RABC权限控制(页面操作角色,权限和进行分配)
上一节主要说的是如何通过url进行权限控制,这一节就说一下如何开发一个权限控制的界面,这样我们就能很方便的创建角色,并分配给用户不同角色和不同权限.
这个编写较为简单,主要是通过快速实现的,下面代码比较简单,我就不多说了
效果图如下:
代码如下:
def role_list(request):"""角色列表"""roles_list = Role.objects.all()# 分页current_page_num = request.GET.get('page')pagination = MyPagination(current_page_num, roles_list.count(), request)roles_list = roles_list[pagination.start:pagination.end]return render(request, 'rbac/role_list.html', {'roles_list': roles_list, 'pagination':pagination})def role_operate(request, edit_id=None):"""角色操作"""role_obj = Role.objects.filter(pk=edit_id).first()if request.method == "POST":role_form = RoleModelForm(request.POST, instance=role_obj)if role_form.is_valid():role_form.save()return redirect(reverse('rbac:role_list'))return render(request, 'rbac/role_operate.html', {'role_form': role_form})role_form = RoleModelForm(instance=role_obj)return render(request, 'rbac/role_operate.html', {'role_form': role_form, 'role_obj': role_obj})def role_del(request, del_id):"""删除角色"""Role.objects.filter(pk=del_id).delete()return redirect(reverse('rbac:role_list'))
RoleModelForm,这里就只有一个name字段,不给角色字段是创建完用户后到时再分配
class RoleModelForm(forms.ModelForm):"""角色的modelform"""class Meta:model = Rolefields = ['name']error_messages = {'name': {'required': '角色名称不能为空'}}widgets = {'name': wid.TextInput(attrs={'class': 'form-control'})}
2.编写菜单权限管理页面
这个也不是特别难,因为主要就是两张表在页面渲染的事情,效果图如下:
代码如下:
def menu_list(request):"""菜单权限列表"""# 获取所有的菜单menu_list = Menu.objects.all()# 菜单管理目前选择的菜单名称idmid = request.GET.get('mid')# 如果mid有值则通过二级菜单中菜单id是一级菜单的和二级菜单下子权限id属于一级菜单的全部找出来显示,没有则显示全部菜单if mid:permission_list = Permission.objects.filter(Q(parent__menu__id=mid) | Q(menu_id=mid))else:permission_list = Permission.objects.all()# 查询出权限表中的所有字段all_permission_list = permission_list.values('id', 'url', 'title', 'url_name','menu_id', 'parent_id', 'menu__title')# 把所有菜单以字典形式保存在字典中all_permission_dict = {}# 第一次for循环将二级菜单加入字典中for permission in all_permission_list:menu_id = permission.get('menu_id')# 有menu_id就证明是二级菜单,加入字典if menu_id:permission['children'] = []all_permission_dict[permission['id']] = permission# 第二次for循环将三级菜单(子权限)加入到二级菜单的children中for permission in all_permission_list:parent_id = permission.get('parent_id')if parent_id:all_permission_dict[parent_id]['children'].append(permission)return render(request, 'rbac/menu_list.html', {'menu_list': menu_list,'all_permission_dict': all_permission_dict, 'mid': mid})def menu_operate(request, edit_id=None):"""菜单管理操作"""menu_obj = Menu.objects.filter(pk=edit_id).first()if request.method == "POST":form_obj = MenuModelForm(request.POST, instance=menu_obj)if form_obj.is_valid():form_obj.save()return redirect(reverse('rbac:menu_list'))return render(request, 'rbac/menu_operate.html', {'form_obj': form_obj})form_obj = MenuModelForm(instance=menu_obj)return render(request, 'rbac/menu_operate.html', {'form_obj': form_obj, 'menu_obj': menu_obj})def menu_del(request, del_id):"""菜单管理删除"""Menu.objects.filter(pk=del_id).delete()return redirect(reverse('rbac:menu_list'))def permission_operate(request, edit_id=None):"""权限管理操作"""permission_obj = Permission.objects.filter(pk=edit_id).first()if request.method == "POST":form_obj = PermissionModelForm(request.POST, instance=permission_obj)if form_obj.is_valid():form_obj.save()return redirect(reverse('rbac:menu_list'))return render(request, 'rbac/permission_operate.html', {'form_obj': form_obj})form_obj = PermissionModelForm(instance=permission_obj)return render(request, 'rbac/permission_operate.html', {