mixins Django how to enable staff-user post, edit, delete permission in html template
Question
I am using mixins in my views for restrict unauthenticated user to access my blog-post page, edit-page and delete-page. Right now only admin user can access those page but I also give permission to staff user for access those page. see the picture:
still now my staff user get 404 error when trying to access those page. here is my code:
#views.py
class blog_publish_view(PermissionRequiredMixin,CreateView):
raise_exception = True
permission_required = "blog_add_blog"
model = Post
form_class = BlogPost
template_name = "blog_post.html"
#fields = ['title','author','body']
class blog_update_view(PermissionRequiredMixin,UpdateView):
raise_exception = True
permission_required = "blog_change_blog"
model = Post
template_name = "blog_update_post.html"
form_class = BlogPost
class blog_delete_view(PermissionRequiredMixin,DeleteView):
raise_exception = True
permission_required = "blog_delete_blog"
model = Post
template_name = "delete_blog_post.html"
success_url = reverse_lazy('blog')
#my html page for post blog:
{% if user.is_authenticated %}
<div class="container">
<h1>Publish Blog</h1>
<form method="POST">
{% csrf_token %}
{{form.media}}
{{form.as_p}}
<button class="btn btn-info">Publish</button>
</form>
</div>
{% endif %}
my staff user can post,edit,publish blog from django admin panel but how to enable those permission in html template.
1 answers
solution1
2 ACCPTED 2021-05-12 10:40:07
You specify the permission_required attribute incorrectly. The permission names are the form of <app label>.<permission codename> , where the default permission code names are in the form of <action>_<model_name> . So your views would be like:
class blog_publish_view(PermissionRequiredMixin,CreateView):
...
permission_required = "blog.add_post"
...
class blog_update_view(PermissionRequiredMixin,UpdateView):
...
permission_required = "blog.change_post"
...
class blog_delete_view(PermissionRequiredMixin,DeleteView):
...
permission_required = "blog.delete_post"
...
Edit : The default permissions are as follows:
- Add permission:
<app label>.add_<lowercase_model_name> - Change permission:
<app label>.change_<lowercase_model_name> - Delete permission:
<app label>.delete_<lowercase_model_name> - View permission:
<app label>.view_<lowercase_model_name>
Note : Class names should be in
PascalCasenotso it should besnake_caseBlogPublishViewinstead of, etc. Have a look at PEP 8 -- Style Guide for Python Codeblog_publish_view
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.