python-Web-django-路由保护
Posted person1-0-1
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了python-Web-django-路由保护相关的知识,希望对你有一定的参考价值。
from django.shortcuts import redirect,HttpResponse from app01.models import * import re def ddff(module): ‘‘‘登陆控制‘‘‘ def deco(request): try: if request.session[‘manage_name‘]: return module(request) else: return redirect("/back/login/login/") except KeyError: return redirect("/back/login/login/") return deco # list def ddff_list(module): ‘‘‘登陆控制‘‘‘ def deco(request): try: if request.session[‘manage_name‘]: # 获取所有权限 functions = getfunctions(request) # 获取url查询条件 function_ = geturlf(request) if function_ in functions: ‘‘‘有权限‘‘‘ print(‘有权限‘) return module(request) else: ‘‘‘无权限‘‘‘ print(‘无权限‘) return HttpResponse(‘<h1 align="center">无权限</h1>‘) # return redirect("/back/login/login/") else: return redirect("/back/login/login/") except KeyError: return redirect("/back/login/login/") return deco # add def defense_url(module): ‘‘‘防御url‘‘‘ def deco(request,aid=None): if aid != None: return module(request,aid) try: if request.session[‘manage_name‘]: # 获取所有权限 functions = getfunctions(request) # 获取url查询条件 function_ = geturlf(request) if function_ in functions: ‘‘‘有权限‘‘‘ print(‘有权限‘) return module(request,aid) else: ‘‘‘无权限‘‘‘ print(‘无权限‘) return HttpResponse(‘<h1 align="center">无权限</h1>‘) # return redirect("/back/login/login/") else: return redirect("/back/login/login/") except KeyError: return redirect("/back/login/login/") return deco def geturlf(request): ‘‘‘url权限‘‘‘ requesturl = request.path # 链接 if re.findall(‘list‘, requesturl): function_ = Function.objects.filter(href_list=requesturl).first() elif re.findall(‘add‘, requesturl): function_ = Function.objects.filter(href_add=requesturl).first() else: function_ = Function.objects.filter(href_t=requesturl).first() return function_ def getfunctions(request): ‘‘‘权限拼接‘‘‘ manage_id = request.session[‘manage_id‘] if manage_id == 1: # 超管 functions = Function.objects.all() else: functions = [] manage_id = request.session[‘manage_id‘] # 个人所有职位 mp_objs = MP.objects.filter(manage_id=manage_id) for mp_obj in mp_objs: # 一个职位所有权限 pf_objs = PF.objects.filter(position_id=mp_obj.position_id) # 一个职位权限id列表 id_list = [] for pf_obj in pf_objs: id_str = (pf_obj.function).split(‘,‘) for i in id_str: if i not in id_list: id_list.append(i) print(id_list) for i in id_list: # 一个权限id对应一个权限 function_obj = Function.objects.filter(id=i).first() if function_obj not in functions: functions.append(function_obj) # 一会做限制 return functions
以上是关于python-Web-django-路由保护的主要内容,如果未能解决你的问题,请参考以下文章