[英]mixins Django how to enable staff-user post, edit, delete permission in html template
我在視圖中使用mixins來限制未經身份驗證的用戶訪問我的博客文章頁面、編輯頁面和刪除頁面。 現在只有管理員用戶可以訪問這些頁面,但我也授予員工用戶訪問這些頁面的權限。 看圖片:
現在我的員工用戶在嘗試訪問這些頁面時仍然收到 404 錯誤。 這是我的代碼:
#views.py
class blog_publish_view(PermissionRequiredMixin,CreateView):
raise_exception = True
permission_required = "blog_add_blog"
model = Post
form_class = BlogPost
template_name = "blog_post.html"
#fields = ['title','author','body']
class blog_update_view(PermissionRequiredMixin,UpdateView):
raise_exception = True
permission_required = "blog_change_blog"
model = Post
template_name = "blog_update_post.html"
form_class = BlogPost
class blog_delete_view(PermissionRequiredMixin,DeleteView):
raise_exception = True
permission_required = "blog_delete_blog"
model = Post
template_name = "delete_blog_post.html"
success_url = reverse_lazy('blog')
#my html 用於發布博客的頁面:
{% if user.is_authenticated %}
<div class="container">
<h1>Publish Blog</h1>
<form method="POST">
{% csrf_token %}
{{form.media}}
{{form.as_p}}
<button class="btn btn-info">Publish</button>
</form>
</div>
{% endif %}
我的員工用戶可以從 django 管理面板發布、編輯、發布博客,但如何在 html 模板中啟用這些權限。
您錯誤地指定了permission_required屬性。 權限名稱為<app label>.<permission codename>的形式,其中默認的權限代碼名稱為<action>_<model_name>的形式。 所以你的觀點是:
class blog_publish_view(PermissionRequiredMixin,CreateView):
...
permission_required = "blog.add_post"
...
class blog_update_view(PermissionRequiredMixin,UpdateView):
...
permission_required = "blog.change_post"
...
class blog_delete_view(PermissionRequiredMixin,DeleteView):
...
permission_required = "blog.delete_post"
...
編輯:默認權限如下:
<app label>.add_<lowercase_model_name><app label>.change_<lowercase_model_name><app label>.delete_<lowercase_model_name><app label>.view_<lowercase_model_name>注意:Class 名稱應該是
PascalCase而不是所以它應該是snake_caseBlogPublishView而不是等。看看PEP 8 - Python 代碼的樣式指南blog_publish_view
Django 如何限制員工用戶從 django 管理面板編輯或刪除其他員工用戶帖子
[英]Django how to restrict staff-user to edit or delete others staff-user post from django admin panel
如何讓用戶刪除和編輯他們在Django中創建的帖子?
[英]How can I enable the users delete and edit post they create in Django?
無法從我的 Django post_detail.html 模板中編輯和刪除帖子
[英]Can't Edit and Delete posts from my Django post_detail.html template
Django 2.2 如果用戶創建了該博客文章,則無法弄清楚如何授權用戶編輯或刪除該博客文章
[英]Django 2.2 Cannot figure out how to authorize user to edit or delete blog post if user created that blog post
限制(許可)Django員工用戶更改模型的某些字段
[英]Restrict (permission) Django staff user from changing certain fields of a model
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.