作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
djangoApp > djan-6ren">
我不想在我的 Django 项目上有多个 AdminSite,我不想给每个用户 super 用户角色只是为了查看和编辑应用程序的模型。
这是我的项目布局:
> djangoApp
> djangoApp
- settings.py
- etc...
> AAA
- admin.py
- urls.py
- etc..
> BBB
- admin.py
- urls.py
- etc..
> CCC
- admin.py
- urls.py
- etc..
> ressources
- models.py
- etc..
> core
- admin.py
- auth.py
- models.py
- views.py
这里是BBB的admin.py(我为每个AdminSite使用了不同的数据库):
from django.contrib import admin
from django.contrib.admin import AdminSite, site
from core.admin import UserAuthenticationForm
from ressources.models import Adresse
class BBBAdminSite(AdminSite):
site_header = 'BBB admin'
login_form = UserAuthenticationForm
login_template = "core/login.html"
def has_permission(self,request):
user = request.user
return user.is_active and user.is_staff and (user.account_id == 100 or user.account_id == 0)
class AdminModel(admin.ModelAdmin):
using = 'DATABASE_NAME'
def has_add_permission(self, request):
user = request.user
return user.is_active and user.is_staff and (user.account_id == 100 or user.account_id == 0)
def has_change_permission(self, request, obj=None):
user = request.user
return user.is_active and user.is_staff and (user.account_id == 100 or user.account_id == 0)
def has_delete_permission(self, request, obj=None):
user = request.user
return user.is_active and user.is_staff and (user.account_id == 100 or user.account_id == 0)
def save_model(self, request, obj, form, change):
user = request.user
obj.account_id = user.account_id
obj.save(using=self.using)
def delete_model(self, request, obj):
obj.delete(using=self.using)
def get_queryset(self, request):
return super(AdminModel, self).get_queryset(request).using(self.using)
def formfield_for_foreignkey(self, db_field, request=None, **kwargs):
return super(AdminModel, self).formfield_for_foreignkey(db_field, request=request, using=self.using, **kwargs)
def formfield_for_manytomany(self, db_field, request=None, **kwargs):
return super(AdminModel, self).formfield_for_manytomany(db_field, request=request, using=self.using, **kwargs)
bbbAdmin = BBBAdminSite(name='bbbAdmin')
bbbAdmin.register(Adresse, AdminModel) ### The user can see this in the admin dashboard only if he is superuser
这是同一个应用程序的 urls.py:
from django.contrib import admin
from django.urls import include, path, re_path
from BBB.admin import bbbAdmin
urlpatterns = [
path('', bbbAdmin.urls),
]
我使用不同的 AuthBackend 来验证我的用户:
核心/auth.py:
from django.conf import settings
from django.contrib.auth.hashers import check_password
from .models import User
class AuthBackend(object):
def has_perm(self, user_obj, perm, obj=None):
if(obj != None):
return (obj.account_id == user_obj.account_id)
return False
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
def authenticate(username=None, password=None, account_id=None):
try:
user = User.objects.get(username=username, account_id=account_id)
except User.DoesNotExist:
return None
pwd_valid = check_password(password, user.password)
if pwd_valid:
return user
else:
return None
我已经在我的 settings.py 中注册了 AuthBackend:
AUTHENTICATION_BACKENDS = ('core.auth.AuthBackend',)
我尝试将其更改为:
AUTHENTICATION_BACKENDS = ('core.auth.AuthBackend', 'django.contrib.auth.backends.ModelBackend',)
但它给了我错误
You have multiple authentication backends configured and therefore must provide the
backend
argument or set thebackend
attribute on the user.
我试过把用户放到一个拥有所有权限的组中,但是当他登录时它仍然显示“你没有权限编辑任何东西”。用户将 is_staff 设置为 True
最佳答案
我找到了解决方案。我忘了将方法“has_module_permission”添加到我的 AdminModel
BBB/admin.py
class AdminModel(Admin.ModelAdmin):
[...]
def has_module_permission(self,request):
return True
[...]
关于django - "you don' 如果用户不是 super 用户,则无权编辑自定义 AdminSite 上的任何内容,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49279758/
我是一名优秀的程序员,十分优秀!