老婆镇楼!
    Django学习 - 用户的权限控制 (day15) - 图1

    该篇的目的是用于控制用户的数据权限、数据集权限、
    仅仅使用fieldsets是无法控制不同权限的用户看见不同的内容。
    所以需要自定义get_fieldsets 代码如下:

    1. from interview import interview_fieldsets as cf
    2. from django.db.models import Q
    4. # 获取用户组信息,这个东西是在权限功能中进行配置,面试官和HR的区别就是少了“interview.add_candidate”
    5. def get_group_names(user):
    6.     group_names = []
    7.     for g in user.get_group_permissions():
    8.         group_names.append(g)
    9.     return group_names
    11. class CandidateAdmin(admin.ModelAdmin):
    13.     def get_fieldsets(self, request, obj=None):
    14.         group_names = get_group_names(request.user)
    16.         if 'interview.add_candidate' not in group_names and obj.first_interviewer_user == request.user:
    17.             return cf.default_fieldsets_first
    18.         if 'interview.add_candidate' not in group_names and obj.second_interviewer_user == request.user:
    19.             return cf.default_fieldsets_second
    20.         return cf.default_fieldsets
    22. # 这时候还有bug,假如都不是一面或者二面的面试官,那岂不是也能看到全部内容,所以需要加一个数据集权限
    23. # 这样,就能一面只能看到一面面试官的数据,二面只能看到二面面试官的数据
    24.      def get_queryset(self, request):
    25.         qs = super(CandidateAdmin, self).get_queryset(request)   # 获取全部权限
    27.         group_names = get_group_names(request.user)
    28.         if 'interview.add_candidate' in group_names:
    29.             return qs
    30.         return Candidate.objects.filter(
    31.             Q(first_interviewer_user=request.user) | Q(second_interviewer_user=request.user)
    32.         )
    1. # 代码重构,相似的代码丢在一个文件中进行管理
    3. default_fieldsets_first = (
    4.         (None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
    5.                            ("gender", "candidate_remark",),
    6.                            ("bachelor_school", "master_school", "doctor_school"),
    7.                            ("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
    8.         ('第一轮面试情况', {'fields': (
    9.             "first_score", "first_learning_ability", "first_professional_competency", "first_disadvantage",
    10.             "first_advantage", "first_result", "first_recommend_position", "first_interviewer_user", "first_remark")}),
    12.     )
    13. default_fieldsets_second = (
    14.         (None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
    15.                            ("gender", "candidate_remark",),
    16.                            ("bachelor_school", "master_school", "doctor_school"),
    17.                            ("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
    19.         ('第二轮面试情况', {'fields': (
    20.             "second_score", "second_learning_ability", "second_professional_competency", "second_pursue_of_excellence",
    21.             "second_communication_ability", "second_pressure_score", "second_disadvantage", "second_advantage",
    22.             "second_result", "second_recommend_position", "second_interviewer_user", "second_remark")}),
    24.     )
    26. default_fieldsets = (
    27.         (None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
    28.                            ("gender", "candidate_remark",),
    29.                            ("bachelor_school", "master_school", "doctor_school"),
    30.                            ("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
    31.         ('第一轮面试情况', {'fields': (
    32.             "first_score", "first_learning_ability", "first_professional_competency", "first_disadvantage",
    33.             "first_advantage", "first_result", "first_recommend_position", "first_interviewer_user", "first_remark")}),
    34.         ('第二轮面试情况', {'fields': (
    35.             "second_score", "second_learning_ability", "second_professional_competency", "second_pursue_of_excellence",
    36.             "second_communication_ability", "second_pressure_score", "second_disadvantage", "second_advantage",
    37.             "second_result", "second_recommend_position", "second_interviewer_user", "second_remark")}),
    38.         ('Hr面试情况', {'fields': (
    39.             "hr_score", "hr_responsibility", "hr_communication_ability", "hr_logic_ability", "hr_potential",
    40.             "hr_stability",
    41.             "hr_disadvantage", "hr_advantage", "hr_result", "hr_interviewer_user", "hr_remark")})
    42.     )

    还有一个导出权限的功能,明天更新吧。电脑没电了= =。
    今天,9月8号,回到导出权限功能,附上文档地址
    https://docs.djangoproject.com/zh-hans/4.1/ref/contrib/admin/actions/
    这里面定义了动作的各个方法,包括了导出动作的权限控制。
    过程:首先在models文件的meta中定义权限promissions(加一个“export”操作,后面是它的命名),然后在admin文件中定义has_export_promissions(用于判断是否有interview.candidate.export权限,如果有,则执行装饰器action上有promissions=export的函数)!!!!理解透彻吧嘿嘿,附上代码

    # 定义的批量导出csv的动作
@admin.action(permissions=['export'], description=u'导出为csv文件')
def export_model_as_csv(modeladmin, request, queryset):
    response = HttpResponse(content_type='test/csv',
                            headers={'Content-Disposition': 'attachment; filename=test_%s.csv' % (
                                datetime.now().strftime('%Y-%m-%d-%H-%M-%S'),)
                                     })
    field_list = export_list
    write = csv.writer(response)
    write.writerow([
        queryset.model._meta.get_field(f).verbose_name.title() for f in field_list
    ])
    for obj in queryset:
        csv_line_values = []
        for field in field_list:
            field_object = queryset.model._meta.get_field(field)
            field_value = field_object.value_from_object(obj)
            csv_line_values.append(field_value)
        write.writerow(csv_line_values)

    logger.error("%s exported %s candidate records" % (request.user, len(queryset)))
    return response

class CandidateAdmin(admin.ModelAdmin):

     def has_export_permission(self, request):
        opts = self.opts
        return request.user.has_perm('%s.%s' % (opts.app_label, 'export'))