我在项目中创建自定义的员工模型和模型。默认情况下,在没有员工许可的情况下创建员工。在其他世界,user.is_staff = false。可以在UpdatStaff中设置该权限。在我的UpdateStaff中,我尝试通过致电user.is_staff = true来提供员工许可。但是,user.is_staff是默认值(false),并且根本没有任何变化。有人可以告诉我问题是什么?
In views.py
def updatestaff(request,id=None):
instance = get_object_or_404(Staff,id=id)
if request.POST:
staff_form = StaffForm(request.POST or None,instance=instance)
if staff_form.is_valid():
old_user = User.objects.get(username= request.POST.get('name'))
if request.POST.get('authorized'):
old_user.is_staff = True
else:
old_user.is_staff = False
old_user.save()
staff_form.save()
return HttpResponseRedirect('/dataInfo/staff_view/')
else:
staff_form = StaffForm(instance=instance)
return render_to_response('dataInfo/update_staff.html', {'form': staff_form,'id':instance.id}, context_instance=RequestContext(request))
In models.py
class Staff(models.Model):
yes_or_no = ((True, 'Yes'),(False, 'No'))
male_or_female = ((True,'Male'),(False,'Female'))
name = models.CharField(max_length=100,blank = False, null = False)
email = models.EmailField(max_length=100,blank = False, null = False)
password = models.CharField(max_length=100,blank = False, null = False)
gender = models.BooleanField(default = True, choices = male_or_female)
birthday = models.DateField(default =None,blank = False, null = False)
created = models.DateTimeField(default=datetime.now, blank=True)
authorized = models.BooleanField(default=False,choices = yes_or_no)
store_id = models.ForeignKey(Store,default=1)
In forms.py
class StaffForm(forms.ModelForm):
store_id = forms.ModelChoiceField(queryset = Store.objects.all(),empty_label="--------") # select values ?
class Meta:
model = Staff
fields = ('name','email','password','gender','birthday','authorized','store_id')
widgets = {'authorized':forms.RadioSelect,
'gender':forms.RadioSelect,
'birthday':SelectDateWidget(years=range(date.today().year-50,date.today().year))
}
您永远不要假设request.POST.get(...)
可以为您提供正确的数据类型。您回来的是unicode
。因此,bool('True')
是True
,bool('False')
也是True
。在您的情况下,它将始终True
。尚不清楚为什么old_user.is_staff
不能更新为True
。您可以在staff_form.save()
之后使用old_user.save()
的IST尝试:
if request.POST.get('authorized')=='True':
old_user.is_staff = True
else:
old_user.is_staff = False
staff_form.save()
old_user.save()
@trantu的答案解释了您的代码问题,但是您绝不应该检查用户是否可以通过检查邮政参数来授权用户,因为用户可以用表格发布任何内容。<<<<<<<<<<<<<<
您应该使用类似的东西:
if request.user.is_staff(): # Or admin, or checking the permissions of the user.