rbac组件

时间:2023-03-10 04:29:06
rbac组件

创建新项目

新建一个项目untitled,注意django 版本为1.11

修改models.py,增加2个表

from django.db import models

class Classes(models.Model):

    name = models.CharField(max_length=)

class Student(models.Model):

    name = models.CharField(max_length=)

修改urls.py,增加路径

from django.conf.urls import url

from django.contrib import admin

from app01 import views

urlpatterns = [

    url(r'^admin/', admin.site.urls),

    url(r'^login/$', views.login),

    url(r'^student/$', views.student),

    url(r'^student/add/$', views.student_add),

]

修改views.py,增加视图函数

from django.shortcuts import render

# Create your views here.

def login(request):

    """

    用户登陆

    :param request:

    :return:

    """

    if request.method == 'GET':

        return render(request,'login.html')

def student(request):

    return render(request,'student.html')

def student_add(request):

    return render(request, 'student_add.html')

在templates新增文件layout.html

<!DOCTYPE html>

<html lang="en">

<head>

    <meta charset="UTF-8">

    <title>Title</title>

</head>

<body>

    <div style="height: 48px;background-color: aquamarine"></div>

    <div>

        <div style="width: 20%;float: left;background-color: #dddddd">

            菜单

        </div>

        <div style="width: 80%;float: left">

            {% block content %} {% endblock %}

        </div>

    </div>

</body>

</html>

student_add.html

{% extends 'layout.html' %}

{% block content %}

    <h1>添加学生</h1>

{% endblock %}

login.html

<!DOCTYPE html>

<html lang="en">

<head>

    <meta charset="UTF-8">

    <title>Title</title>

</head>

<body>

    <form method="post">

        {% csrf_token %}

        <input type="text" name="user">

        <input type="password" name="pwd">

        <input type="submit" value="提交"> {{ msg }}

    </form>

</body>

</html>

student.html

{% extends 'layout.html' %}

{% block content %}

    <h1>学生列表</h1>

{% endblock %}

启动djang项目,访问页面

http://127.0.0.1:8000/student/add/

效果如下:

rbac组件

添加rbac组件

拷贝rbac组件

清空migrations目录

数据库迁移

录入权限信息

创建超级用户

查看admin.py

from django.contrib import admin

from rbac import models

class PermissionAdmin(admin.ModelAdmin):

    list_display = ['title','url']  # 显示的字段

    list_editable = ['url']  # 允许编辑

admin.site.register(models.Permission,PermissionAdmin)

admin.site.register(models.Role)

admin.site.register(models.UserInfo)

登录后台,添加数据

rbac组件

添加角色

rbac组件

添加用户

rbac组件

用户登陆做权限和菜单的初始化

修改app01目录下的views.py

from django.shortcuts import render, redirect,HttpResponse

from rbac import models

from rbac.service.init_permission import init_permission

def login(request):

    """

    用户登陆

    :param request:

    :return:

    """

    if request.method == 'GET':

        return render(request,'login.html')

    # . 获取提交的用户名和密码

    user = request.POST.get('user')

    pwd = request.POST.get('pwd')

    # . 检验用户是否合法

    obj = models.UserInfo.objects.filter(name=user,password=pwd).first()

    if not obj:

        return render(request, 'login.html',{'msg':'用户名或密码错误'})

    request.session['user_info'] = {'id': obj.id, 'name': obj.name}

    init_permission(request,obj)

    return redirect('/student/')

def student(request):

    return render(request,'student.html')

def student_add(request):

    return render(request, 'student_add.html')

应用中间件进行权限校验

注册中间件

MIDDLEWARE = [

    'django.middleware.security.SecurityMiddleware',

    'django.contrib.sessions.middleware.SessionMiddleware',

    'django.middleware.common.CommonMiddleware',

    'django.middleware.csrf.CsrfViewMiddleware',

    'django.contrib.auth.middleware.AuthenticationMiddleware',

    'django.contrib.messages.middleware.MessageMiddleware',

    'django.middleware.clickjacking.XFrameOptionsMiddleware',

    'rbac.middleware.rbac.RbacMiddleware',

]

设置配置文件

########################## 权限相关 #######################

PERMISSION_SESSION_KEY = "permission_list"

MENU_SESSION_KEY = "menu_list"

VALID_URL = [

    '^/login/$',

    '^/admin/.*',

]

总结

如何在其他系统中应用目前的rbac组件。

a. 拷贝rbac组件

b. 清空migrations目录

c. 注册rbac 到app

d. 数据库迁移并录入权限信息

e. 用户登陆做权限和菜单的初始化 init_permission 

f. 应用中间件进行权限校验

g. 设置配置文件

    ########################## 权限相关 #######################

    PERMISSION_SESSION_KEY = "permission_list"

    MENU_SESSION_KEY = "menu_list"

    VALID_URL = [

        '^/login/$',

        '^/admin/.*',

    ]

h. 显示动态菜单

    - 引入css

        {% load staticfiles %}

        <link rel="stylesheet" href="{% static 'rbac/rbac.css' %}" />

    - 调用动态菜单

        {% load rbac %}

        {% menu request %}

    合起来:

        {% load staticfiles %}

        {% load rbac %}

        <!DOCTYPE html>

        <html lang="en">

        <head>

            <meta charset="UTF-8">

            <title>Title</title>

            <link rel="stylesheet" href="{% static 'rbac/rbac.css' %}" />

            {% block css %} {% endblock %}

        </head>

        <body>

            <div style="height: 48px;background-color: aquamarine"></div>

            <div>

                <div style="width: 20%;float: left;background-color: #dddddd">

                    {% menu request %}

                </div>

                <div style="width: 80%;float: left">

                    {% block content %} {% endblock %}

                </div>

            </div>

            {% block js %} {% endblock %}

        </body>

        </html>

相关文章