源码与认证组件很类似,这里只给出关键点
def check_permissions(self, request): for permission in self.get_permissions(): if not permission.has_permission(request, self): self.permission_denied( request, message=getattr(permission, 'message', None) ) def get_permissions(self): return [permission() for permission in self.permission_classes]
class UserInfo(models.Model): name = models.CharField(max_length=32) # 写choice user_choice=((0,'普通用户'),(1,'会员'),(2,'超级用户')) # 指定choice,可以快速的通过数字,取出文字 user_type=models.IntegerField(choices=user_choice,default=0) pwd = models.CharField(max_length=32) # 用户token class UserToken(models.Model): token = models.CharField(max_length=64) user = models.OneToOneField(to=UserInfo) class Book(models.Model): nid = models.AutoField(primary_key=True) name = models.CharField(max_length=32) price = models.DecimalField(max_digits=5, decimal_places=2) publish_date = models.DateField() publish = models.ForeignKey(to='Publish', to_field='nid', on_delete=models.CASCADE) authors = models.ManyToManyField(to='Author') def __str__(self): return self.name class Author(models.Model): nid = models.AutoField(primary_key=True) name = models.CharField(max_length=32) age = models.IntegerField() author_detail = models.OneToOneField(to='AuthorDatail', to_field='nid', unique=True, on_delete=models.CASCADE) class AuthorDatail(models.Model): nid = models.AutoField(primary_key=True) telephone = models.BigIntegerField() birthday = models.DateField() addr = models.CharField(max_length=64) class Publish(models.Model): nid = models.AutoField(primary_key=True) name = models.CharField(max_length=32) city = models.CharField(max_length=32) email = models.EmailField() def __str__(self): return self.name def test(self): return self.email
使用方式同认证相似
#创建py文件,在文件中创建类 from rest_framework.permissions import BasePermission class UserPermission(BasePermission): message = '不是超级用户,查看不了' #权限认证失败的返回值可以在这改 def has_permission(self, request, view): #必须有这个方法 user_type = request.user.user_type if user_type == 1: return True else: return False
局部使用
#在类中 permission_classes = [UserPermission,]
全局使用
#与auth在同一个地方,如下 REST_FRAMEWORK={ "DEFAULT_AUTHENTICATION_CLASSES":["app01.service.auth.Authentication",], "DEFAULT_PERMISSION_CLASSES":["app01.service.permissions.SVIPPermission",] #文件路径 } #局部禁用 #在类中 permission_classes = []
class UserInfo(models.Model): name = models.CharField(max_length=32) user_choice=((0,'普通用户'),(1,'会员'),(2,'超级用户')) user_type=models.IntegerField(choices=user_choice,default=0) #如何通过user_type字段拿到,,普通用户,,普通用户 #正常情况下拿到的是0,1,2 ------------------------------------------------------ #在序列化类中 class UserSer(serializers.ModelSerializer): class Meta: model = models.UserInfo fields='__all__' user_type=serializers.CharField(source='get_user_type_display') #添加这么一句,'get_user_type_display'是get_字段名_display