如何创建多个权限类来限制用户访问模板视图(不使用任何模型(。例如:我有4个用户类别-(管理员、管理人员、校长、教师(。我有一个管理面板模板视图,应该限制为用户类型=管理员。
我希望能够编写多个权限类,然后可以在任何视图中组合使用这些权限类。
以下代码生成403错误:
class AdministratorPermission(AccessMixin):
def has_permission(self):
return True
class GeneralPerm1(AccessMixin):
def has_permission(self):
return True
class DashboardView(PermissionRequiredMixin,
LoginRequiredMixin, TemplateView):
template_name = 'administrator/dashboard.html'
permission_required = (AdministratorPermission,GeneralPerm1)
是否有类似DRF权限的方法。
感谢
Permission1Mixin.py:
from django.contrib.auth.mixins import AccessMixin
from django.core.exceptions import PermissionDenied
class IsAdministratorMixin(AccessMixin):
""" if user is not administrator, decline permission """
def dispatch(self, request, *args, **kwargs):
"""
if user is authenticated and administrator
we are good. otherwise permission denied
"""
if request.user.is_authenticated and
request.user.category.category ==
UserCategoryEnum.ADMINISTRATOR.value:
return super().dispatch(request, *args, **kwargs)
raise PermissionDenied('Permission denied') # decline permission
view.py
class DashboardView(IsAdministratorMixin, TemplateView):
template_name = 'administrator/dashboard.html'
通过这种方式,我们可以创建多个独立的权限混合,并将它们组合使用。