0
我目前实行的Django模型上的Django权限有多自动?
许可模块这是我的模型:
from django.db import models
# Create your models here.
class School(models.Model):
name = models.CharField(max_length=100)
address = models.TextField()
def __unicode__(self):
return self.name
class Teacher(models.Model):
school = models.ForeignKey(School)
first_name = models.CharField(max_length=50)
middle_name = models.CharField(max_length=50)
last_name = models.CharField(max_length=50)
def name(self):
return '{0} {1} {2}'.format(self.first_name,
self.middle_name,
self.last_name)
def __unicode__(self):
return self.name()
class Section(models.Model):
"""
This model must only be manipulated by its respective teacher
"""
teacher = models.ForeignKey(Teacher)
name = models.CharField(max_length=100)
def __unicode__(self):
return self.name
class Student(models.Model):
"""
This model must only be manipulated by its respective teacher
"""
section = models.ForeignKey(Section)
first_name = models.CharField(max_length=50)
middle_name = models.CharField(max_length=50)
last_name = models.CharField(max_length=50)
def name(self):
return '{0} {1} {2}'.format(self.first_name,
self.middle_name,
self.last_name)
def __unicode__(self):
return self.name()
class Subject(models.Model):
"""
This model must only be manipulated by its respective student
"""
student = models.ForeignKey(Student)
name = models.CharField(max_length=50)
code = models.CharField(max_length=50)
def __unicode__(self):
return self.name
在我的Django的管理,我创建等基团:
principal # Can change, add and delete Teacher Model
teacher # Can change, add and delete Student and Section Model
school_admin # Can change, add and delete School Model
student # Can change, add and delete Subject Model
在我的views.py ,我尝试验证并登录用户,然后登录用户,然后创建一个教师组,然后创建一个学校对象,如:
def index(request):
template = 'login.html'
user = request.user
login_form = LoginForm(request.POST or None)
context_dict = {'login_form': login_form}
if user.is_authenticated():
groups = user.groups
print 'User:'
print user
if groups.filter(name='teacher').exists():
print 'Teachers'
# The code below will save even though it is not in its permission
School.objects.create(name='DPS', address='Some Address')
return HttpResponse("Login")
if request.method == 'POST':
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
# print (login_form.cleaned_data)
# user = authenticate(username=username, password=password)
user = authenticate(email=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/')
else:
return HttpResponse("Wrong Username Password")
return render(request, template, context_dict)
学校对象创建了..但是我希望它不会被创建因为登录的用户没有创建学校的对象..我缺少的东西,使我很期待没有做太多的编码许可?或者是否真的必须在视图上手动使用组和权限来设置条件语句?
正如我想的那样......谢谢! –