0
我目前實行的Django模型上的Django權限有多自動?
許可模塊這是我的模型:
from django.db import models
# Create your models here.
class School(models.Model):
name = models.CharField(max_length=100)
address = models.TextField()
def __unicode__(self):
return self.name
class Teacher(models.Model):
school = models.ForeignKey(School)
first_name = models.CharField(max_length=50)
middle_name = models.CharField(max_length=50)
last_name = models.CharField(max_length=50)
def name(self):
return '{0} {1} {2}'.format(self.first_name,
self.middle_name,
self.last_name)
def __unicode__(self):
return self.name()
class Section(models.Model):
"""
This model must only be manipulated by its respective teacher
"""
teacher = models.ForeignKey(Teacher)
name = models.CharField(max_length=100)
def __unicode__(self):
return self.name
class Student(models.Model):
"""
This model must only be manipulated by its respective teacher
"""
section = models.ForeignKey(Section)
first_name = models.CharField(max_length=50)
middle_name = models.CharField(max_length=50)
last_name = models.CharField(max_length=50)
def name(self):
return '{0} {1} {2}'.format(self.first_name,
self.middle_name,
self.last_name)
def __unicode__(self):
return self.name()
class Subject(models.Model):
"""
This model must only be manipulated by its respective student
"""
student = models.ForeignKey(Student)
name = models.CharField(max_length=50)
code = models.CharField(max_length=50)
def __unicode__(self):
return self.name
在我的Django的管理,我創建等基團:
principal # Can change, add and delete Teacher Model
teacher # Can change, add and delete Student and Section Model
school_admin # Can change, add and delete School Model
student # Can change, add and delete Subject Model
在我的views.py ,我嘗試驗證並登錄用戶,然後登錄用戶,然後創建一個教師組,然後創建一個學校對象,如:
def index(request):
template = 'login.html'
user = request.user
login_form = LoginForm(request.POST or None)
context_dict = {'login_form': login_form}
if user.is_authenticated():
groups = user.groups
print 'User:'
print user
if groups.filter(name='teacher').exists():
print 'Teachers'
# The code below will save even though it is not in its permission
School.objects.create(name='DPS', address='Some Address')
return HttpResponse("Login")
if request.method == 'POST':
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
# print (login_form.cleaned_data)
# user = authenticate(username=username, password=password)
user = authenticate(email=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/')
else:
return HttpResponse("Wrong Username Password")
return render(request, template, context_dict)
學校對象創建了..但是我希望它不會被創建因爲登錄的用戶沒有創建學校的對象..我缺少的東西,使我很期待沒有做太多的編碼許可?或者是否真的必須在視圖上手動使用組和權限來設置條件語句?
正如我想的那樣......謝謝! –