):
name = models.CharField(max_length=32)
pwd = models.CharField(max_length=32)
roles = models.ManyToManyField(to="Role")

def \_\_str\_\_(self):  
    return self.name

class Role(models.Model):
title = models.CharField(max_length=32)
permissions = models.ManyToManyField(to="Permission")

def \_\_str\_\_(self):  
    return self.title

class Permission(models.Model):
title = models.CharField(max_length=32)
url = models.CharField(max_length=32)

def \_\_str\_\_(self):  
    return self.title

python manage.py makemigrations
python migrate

from django.contrib import admin

Register your models here.

from .models import *

admin.site.register(User)
admin.site.register(Role)
admin.site.register(Permission)

Microsoft Windows [版本 10.0.17134.1]
(c) 2018 Microsoft Corporation。保留所有权利。

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>python manage.py startapp rbac

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>python manage.py makemigrations
Traceback (most recent call last):
File "manage.py", line 15, in
execute_from_command_line(sys.argv)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\__init__.py", line 381, in execute_from_command_line
utility.execute()
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\__init__.py", line 375, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\base.py", line 316, in run_from_argv
self.execute(*args, **cmd_options)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\base.py", line 350, in execute
self.check()
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\base.py", line 379, in check
include_deployment_checks=include_deployment_checks,
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\management\base.py", line 366, in _run_checks
return checks.run_checks(**kwargs)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\checks\registry.py", line 71, in run_checks
new_errors = check(app_configs=app_configs)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\checks\urls.py", line 40, in check_url_namespaces_unique
all_namespaces = _load_all_namespaces(resolver)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\core\checks\urls.py", line 57, in _load_all_namespaces
url_patterns = getattr(resolver, 'url_patterns', [])
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\utils\functional.py", line 37, in __get__
res = instance.__dict__[self.name] = self.func(instance)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\urls\resolvers.py", line 533, in url_patterns
patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\utils\functional.py", line 37, in __get__
res = instance.__dict__[self.name] = self.func(instance)
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\venv\lib\site-packages\django\urls\resolvers.py", line 526, in urlconf_module
return import_module(self.urlconf_name)
File "C:\Program Files\Python36\lib\importlib\__init__.py", line 126, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 994, in _gcd_import
File "", line 971, in _find_and_load
File "", line 955, in _find_and_load_unlocked
File "", line 665, in _load_unlocked
File "", line 678, in exec_module
File "", line 219, in _call_with_frames_removed
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\s9day82_rbac\urls.py", line 18, in
from app01 import views
File "C:\Users\TQTL911\PycharmProjects\s9day82_rbac\app01\views.py", line 5
user_id = request.
^
SyntaxError: invalid syntax

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>python manage.py makemigrations
Migrations for 'app01':
app01\migrations\0001_initial.py
- Create model User
Migrations for 'rbac':
rbac\migrations\0001_initial.py
- Create model Permission
- Create model Role
- Create model User

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>python manage.py migrate
Operations to perform:
Apply all migrations: admin, app01, auth, contenttypes, rbac, sessions
Running migrations:
Applying contenttypes.0001_initial… OK
Applying auth.0001_initial… OK
Applying admin.0001_initial… OK
Applying admin.0002_logentry_remove_auto_add… OK
Applying admin.0003_logentry_add_action_flag_choices… OK
Applying app01.0001_initial… OK
Applying contenttypes.0002_remove_content_type_name… OK
Applying auth.0002_alter_permission_name_max_length… OK
Applying auth.0003_alter_user_email_max_length… OK
Applying auth.0004_alter_user_username_opts… OK
Applying auth.0005_alter_user_last_login_null… OK
Applying auth.0006_require_contenttypes_0002… OK
Applying auth.0007_alter_validators_add_error_messages… OK
Applying auth.0008_alter_user_username_max_length… OK
Applying auth.0009_alter_user_last_name_max_length… OK
Applying rbac.0001_initial… OK
Applying sessions.0001_initial… OK

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>python manage.py createsuperuser
Username (leave blank to use 'tqtl911'): cuixiaozhao
Email address: tqtl@tqtl.org
Password:
Password (again):
This password is too common.
Bypass password validation and create user anyway? [y/N]: y
Superuser created successfully.

(venv) C:\Users\TQTL911\PycharmProjects\s9day82_rbac>

"""s9day82_rbac URL Configuration

The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/2.1/topics/http/urls/
Examples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.urls import include, path
2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from app01 import views

urlpatterns = [
path('admin/', admin.site.urls),
path('users/', views.users),
path('^/users/add', views.add_user),
path('^roles/', views.roles),
path('login/', views.login),
]

from django.shortcuts import render, HttpResponse

Create your views here.

from rbac.models import *

def users(request):
user_list = User.objects.all()
return render(request, "users.html", locals())

def add_user(request):
return HttpResponse("add_user")

def roles(request):
user_list = User.objects.all()
return render(request, "users.html", locals())

def login(request):
if request.method == "POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
user_obj = User.objects.filter(name=user, pwd=pwd).first()
if user_obj:
# 在session中注册用户的ID;
request.session["user_id"] = user.pk

        '''  
        在session中注册权限列表;  
        '''  
        # #查询当前登录用的所有角色;  
        # ret = user\_obj.roles.all()  
        # print(ret)#<QuerySet \[<Role: 保洁>, <Role: 销售>\]>  
        # 查询当前登录用的所有权限;

        # ret = user\_obj.roles.all().values("title")  
        # ret = user\_obj.roles.all().values("title",  
        #                                  "permissions\_\_url")  # <QuerySet \[{'title': '保洁', 'permissions\_\_url': '/users/'}, {'title': '销售', 'permissions\_\_url': '/users/'}, {'title': '销售', 'permissions\_\_url': '/users/add'}\]>

        permissions = user\_obj.roles.all().values(  
            "permissions\_\_url").distinct()  # <QuerySet \[{'permissions\_\_url': '/users/'}, {'permissions\_\_url': '/users/add'}\]>  
        permission\_list = \[\]  # 定义一个空列表;  
        for item in permissions:  
            permission\_list.append(item\["permissions\_\_url"\])  
        print(permission\_list)  # \['/users/', '/users/add'\]  
        request.session\["permission\_list"\] = permission\_list  
        '''  
        values:  
        temp = \[\]  
        for role in user.roles.all(): #\[<Role:保洁>,<Role:销售>\]  
        temp.append({  
        "title":role.title,#<QuerySet \[{'title': '保洁'}, {'title': '销售'}\]>  
        })  
        '''  
        return HttpResponse("登录成功!")

return render(request, "login.html")





Title