如何使用Django和Python为表值赋予权限

Question

我需要一些帮助。我需要根据表值给一些函数赋予权限。我首先在下面解释我的模型。

class Permission(models.Model): 
    """docstring for Permission""" 

    user = models.ForeignKey(User) 
    control_reactor = models.IntegerField(default=0) 
    find_reactor = models.IntegerField(default=0) 
    view_reactor = models.IntegerField(default=0) 

我期待的表格如下。

id control_reactor  view_reactor  find_reactor user_id 

1  1     1     1    2 

2  0      1     0    1 

这里假设其user_id = 2已登录该网站。并需要设置以下views.py功能的权限。

views.py：

def home(request): 
    """ This function for home screen . """ 

    return render(request, 'plant/home.html', {'count': 1}) 


def view_reactor(request): 
    """ This function for to get serch screen. """ 

    return render(request, 'plant/view_reactor.html', 
         {'count': 1}) 

在这里，我需要使用像装饰功能i.e-@permission_required and @login_required。假设user_id=2已经登录，那么它将检查数据库中的所有权限，如control_reactor=1,view_reactor=1,find_reactor=1，并且所有将检查home函数和view_reactor函数它将检查view_reactor=1或不。同样的过程也为user_id=1。请帮帮我。

Answer 1

这种方式怎么样？

from functools import wraps 

def custom_permission_check(func): 
    @wraps(func) # so that you can use help() method. 
    def wrapper(*args, **kwargs): 
     result = func(*args, **kwargs) 
     func_name = func.__name__ # get function name 
     request = args[0] # get request from args 
     permission_criteria = { 
      'home':['control_reactor', 'view_reactor', 'find_reactor'], 
      'control_reactor':['control_reactor'], 
     } 
     qs = Permission.objects.filter(user=request.user) 
     for per in permission_criteria[func_name]: 
      qs.filter(**{per: 1}) # use variable for field 
     if not qs.exists(): # when it doesn't pass 
      render(request, 'somepage.html', {}) # permission denied page 
     return result 
    return wrapper 

@custom_permission_check 
def control_reactor(request): 
    return render(...) 

@ custom_permission_check 
def home(request): 
    return render(...)