问题
I have my legacy database.I created models using inspectdb.I am able to see my tables in admin page . I created 4 users and i want to implement role-based permission for each model. I just show you with example what i did in model to add permissions like edit, view, delete. Example:-
class BusinessIntegrationSourceCategory(models.Model):
date_added = models.DateTimeField(blank=True, null=True)
date_modified = models.DateTimeField(blank=True, null=True)
source_category = models.CharField(max_length=255, blank=True, null=True)
class Meta:
managed = False
db_table = 'business_integration_source_category'
permissions = (
("view_category", "view category"),
("add_category", "Add category"),
("delete_category", "Delete category"),
)
Now where i can add the next steps to add role based permissions.
回答1:
This from The Django docs.
Handling object permissions
Django’s permission framework has a foundation for object permissions, though there is no implementation for it in the core. That means that checking for object permissions will always return False or an empty list (depending on the check performed). An authentication backend will receive the keyword parameters obj and user_obj for each object related authorization method and can return the object level permission as appropriate.
So as said: An authentication backend will receive the keyword parameters obj and user_obj.
And these tow variables are the seeds of object level permissions, but the default backend django.contrib.auth.backends.ModelBackend does not take advantage of that. So you should create a custom backend.
Note:
If you use custom
Usermodel, your user model should subclass PermissionsMixin, because The has_perm method ofPermissionsMixinpasses the work off to the registered authentication backends.
Try:
backends.py file:
from django.contrib.auth import get_user_model
class MyAuthenticationBackend:
def authenticate(self, *args, **kwargs):
pass
def get_user(self, user_id):
try:
return get_user_model().objects.get(pk=user_id)
except get_user_model().DoesNotExist:
return None
def has_perm(self, user_obj, perm, obj=None):
if perm == "view_category":
return True # everybody can view
# otherwise only the owner or the superuser can delete
return user_obj.is_active and obj.user.pk==user_obj.pk
def has_perms(self, user_obj, perm_list, obj=None):
return all(self.has_perm(user_obj, perm, obj) for perm in perm_list)
In settings.py file add:
AUTHENTICATION_BACKENDS = [
'your_app.backends.MyAuthenticationBackend',
# Your other auth backends, if you were using the default,
# then comment out the next line, otherwise specify yours
# 'django.contrib.auth.backends.ModelBackend'
]
Note: every model already has default permissions (add, change and delete)
I hope this will push you forward.
来源:https://stackoverflow.com/questions/51244055/steps-to-add-model-level-permission-in-django