[英]How to authenticate if a user “owns” a model instance
I have the following models: 我有以下型号:
class UserProfile(models.Model):
user = models.OneToOneField(User)
class Site(models.Model):
user = models.ForeignKey(User)
site_name = models.CharField(max_length=128, blank=False, null=False)
class Team(models.Model):
site = models.ForeignKey(Site)
team_member_name = models.CharField(default='name', max_length=128, blank=False, null=False)
I have a view that passes a team_member
id via the URL: 我有一个通过URL传递
team_member
id的视图:
Urls.py: Urls.py:
url(r'^team/(?P<team_member_id>\d+)/$', 'team.views.home', name='team_view_team_member')
Views.py: Views.py:
@login_required
def home(request, team_member_id=None):
team_member = Team.objects.get(id=team_member_id)
Note that there are many Team
instances (ie lots of team members) which have the same Site_id
. 请注意,有许多具有相同
Site_id
Team
实例(即许多团队成员)。
How can I test if the request.user
has the same site_id
as any team_member
returned? 如何测试
request.user
是否具有与返回的任何team_member
相同的site_id
? Is there a simple way to repeat this if I want to use it across multiple views? 如果要在多个视图中使用它,是否有一种简单的方法可以重复执行此操作?
Try this: 尝试这个:
team_member = Team.objects.get(id=team_member_id)
if team_member.site.id == request.user.site_set.all().first().id:
print "same site"
else:
print "different site"
Hope this helps. 希望这可以帮助。
# Site for user in request
req_user_site = Site.objects.get(user=request.user) # Use filter if it will return more than one object
# Site for team member in url
sites = Site.objects.filter(team__pk=team_member_id)
# Then compare
if req_user_site in sites:
print "have the same"
else:
print "don't"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.