rbac is designed role-based permissions, contains a total of six tables, table design specific as follows:
from django.db import models class Menu(models.Model): """ 菜单表 """ title = models.CharField(verbose_name='菜单名称',max_length=32,unique=True) icon = models.CharField(max_length=128, blank=True, null=True) def __str__(self): return self.title class Permission(models.Model): """ 权限表 """ title = models.CharField(verbose_name='权限标题', max_length=32) URL = models.CharField (= the verbose_name ' containing canonical the URL ' , MAX_LENGTH = 128 ) name = models.CharField (the verbose_name = ' URL alias ' , 64 = MAX_LENGTH, UNIQUE = True) # control authority to the button parent = models.ForeignKey (= the verbose_name ' parent rights ' , to = ' Self ' , null = True, blank = True, on_delete = models.CASCADE, limit_choices_to = { ' parent__isnull ' : True}) # construct rights relationships non-menu, the default menu expand menu = models.ForeignKey (the verbose_name = ' menu ' , to = ' menu ',null=True,blank=True,on_delete=models.CASCADE) def __str__(self): return self.title class Role(models.Model): """ 角色 """ title = models.CharField(verbose_name='角色名称', max_length=32) permissions = models.ManyToManyField(verbose_name='拥有的所有权限', to='Permission', blank=True) def __str__(self): return self.title classThe UserInfo (models.Model): "" " User Table " "" username = models.CharField (the verbose_name = ' username ' , MAX_LENGTH = 32 ) password = models.CharField (the verbose_name = ' password ' , MAX_LENGTH = 64 ) In Email = models.CharField (= the verbose_name ' E-mail ' , max_length = 32 ) the roles = models.ManyToManyField (verbose_name = ' has all the roles ' , to = role, blank = True) class Meta: abstract = True # To crm user tables inherit DEF __str__ (Self): return self.username
Where the user and role tables are many relationships, roles and permissions table is a table-many relationship. Further authority table associated with the menu, one such privilege at a certain url mount a menu, and the associated authority table itself, so that such addition, deletion, and modification of the permissions can be hung on a url a permission url below.