【Django|前端按钮级权限控制组件】
对应的模板函数
from django.http import QueryDict
from django.template import Library
from django.conf import settings
import copy
from django.urls import reverse
from django.utils.safestring import mark_safe
register = Library()
def check_permission(request,name):
#1.获取当前登录用户所属角色
role = request.userinfo.role
#2.根据角色获取他所有的权限字典
permission_dict = settings.NB_PERMISSION[role]
if name in permission_dict:
return True
if name in settings.NB_PERMISSION_PUBLIC:
return True
@register.simple_tag
def add_permission(request,name,*args,**kwargs):
#3.判断是否具有权限
if not check_permission(request,name):
#3.1无权限,则返回空
return ""
#3.2有权限,通过‘customer_add’反向生成URL
url = reverse(name,args=args,kwargs=kwargs)
tpl = """
<a href="{}" class="btn btn-success"><span class="glyphicon glyphicon-plus-sign"></span>
新建
</a>
""".format(url)
return mark_safe(tpl)
@register.simple_tag
def edit_permission(request,name,*args,**kwargs):
#3.判断是否具有权限
if not check_permission(request,name):
#3.1无权限,则返回空
return ""
#3.2有权限,通过‘customer_add’反向生成URL
url = reverse(name,args=args,kwargs=kwargs)
#根据当前用户请求获取GET参数
param = request.GET.urlencode()
if param:
new_query_dict = QueryDict(mutable=True)
new_query_dict['_filter'] = param
print(new_query_dict)
filter_string = new_query_dict.urlencode()
print(new_query_dict.urlencode())
tpl = """<a href="{}?{}" class="btn btn-primary btn-xs ">编辑</a>""".format(url,filter_string)
return mark_safe(tpl)
else:
tpl = """<a href="{}" class="btn btn-primary btn-xs ">编辑</a>""".format(url)
return mark_safe(tpl)
@register.simple_tag
def delete_permission(request,name,*args,**kwargs):
#1.获取当前登录用户的角色
role = request.userinfo.role
#2.根据角色获取他所有的权限字典
permission_dict = settings.NB_PERMISSION[role]
#3.判断是否具有权限
if name not in permission_dict:
#3.1无权限,则返回空
return ""
#3.2有权限,通过‘customer_add’反向生成URL
pk = kwargs.get('pk')
# url = reverse(name,args=args,kwargs=kwargs)
tpl = """
<a cid="{}" class="btn btn-danger btn-xs btn-delete">删除</a>
""".format(pk)
return mark_safe(tpl)
@register.simple_tag
def delete_url_permission(request, name, *args, **kwargs):
# 4.无权限,返回空
if not check_permission(request, name):
return ""
# 5.有权限,通过"customer_add"反向生成URL
# pk = kwargs.get('pk')
# tpl = """
# <a cid="{}" class="btn btn-danger btn-xs btn-delete">删除</a>
# """.format(pk)
# return mark_safe(tpl)
url = reverse(name, args=args, kwargs=kwargs)
tpl = """
<a href="{}" class="btn btn-danger btn-xs btn-delete">删除</a>
""".format(url)
return mark_safe(tpl)
@register.filter
def has_permission(request, others):
name_list = others.split(',')
for name in name_list:
status = check_permission(request,name)
if status:
return True
return False
-------------------------------------前端部分
添加
{% add_permission request 'customer_add' %}
编辑和删除【ajax】
{% edit_permission request 'customer_edit' pk=row.id %}
{% delete_permission request 'customer_delete' pk=row.id %}
直接删除
{% delete_url_permission request 'level_delete' pk=row.id %}
判断权限
