我想在我的Django项目中创建一个基本的审批系统。在这个系统中有几个等级,但在这个问题中我只使用Lead和Manager。我创建了forms,这些表格代表limits。
只有Lead可以填写这些表格。但我想要的是当一个铅更新表单,它不应该显示没有Manager的批准。我该怎么做呢?
批准/models.py
class DoaTable(models.Model):
LIMITS = (
('Low Risk', 'Low Risk'),
(...),
('Strict Credit Check', 'Strict Credit Check'),
('No Credit Check', 'No Credit Check'),
)
RANKS = (
('Analyst', 'Analyst'),
('Senior Analyst', 'Senior Analyst'),
('Lead', 'Lead'),
('Manager', 'Manager'),
('...Officer'),
)
rank = models.CharField(max_length=200, choices=RANKS)
risk = models.CharField(max_length=200, choices=LIMITS)
limit = models.FloatField()
comp_name = models.ForeignKey(CompanyProfile, on_delete=models.CASCADE, null=True)
用户/models.py
class UserProfile(AbstractUser):
...
password = models.CharField(max_length=250)
email = models.EmailField(max_length=254)
rank = models.CharField(max_length=200)
...
class Rank(models.Model):
rank_name = models.CharField(max_length=200)
company = models.ForeignKey(CompanyProfile, on_delete=models.CASCADE, null=True, unique=False)
模型中的排名与Doa表中的排名相同。在此场景中,我们假设用户级别为Lead和Manager。
批准/forms.py
class DoaTableForm(forms.ModelForm):
class Meta:
model = DoaTable
fields = ('rank', 'risk', 'limit',)
class UpdateDoaTableForm(forms.ModelForm):
class Meta:
model = DoaTable
fields = ('limit',)
教材/views.py
def update_limit(request, id):
limiting = get_object_or_404(DoaTable, id=id)
form = UpdateDoaTableForm(request.POST or None, request.FILES or None, instance=limiting)
limiting_item = DoaTable.objects.filter(id=id)
if form.is_valid():
form.save()
return redirect('approvals:update_limit_list')
context = {
'form': form,
'limiting_item': limiting_item
}
return render(request, 'limitUpdate.html', context)
1。如何使用当前的体系结构
在DoaTable模型中添加一个新列,以反映它是否应该显示,并且只在DoaTable的视图中显示它。should_display isTrue:
批准/models.py
class DoaTable(models.Model):
# ....
should_display = models.BooleanField(default=False)
rank = models.CharField(max_length=200, choices=RANKS)
# ...
然后重写ModelForm的__init__()以接受当前用户和clean()方法来检查排名:
批准/forms.py
from django.core.exceptions import ValidationError
# ...
class UpdateDoaTableForm(forms.ModelForm):
class Meta:
model = DoaTable
fields = ('limit',)
def __init__(self, *args, user, **kwargs):
super().__init__(*args, **kwargs)
self.user = user
def clean(self):
cleaned_data = super().clean()
if self.user.rank != "Lead": # BAD: hardcoded value
raise ValidationError(
"You do not have the required rank."
)
return cleaned_data # Always return the cleaned data
在你的视图中传入request.user:
批准/views.py
def update_limit(request, id):
# ...
form = UpdateDoaTableForm(request.POST or None, request.FILES or None, user=request.user, instance=limiting)
# ...
2。建议的方法
AbstractUser带有组和权限,您可以利用它们来检查您的用户是否属于某个组或在执行操作之前具有特定权限(在这种情况下更新/批准表单),例如权限可以是:'fill_form_perm', 'approve_form_perm'和您的组可以是:'lead', 'officer'。你可以在你的模型中使用IntegerChoices,然后通过做一个简单的比较来检查你的用户的权限级别。这是更灵活的,因为你可以在多个级别上链接,例如在一个条件下低于经理但高于高级分析师,而不会有太多的麻烦。