老婆镇楼!
该篇的目的是用于控制用户的数据权限、数据集权限、
仅仅使用fieldsets是无法控制不同权限的用户看见不同的内容。
所以需要自定义get_fieldsets 代码如下:
from interview import interview_fieldsets as cf
from django.db.models import Q
# 获取用户组信息,这个东西是在权限功能中进行配置,面试官和HR的区别就是少了“interview.add_candidate”
def get_group_names(user):
group_names = []
for g in user.get_group_permissions():
group_names.append(g)
return group_names
class CandidateAdmin(admin.ModelAdmin):
def get_fieldsets(self, request, obj=None):
group_names = get_group_names(request.user)
if 'interview.add_candidate' not in group_names and obj.first_interviewer_user == request.user:
return cf.default_fieldsets_first
if 'interview.add_candidate' not in group_names and obj.second_interviewer_user == request.user:
return cf.default_fieldsets_second
return cf.default_fieldsets
# 这时候还有bug,假如都不是一面或者二面的面试官,那岂不是也能看到全部内容,所以需要加一个数据集权限
# 这样,就能一面只能看到一面面试官的数据,二面只能看到二面面试官的数据
def get_queryset(self, request):
qs = super(CandidateAdmin, self).get_queryset(request) # 获取全部权限
group_names = get_group_names(request.user)
if 'interview.add_candidate' in group_names:
return qs
return Candidate.objects.filter(
Q(first_interviewer_user=request.user) | Q(second_interviewer_user=request.user)
)
# 代码重构,相似的代码丢在一个文件中进行管理
default_fieldsets_first = (
(None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
("gender", "candidate_remark",),
("bachelor_school", "master_school", "doctor_school"),
("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
('第一轮面试情况', {'fields': (
"first_score", "first_learning_ability", "first_professional_competency", "first_disadvantage",
"first_advantage", "first_result", "first_recommend_position", "first_interviewer_user", "first_remark")}),
)
default_fieldsets_second = (
(None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
("gender", "candidate_remark",),
("bachelor_school", "master_school", "doctor_school"),
("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
('第二轮面试情况', {'fields': (
"second_score", "second_learning_ability", "second_professional_competency", "second_pursue_of_excellence",
"second_communication_ability", "second_pressure_score", "second_disadvantage", "second_advantage",
"second_result", "second_recommend_position", "second_interviewer_user", "second_remark")}),
)
default_fieldsets = (
(None, {'fields': (("username", "city", "phone"), ("email", "apply_position", "born_address"),
("gender", "candidate_remark",),
("bachelor_school", "master_school", "doctor_school"),
("major", "degree"), ("test_score_of_general_ability", "paper_score"))}),
('第一轮面试情况', {'fields': (
"first_score", "first_learning_ability", "first_professional_competency", "first_disadvantage",
"first_advantage", "first_result", "first_recommend_position", "first_interviewer_user", "first_remark")}),
('第二轮面试情况', {'fields': (
"second_score", "second_learning_ability", "second_professional_competency", "second_pursue_of_excellence",
"second_communication_ability", "second_pressure_score", "second_disadvantage", "second_advantage",
"second_result", "second_recommend_position", "second_interviewer_user", "second_remark")}),
('Hr面试情况', {'fields': (
"hr_score", "hr_responsibility", "hr_communication_ability", "hr_logic_ability", "hr_potential",
"hr_stability",
"hr_disadvantage", "hr_advantage", "hr_result", "hr_interviewer_user", "hr_remark")})
)
还有一个导出权限的功能,明天更新吧。电脑没电了= =。
今天,9月8号,回到导出权限功能,附上文档地址
https://docs.djangoproject.com/zh-hans/4.1/ref/contrib/admin/actions/
这里面定义了动作的各个方法,包括了导出动作的权限控制。
过程:首先在models文件的meta中定义权限promissions(加一个“export”操作,后面是它的命名),然后在admin文件中定义has_export_promissions(用于判断是否有interview.candidate.export权限,如果有,则执行装饰器action上有promissions=export的函数)!!!!理解透彻吧嘿嘿,附上代码
# 定义的批量导出csv的动作
@admin.action(permissions=['export'], description=u'导出为csv文件')
def export_model_as_csv(modeladmin, request, queryset):
response = HttpResponse(content_type='test/csv',
headers={'Content-Disposition': 'attachment; filename=test_%s.csv' % (
datetime.now().strftime('%Y-%m-%d-%H-%M-%S'),)
})
field_list = export_list
write = csv.writer(response)
write.writerow([
queryset.model._meta.get_field(f).verbose_name.title() for f in field_list
])
for obj in queryset:
csv_line_values = []
for field in field_list:
field_object = queryset.model._meta.get_field(field)
field_value = field_object.value_from_object(obj)
csv_line_values.append(field_value)
write.writerow(csv_line_values)
logger.error("%s exported %s candidate records" % (request.user, len(queryset)))
return response
class CandidateAdmin(admin.ModelAdmin):
def has_export_permission(self, request):
opts = self.opts
return request.user.has_perm('%s.%s' % (opts.app_label, 'export'))