问题描述
我有一个自定义用户模型,我可以在不授予必要权限的情况下创建组。我通过授予查看和更改用户的权限创建了一个组。我向该组添加了一个员工用户,但没有将他们升级为管理员用户或超级用户。但该用户可以编辑管理员用户。如何阻止该特定组中的用户编辑管理员用户?
class MyAccountManager(BaseUserManager):
def create_user(self,email,username,password=None):
if not email:
raise ValueError("Users must have an email address")
if not username:
raise ValueError("Users must have an username")
user = self.model(
email=self.normalize_email(email),username=username,)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self,password):
user = self.create_user(
email=self.normalize_email(email),password=password,)
user.is_admin = True
user.is_staff = True
user.is_superuser = True
user.save(using=self._db)
return user
class User(AbstractBaseUser,PermissionsMixin):
email = models.EmailField(verbose_name='email',max_length=80,unique=True)
username = models.CharField(max_length=30,unique=True)
first_name = models.CharField(max_length=100,null=True)
last_name = models.CharField(max_length=100,null=True)
phone_no = models.CharField(max_length=12,null=True)
date_joined = models.DateField(
verbose_name='date joined',auto_Now_add=True)
last_login = models.DateField(verbose_name='last login',auto_Now=True)
is_admin = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
is_teacher = models.BooleanField(default=False)
address = models.CharField(max_length=500,null=True,blank=True)
USERNAME_FIELD = 'username'
required_FIELDS = ['email']
objects = MyAccountManager()
def __str__(self):
return self.email
# def has_perm(self,perm,obj=None):
# return self.is_admin
def has_module_perms(self,app_label):
return True
解决方法
为此,您需要虚拟地分离模型。您可以使用 Django 的 
。将以下代码添加到 models.py 的底部。
import java.awt.Dimension;
import java.awt.GridBagLayout;
import javax.swing.BoxLayout;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JPanel;
import javax.swing.SwingUtilities;
public class FrameAccueil {
private JFrame frame;
public FrameAccueil() {
frame = new JFrame(getClass().getSimpleName());
JPanel fond = new JPanel() { // Move this code inside your bgfond class
@Override
public Dimension getPreferredSize() {
return new Dimension(1000,500);
}
};
fond.setLayout(new BoxLayout(fond,BoxLayout.PAGE_AXIS));
JPanel boutons = new JPanel(new GridBagLayout());
JButton btn1 = new JButton("btn1");
JButton btn2 = new JButton("btn1");
JButton btn1 = new JButton("btn1") { // If you follow point 8,these code shall be moved there and these JButtons should be objects of that class.
@Override
public Dimension getPreferredSize() {
return new Dimension(300,50);
}
};
JButton btn2 = new JButton("btn1") {
@Override
public Dimension getPreferredSize() {
return new Dimension(300,50);
}
};
boutons.add(btn1);
boutons.add(btn2);
fond.add(boutons); //Try to first add the inner objects and then the outer ones,so go inside-out as to keep them ordered in a more logical way
frame.add(fond);
frame.pack();
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.setVisible(true);
}
public static void main(String[] args) {
SwingUtilities.invokeLater(() -> new FrameAccueil()); //Place your program on the EDT
}
}
进行更改后,运行 from django.contrib.auth.models import UserManager
class StaffManager(UserManager):
def get_queryset(self):
qs = super().get_queryset()
return qs.filter(is_staff=True)
class StaffProxyModel(User):
objects = StaffManager()
class Meta:
proxy = True
verbose_name = 'Staff'
verbose_name_plural = 'Staffs'
#admin.py
from django.contrib.auth.admin import UserAdmin
class StaffProxyModelAdmin(UserAdmin):
pass
admin.site.register(StaffProxyModel,StaffProxyModelAdmin)
和 python manage.py makemigrations。完成上述步骤后,您将能够在权限列表中看到“员工代理模型”。向您的组授予对此模型的更改和查看访问权限。你的问题应该得到解决。
Django 会将代理模型视为一个单独的模型,尽管在数据库级别,User 和 Staff 模型存储在同一个表中。