【问题标题】:Django generic DeleteView authenticationDjango 通用 DeleteView 身份验证
【发布时间】:2021-07-23 07:44:54
【问题描述】:

我想创建一个只有作者和授权组才能删除的帖子。

class PostDeleteView(DeleteView):
   model = Posts
   template_name = 'deletepost.html'
   success_url = '/home'

目前所有用户都可以删除帖子。

【问题讨论】:

    标签: django django-views django-generic-views


    【解决方案1】:

    您可以使用PermissionRequiredMixin - 请参阅documentation

    例如:

    from django.contrib.auth.mixins import PermissionRequiredMixin
    
    ...
    
    class PostDeleteView(PermissionRequiredMixin, DeleteView):
        model = Posts
        template_name = 'deletepost.html'
        success_url = '/home'
        permission_required = 'myapp.delete_posts'  # <---- set your permissions here (str or tuple)
    
        def has_permission(self):
            has_perms = super().has_permission()
            # You can check if self.request.user is the author here
            self.object = self.get_object()
            user_is_author = self.object.author == self.request.user  # example only
            return has_perms or user_is_author
    

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2021-03-25
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2017-04-17
      • 1970-01-01
      • 2017-06-03
      • 2011-09-23
      相关资源
      最近更新 更多