django中自定义用户模型中的权限问题

【问题标题】:Permission issue in custom user model in djangodjango中自定义用户模型中的权限问题
【发布时间】:2020-07-19 17:09:34
【问题描述】:

我正在尝试在我的 Django 应用程序中创建自定义用户模型。在我的应用 user_app 中,我在 models.py 中添加了以下代码:

from django.db import models
from django.contrib.auth.models import AbstractBaseUser, BaseUserManager, PermissionsMixin


class RestrauntManager(BaseUserManager):
    def create_user(self, username, email, phone, restraunt_name,
                    is_staff=False, is_admin=False, is_active=True, password=None):
        if not email:
            raise ValueError('User must have an email address')
        if not username:
            raise ValueError('User must have a username')
        if not password:
            raise ValueError('User must have a password')
        if not phone:
            raise ValueError('User must have a phone number')
        if not restraunt_name:
            raise ValueError('User must have a restraunt name')

        user = self.model(
                email = self.normalize_email(email),
                username = username,
                phone = phone,
                restraunt_name = restraunt_name
        )
        user.set_password(password)
        user.staff = is_staff
        user.active = is_active
        user.admin = is_admin
        user.save(using=self._db)
        return user

    def create_staffuser(self, email, username, phone, restraunt_name, password=None):
        user = self.create_user(
                email = self.normalize_email(email),
                username = username,
                phone = phone,
                restraunt_name = restraunt_name,
                is_staff = True
        )
        return user

    def create_superuser(self, email, username, phone, restraunt_name, password=None):
        user = self.create_user(
                email = self.normalize_email(email),
                username = username,
                phone = phone,
                restraunt_name = restraunt_name,
                password = password,
                is_staff = True,
                is_admin = True
        )
        user.save(using=self._db)
        return user

class Restraunt(PermissionsMixin, AbstractBaseUser):
    email = models.EmailField(verbose_name = 'email', max_length=60, unique=True)
    username = models.CharField(verbose_name='username', max_length=30, unique=True)
    # password = models.CharField(verbose_name='password', max_length=32)
    phone = models.CharField(verbose_name='phone', max_length=14)
    manager_name = models.CharField(verbose_name='manager_name', max_length=20)
    restraunt_name = models.CharField(verbose_name='restraunt_name', max_length=35)
    address = models.CharField(verbose_name='address', max_length=150, unique=True)
    added_at = models.DateTimeField(auto_now_add=True)
    admin = models.BooleanField(default=False)
    staff = models.BooleanField(default=False)
    active = models.BooleanField(default=True)

    USERNAME_FIELD = 'username'
    REQUIRED_FIELDS = ['email', 'phone', 'restraunt_name']

    objects = RestrauntManager()

    def __str__(self):
        return self.username

    def get_full_name(self):
        return self.manager_name

    def get_short_name(self):
        return self.restraunt_name

    def has_perm(self, perm, obj=None):
        return True

    def has_module_perm(self, app_label):
        return True

    @property
    def is_staff(self):
        "Is the user a member of staff?"
        return self.staff

    @property
    def is_admin(self):
        "Is the user an admin?"
        return self.admin

    @property
    def is_active(self):
        "Is the user active?"
        return self.active

在我的 settings.py 中,我添加了以下行:

AUTH_USER_MODEL = "user_app.Restraunt"

下面是我的 admin.py 的代码:

from django.contrib import admin
from django.contrib.auth import get_user_model

User = get_user_model()
admin.site.register(User)

现在我可以使用命令 python manage.py createsuperuser 创建一个超级用户,并且我可以成功登录,但是我收到一条消息 您无权查看或编辑任何内容。而且我无法查看或添加任何数据,因为我没有任何权限。我无法找出原因。

【问题讨论】:

    标签: python django django-models django-admin


    【解决方案1】:

    您在 admin.py 中调用默认用户 如果您不打算使用电子邮件作为登录名,那么创建自定义用户模型的意义何在?字段比你应该继承表单 AbstractUser:

    from django.contrib.auth.models import AbstractUser

class User(AbstractUser):
    bio = models.TextField(max_length=500, blank=True)
    location = models.CharField(max_length=30, blank=True)
    birth_date = models.DateField(null=True, blank=True)

    您仍然可以添加额外的字段。

    【讨论】:

      【解决方案2】:

      我没有用你的代码测试过,但我有同样的情况,可以用这个答案django admin - You don't have permission to edit anything解决它。

      基本上只是将user.is_superuser=True 添加到您的 create_superuser 函数中。

          def create_superuser(self, email, username, phone, restraunt_name, password=None):
    user = self.create_user(
            email = self.normalize_email(email),
            username = username,
            phone = phone,
            restraunt_name = restraunt_name,
            password = password,
            is_staff = True,
            is_admin = True
    )
    user.is_superuser=True
    user.save(using=self._db)
    return user

      【讨论】:

        猜你喜欢
        • 2019-09-17
        • 2016-07-31
        • 1970-01-01
        • 2017-05-27
        • 2013-09-09
        • 2013-07-23
        • 1970-01-01
        • 2014-01-10
        • 2013-06-26
        相关资源
        最近更新 更多
        热门标签
        Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode