Google App Engine-管理员部分
[英]Google App Engine - Admin Section
问题描述
I am writing a web application with Google App Engine in Python that enables users to read books. 
我正在使用Google App Engine用Python编写一个Web应用程序,使用户能够阅读书籍。 I'd like to enable only administrators to add information about books and the contents of book pages to the website. 我只想让管理员将有关书籍和书籍页面内容的信息添加到网站。
When restricting access to certain pages with the app.yaml configuration, such as below, is it necessary that the script associated with the admin pages be different from the script used for pages available to everyone. 当使用app.yaml配置限制访问某些页面时,如下所示,与管理页面关联的脚本必须不同于每个人都可以使用的页面的脚本。 For instance, is there any problem if the script associated with /admin/.* urls be home.py instead of admin.py? 例如,如果与/admin/.* url关联的脚本是home.py而不是admin.py,是否有问题?
application: myapp
version: 1
runtime: python
api_version: 1
handlers:
- url: /
script: home.py
- url: /index\.html
script: home.py
- url: /admin/.*
script: admin.py
login: admin
- url: /.*
script: not_found.py
Thank you, 谢谢,
David 大卫
2 个解决方案
解决方案1
5 2010-11-13 22:54:39
您还可以在请求处理代码中使用is_current_user_admin进行编程检查。
解决方案2
2 2010-11-14 05:48:31
You've essentially got two options... one is what you've already got, which is to keep all the admin pages under /admin and apply blanket security on that path, which is what Adam has done. 从本质上讲,您有两种选择:一种是您已经拥有的选择,即将所有管理页面保留在/admin并在该路径上应用通用安全性,这是Adam所做的。
The other is to keep the same pages for everyone (say you want to show special functions for the admins, like edit buttons or moderation tools) and like Adam already said, and use the is_current_user_admin() function to determine what to show and do for the admins. 另一个是让所有人保持相同的页面(例如,您想要显示管理员的特殊功能,例如编辑按钮或审核工具),就像亚当已经说过的那样,并使用is_current_user_admin()函数来确定显示和执行的操作管理员。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.