forked from jly8866/archer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
permission.py
49 lines (38 loc) · 1.8 KB
/
permission.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# -*- coding: UTF-8 -*-
import simplejson as json
from django.shortcuts import render
from django.http import HttpResponse
from .models import users
# 管理员操作权限验证
def superuser_required(func):
def wrapper(request, *args, **kw):
# 获取用户信息,权限验证
loginUser = request.session.get('login_username', False)
loginUserOb = users.objects.get(username=loginUser)
if loginUserOb.is_superuser is False:
if request.is_ajax():
finalResult = {'status': 1, 'msg': '您无权操作,请联系管理员', 'data': []}
return HttpResponse(json.dumps(finalResult), content_type='application/json')
else:
context = {'errMsg': "您无权操作,请联系管理员"}
return render(request, "error.html", context)
return func(request, *args, **kw)
return wrapper
# 角色操作权限验证
def role_required(roles=()):
def _deco(func):
def wrapper(request, *args, **kw):
# 获取用户信息,权限验证
loginUser = request.session.get('login_username', False)
loginUserOb = users.objects.get(username=loginUser)
loginrole = loginUserOb.role
if loginrole not in roles and loginUserOb.is_superuser is False:
if request.is_ajax():
finalResult = {'status': 1, 'msg': '您无权操作,请联系管理员', 'data': []}
return HttpResponse(json.dumps(finalResult), content_type='application/json')
else:
context = {'errMsg': "您无权操作,请联系管理员"}
return render(request, "error.html", context)
return func(request, *args, **kw)
return wrapper
return _deco