我有以下想法。一名用户可以在多个公司工作。用户在其所在的每个公司中具有不同的权限。 下面的示例不起作用,因为一个用户始终拥有相同的权限。
我应该如何设置我的用户模型,使每个公司的一个用户拥有不同的权限?
这就是我到目前为止所尝试过的:
class User(AbstractUser):
hourly_wage = models.DecimalField(decimal_places=2, max_digits=6, default=8.50)
class Meta:
permissions = (("is_general", "Can add people to his company and see everything"),
("is_captain", "Can add/edit/delete everything"),
("is_staff", "Can add/edit/delete jobs"),
("is_programmer", "Can do what he or she wants to do"))
def clean(self):
self.username = self.username.lower()
class Company(models.Model):
name = models.CharField(max_length=80)
slug = models.SlugField(unique=True)
users = models.ManyToManyField(User, related_name="companies")
class Meta:
verbose_name_plural = "companies"
最佳答案
您为 ManyToManyField
定义一个模型 多对多关系通过它流动。
所以代替:
+---------+ M N +-------------+ M N +------------+
| Company |----------| User |----------| Permission |
+---------+ +-------------+ +------------+
| permissions |
+-------------+
我们这样写:
+---------+ 1 N +-------------+ M 1 +------+
| Company |----------| UserCompany |----------| User |
+---------+ +-------------+ +------+
| M
|
| N
+------------+
| Permission |
+------------+
我们可以通过以下方式做到这一点:
from django.contrib.auth.models import Permission
class User(AbstractUser):
def clean(self):
self.username = self.username.lower()
class Company(models.Model):
name = models.CharField(max_length=80)
slug = models.SlugField(unique=True)
users = models.ManyToManyField(User, <b>through='app.CompanyUser'</b>, related_name="companies")
class Meta:
verbose_name_plural = "companies"
class <b>CompanyUser</b>(models.Model):
<b>user = models.ForeignKey('app.User', on_delete=models.CASCADE)</b>
<b>company = models.ForeignKey('app.Company', on_delete=models.CASCADE)</b>
<b>hourly_wage = models.DecimalField(decimal_places=2, max_digits=6, default=8.50)</b>
<b>permissions = models.ManyToManyField(Permission, on_delete=models.CASCADE)</b>
您可能希望将其他逻辑转移到通过模型。例如hourly_wage
可能也与( User
, Company
)对相关,而不特定于 User
本身。
因此,您可以向 UserCompany
添加权限与:
someusercompany.permissions.add(some_permission)
然后检查是否有 UserCompany
拥有以下权限:
CompanyUser.objects.filter(
user=some_user,
company=some_company,
some_permission=some_permission
).exists()
有关此内容的更多信息,请参阅 documentation about through
parameter [django-doc] .
关于django - 如何设置django用户权限,一个用户拥有多个权限?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51125863/