day15 权限分配
思路
设置路由:rbac/urls.py
url(r'^distribute/permissions/$', menu.distribute_permissions, name='distribute_permissions'),
后端代码菜单视图新增分配权限逻辑
rbac/views/menu.py
def distribute_permissions(request):
"""
权限分配
:param request:
:return:
"""
user_id = request.GET.get('uid')
user_object = models.UserInfo.objects.filter(id=user_id).first()
if not user_object:
user_id = None
role_id = request.GET.get('rid')
role_object = models.Role.objects.filter(id=role_id).first()
if not role_object:
role_id = None
if request.method == 'POST' and request.POST.get('type') == 'role':
role_id_list = request.POST.getlist('roles')
# 用户和角色关系添加到第三张表(关系表)
if not user_object:
return HttpResponse('请选择用户,然后再分配角色!')
user_object.roles.set(role_id_list)
if request.method == 'POST' and request.POST.get('type') == 'permission':
permission_id_list = request.POST.getlist('permissions')
if not role_object:
return HttpResponse('请选择角色,然后再分配权限!')
role_object.permissions.set(permission_id_list)
# 获取当前用户拥有的所有角色
if user_id:
user_has_roles = user_object.roles.all()
else:
user_has_roles = []
user_has_roles_dict = {item.id: None for item in user_has_roles}
# 获取当前用户用户用户的所有权限
# 如果选中的角色,优先显示选中角色所拥有的权限
# 如果没有选择角色,才显示用户所拥有的权限
if role_object: # 选择了角色
user_has_permissions = role_object.permissions.all()
user_has_permissions_dict = {item.id: None for item in user_has_permissions}
elif user_object: # 未选择角色,但选择了用户
user_has_permissions = user_object.roles.filter(permissions__id__isnull=False).values('id',
'permissions').distinct()
user_has_permissions_dict = {item['permissions']: None for item in user_has_permissions}
else:
user_has_permissions_dict = {}
all_user_list = models.UserInfo.objects.all()
all_role_list = models.Role.objects.all()
menu_permission_list = []
# 所有的菜单(一级菜单)
all_menu_list = models.Menu.objects.values('id', 'title')
"""
[
{id:1,title:菜单1,children:[{id:1,title:x1, menu_id:1,'children':[{id:11,title:x2,pid:1},] },{id:2,title:x1, menu_id:1 },]},
{id:2,title:菜单2,children:[{id:3,title:x1, menu_id:2 },{id:5,title:x1, menu_id:2 },]},
{id:3,title:菜单3,children:[{id:4,title:x1, menu_id:3 },]},
]
"""
all_menu_dict = {}
"""
{
1:{id:1,title:菜单1,children:[{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },{id:2,title:x1, menu_id:1,children:[] },]},
2:{id:2,title:菜单2,children:[{id:3,title:x1, menu_id:2,children:[] },{id:5,title:x1, menu_id:2,children:[] },]},
3:{id:3,title:菜单3,children:[{id:4,title:x1, menu_id:3,children:[] },]},
}
"""
for item in all_menu_list:
item['children'] = []
all_menu_dict[item['id']] = item
# 所有二级菜单
all_second_menu_list = models.Permission.objects.filter(menu__isnull=False).values('id', 'title', 'menu_id')
"""
[
{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },
{id:2,title:x1, menu_id:1,children:[] },
{id:3,title:x1, menu_id:2,children:[] },
{id:4,title:x1, menu_id:3,children:[] },
{id:5,title:x1, menu_id:2,children:[] },
]
"""
all_second_menu_dict = {}
"""
{
1:{id:1,title:x1, menu_id:1,children:[{id:11,title:x2,pid:1},] },
2:{id:2,title:x1, menu_id:1,children:[] },
3:{id:3,title:x1, menu_id:2,children:[] },
4:{id:4,title:x1, menu_id:3,children:[] },
5:{id:5,title:x1, menu_id:2,children:[] },
}
"""
for row in all_second_menu_list:
row['children'] = []
all_second_menu_dict[row['id']] = row
menu_id = row['menu_id']
all_menu_dict[menu_id]['children'].append(row)
# 所有三级菜单(不能做菜单的权限)
all_permission_list = models.Permission.objects.filter(menu__isnull=True).values('id', 'title', 'pid_id')
"""
[
{id:11,title:x2,pid:1},
{id:12,title:x2,pid:1},
{id:13,title:x2,pid:2},
{id:14,title:x2,pid:3},
{id:15,title:x2,pid:4},
{id:16,title:x2,pid:5},
]
"""
for row in all_permission_list:
pid = row['pid_id']
if not pid:
continue
all_second_menu_dict[pid]['children'].append(row)
"""
[
{
id:1,
title:'业务管理'
children:[
{
'id':11,
title:'账单列表',
children:[
{'id':12,title:'添加账单'}
]
},
{'id':11, title:'客户列表'},
]
},
]
"""
return render(
request,
'rbac/distribute_permissions.html',
{
'user_list': all_user_list,
'role_list': all_role_list,
'all_menu_list': all_menu_list,
'user_id': user_id,
'role_id': role_id,
'user_has_roles_dict': user_has_roles_dict,
'user_has_permissions_dict': user_has_permissions_dict,
}
)
前端代码模板
rbac/templates/rbac/distribute_permissions.html
{% extends 'layout.html' %}
{% load rbac %}
{% block css %}
{% endblock %}
{% block content %}
用户信息
{% for row in user_list %}
-
{{ row.name }}
{% endfor %}
{% endblock %}
{% block js %}
{% endblock %}
权限代码可以放开了