First question is to be thrown in the code what the world is authority?
- url on behalf of the authority
How to achieve access control?
The following details the control flow
Simple Access Control 1.1 - Table Structure
简单权限控制,三个model,五张表
Permissions table permission
- url permission url address regular expression ^ $
- title title
Roles table role
- name Role Name
- permissions-many association permission table
User table user
- username username
- password password
- roles of both multi-role association
Relational tables roles and permissions
Relational tables for users and roles
1.2 a Menu - Table Structure
一级菜单: 在permission表中增加is_menu字段,区别该权限是否是菜单
Permissions table
url permission url address regular expression ^ $
title title
Whether is_menu the menu
icon icon
1.3 Secondary Menu - Table Structure
二级菜单: 实现二级菜单功能时,需要增加第六张表menu,在权限表中加入外键,关联menu表,有menu_id 当前的权限是二级菜单 没有menu_id 当前的权限是普通的权限
Table menu
- Name a menu title
- icon icon
Permissions table
url permission url address regular expression ^ $
title title
the foreign key menu menu table has two current permissions menu_id menu is currently no authority menu_id ordinary authority
1.4 of a second menu Menu sort - table structure
要对一级菜单排序,在menu中加入weight权重字段
Table menu
Name a menu title
icon icon
weight integer
1.5 Non-menu ownership rights
权限归属,在menu表中加入parent外键,自关联权限表, 有parent_id当前的权限是子权限, 没有parent_id 当前的权限是父权限 ,即二级菜单
Permissions table
- url permission url address regular expression ^ $
- title title
- Foreign key menu - the menu associated with the current table has permission menu_id secondary menu is currently no authority menu_id ordinary authority
- parent foreign key - associated authority table - autocorrelation, there is a sub-current permissions parent_id permission rights are not currently parent_id permission two parent menu
--Table Structure:
menu menu table
- title title
- icon icon
- weight Permissions
permission rights table
- url rights, url path, the regular expression ^ $
- title title
- name url alias, the only
- menu foreign key - associated menu list, blank = True, null = True, (using two menu)
- There is menu_id, the current permissions are secondary menu,
- No menu_id current permissions are common permissions
- parent self-association (non-vested rights to use the menu)
- There is menu_id child rights
- Parent permission is not parent_id
- is_menu Boolean value, a menu used
- icon, a menu used
- role role table
- name name of the role,
- permission-many association permission table
- user user table
- username username
- password password
- Table role_permission roles and permissions
Table user_role users and roles
- a data structure (process technology point +)
1. Simple access control
After the successful landing rights information stored in the session
Permissions data structure
permission_list = [{url},]
Middleware -
-(校验成功,return None,校验失败继续执行)
- Get url path of the current access
- Whitelist check
- Check the login status
- Free certified address verification
- Check permissions
- Obtain permission from the sission
- Cycling privileges, the regular match
- template
- Master and inheritance
2. dynamically generate a menu
Log user right to successfully saved in sission
Permissions data structure
permission_list=[{url},]
Menu data structure
menu_list=[{url:,title:,icon:,},]
Middleware
校验成功,return None,校验失败继续执行
- Get url path of the current access
- Whitelist check
- Login status check
- Free certification path validation
- Check permissions
- Obtain permission from the session
- Cycling privileges, the regular match
Master
- inclusion_tag
- Generating a dynamic menu
- Defined inclusion_tag
- yi had for circulation men_list, generates a menu
3. The two dynamically generated menu
After a successful login session to save user rights
Permissions list data structure
permission_list ={{url:,},}
Menu dictionary data structure
menu_dict={一级菜单ID:{ title: icon: children:[{ url: title: },] },}
Middleware
- Get url path of the current access
- Whitelist check
- Login status check
- Free certification path validation
- Check permissions
- Obtain permission from the session
- Cycling privileges, the regular match
template
Templates and inheritance
Two dynamically generated menu
Custom inclusion_tag
Two for loops to menu_dict.values ()
4. The two dynamically generated menu (a menu ordering)
Log in to save successfully acquire user rights in sission
Permissions list data structure
permission_list= [{url},]
Menu dictionary data structure
menu_dict = {一级菜单的id:{ title: icon: weight: children:[{ url: title: },] },}
Middleware
- Middleware
- Get url path of the current access
- Whitelist check
- Login status check
- Free certification path validation
- Check permissions
- Obtain permission from the session
- Cycling privileges, the regular match
- Middleware
template
Master and inheritance
Generating a second-level menu and the menu ordering
- Custom inclusion_tag
menu_diact dictionary sort of sorted, added to the ordered dictionary od
Two for loop, return ordered dictionary od.values (),
The two dynamically generated menu (second menu is selected by default, expand)
After a successful login session to save user rights
Permissions list data structure
permission_list = [{url}]
Menu dictionary data structure
menu_dict= {一级菜单id:{ title: icon: weight: children:[{ url: title: },] },}
Middleware
- Get url address of the current access path
- Whitelist check
- Log in state inspection
- Authentication-free address check
- Check permissions
- Obtain permission from the session
- Cycling privileges, the regular match
- template
- Master and inheritance
- Two dynamically generated menu, and sorting, expand
- Custom inclusion_tag
- Gets the current url
- menu_diact dictionary sort of sorted, added to the ordered dictionary od
- Circulating a menu added class = 'hide'
- Cyclic secondary menu, regular matching url, if the matching is successful
- Secondary menu plus class = 'active'
- A menu class = ''
- Two for loop, return ordered dictionary od.values ()
6. two dynamically generated menus (non-permission home menu, select two sub-menu expanded rights)
After a successful login session to save user rights
Permissions list data structure
permission_list = [{ url: id: pid: },]
Menu dictionary data structure
menu_dict = {一级菜单id:{ title: icon: weight: children:[{ url: title: id: },] },}
Middleware
- Get url path of the current access
- Whitelist check
- = None request.current_menu_id --- Free authentication when accessing the index address, to ensure that all secondary menu closed
- Check the login status
- Free certified check
- Check permissions
- Obtain permission from sission canceled in
- Cycling privileges, the regular match
- Get Permissions list id and pid
- When pid is not present, the current permission is a secondary menu, the request id to the package, id = request.current_menu_id the --current Current -
- When pid is present, the current permission is a secondary menu, the pid id package, i.e., the headset menu to requst, request.current_menu_id = pid
template
Master and inheritance
Generate a secondary menu, select the secondary menu expand child rights
- Custom inclussion_tag
- Gets the current url
- sorted sort of menu level, added to the ordered dictionary od
- Circulating a menu added class = 'hide'
- Cyclic secondary menu, the menu is determined request.current_menu_id the two are equal in the id
- The two menu was added to equal class = 'active', remove the hide a menu class, class = ''
- Two for loops to return od.values ()
7. Path navigation
Log user right to successfully saved in sission
Permissions dictionary data structure
permission_dict ={权限id:{ # 可以根据子权限的pid获取父权限的字典 url:, id:, pid:, title:, },}
Menu dictionary data structure
menu_dict = {一级菜单id:{ title: icon: weight: children:[{ url: title: id: },] },}
- Middleware
- Get url path of the current access
- Whitelist check
- = None request.current_menu_id --- Free authentication when accessing the index address, to ensure that all secondary menu closed
- request.breadcrumb_list = [{ 'title': 'Home', 'url': '/ index /'},] --- Free add authentication information to the navigation route
- Login status check
- Authentication-free address check
- Check permissions
- Obtain permission from the sission
- Cycling privileges permissions_dict.vlaues, regular match
- Get id and pid
- If pid is a secondary menu does not exist,
- request.current_menu_id = id
- Encapsulating the two menu information --request.breadcurmb_list.append ({ 'title': i [ 'title'], 'url': i [ 'url']})
- If pid exist, a child rights
- Parent permission p_permissions = permissions_dict [str ( 'dict')]
- request.current_menu_id = pid
- Encapsulating the two menu information --request.breadcurmb_list.append ({ 'title': p_permissions [ 'title'], 'url': p_permissions [ 'url']})
- Permissions sub menu information package --request.breadcurmb_list.append ({ 'title': i [ 'title'], 'url': i [ 'url']})
- If pid is a secondary menu does not exist,
template
Master and inheritance
Generate a secondary menu, select the secondary menu expand child rights
- Custom inclussion_tag
- Gets the current url
- sorted sort of menu level, added to the ordered dictionary od
- Circulating a menu added class = 'hide'
- Cyclic secondary menu, the menu is determined request.current_menu_id the two are equal in the id
- The two menu was added to equal class = 'active', remove the hide a menu class, class = ''
- Two for loops to return od.values ()
- Breadcrumbs
- Custom inclusion_tag
- 获取breadcurmb_list= request.breadcrumb_list
- One for loop request.breadcrumb_list
8. level access control to the button
Save user privileges after successful login to the session
Permissions dictionary data structure
permisssions_dict={url别名:{ url: id: pid: pname: },}
Menu dictionary data structure
menu_dict = {一级菜单id:{ title: icon: weight: children:[{ url: title: id: },] },}
Middleware
Get url path of the current access
- Whitelist check
- request.current_menu_id=None
- request.breadcrumb_list=[{'tittle':'主页','url':'/index/'},]
- Login status check
- Obtain permission from the sission
- Cycling privileges permissions_dict.vlaues, regular match
- Get id and pid
- If pid does not exist, the current url is secondary menu
- request.current_menu_id = id
- request.breadcrumb_list.append({'title':i['title'],'url':i['url']})
- If pid exists, the current url is child rights
- Parent rights acquired (second level) information p_permissions = permissions_dict [i [ 'pname']]
- request.current_menu_id = pid
- request.breadcrumb_list.append({'title':p_permissions['title'],'url':p_permissions['url']})
- request.breadcrumb_list.append({'title':i['title'],'url':i['url']})
- If pid does not exist, the current url is secondary menu
template
Master and inheritance
Generating a second-level menu / menu a sort / non-permission to the home menu, select two sub-menu to expand the permissions
- Custom inclussion_tag
- Gets the current url
- sorted sort of menu level, added to the ordered dictionary od
- Circulating a menu added class = 'hide'
- Cyclic secondary menu, the menu is determined request.current_menu_id the two are equal in the id
- The two menu was added to equal class = 'active', remove the hide a menu class, class = ''
- Two for loops to return od.values ()
Breadcrumbs
- Custom inclusion_tag
- 获取breadcurmb_list= request.breadcrumb_list
- One for loop request.breadcrumb_list
Access control to the button
- Custom filter --has_permission
- Analyzing pass over the front end name in permission_dict,
- There is return True
- There is no return False
- Judge {% if request | has_permission: name%} in html file {% endif%}