Django 2.1 查看权限
Django 2.1 View Permission
Django Doc 声明新的查看权限已添加到 Django 2.1,但没有进一步说明如何使用它,尤其是在 Django 管理站点上。
据我所知,这将是一种只读权限,但如果有人能更好地理解此新权限及其在管理站点上的行为,我将不胜感激
你正确。 Django 2.1 release notes 描述了这个变化:
Model "view" permission
A "view" permission is added to the model Meta.default_permissions.
The new permissions will be created automatically when running
migrate.
This allows giving users read-only access to models in the admin.
ModelAdmin.has_view_permission() is new. The implementation is
backwards compatible in that there isn’t a need to assign the "view"
permission to allow users who have the "change" permission to edit
objects.
此外,ModelAdmin.has_view_permission [Django-doc] 权限的文档解释如下:
ModelAdmin.has_view_permission(request, obj=None)
Should return True if viewing obj is permitted, False
otherwise. If obj is None, should return True or False to
indicate whether viewing of objects of this type is permitted in
general (e.g., False will be interpreted as meaning that the current
user is not permitted to view any object of this type).
The default implementation returns True if the user has either the
"change" or "view" permission.
所以在这种情况下,"change" 权限意味着 "view" 权限(这是很合乎逻辑的,因为更改对象而不是先看到它会很奇怪)。
你是对的,他们没有说明如何使用它,但我找到了如何使用它。默认情况下,查看权限将为 return true,因此它的唯一用例是你想阻止用户查看管理对象。这就是您可以做到的。
class ViewAdmin(admin.ModelAdmin):
def has_view_permission(self, request, obj=None):
return False
Django Doc 声明新的查看权限已添加到 Django 2.1,但没有进一步说明如何使用它,尤其是在 Django 管理站点上。
据我所知,这将是一种只读权限,但如果有人能更好地理解此新权限及其在管理站点上的行为,我将不胜感激
你正确。 Django 2.1 release notes 描述了这个变化:
Model "view" permission
A "view" permission is added to the model
Meta.default_permissions. The new permissions will be created automatically when running migrate.This allows giving users read-only access to models in the admin.
ModelAdmin.has_view_permission()is new. The implementation is backwards compatible in that there isn’t a need to assign the "view" permission to allow users who have the "change" permission to edit objects.
此外,ModelAdmin.has_view_permission [Django-doc] 权限的文档解释如下:
ModelAdmin.has_view_permission(request, obj=None)Should return
Trueif viewingobjis permitted,Falseotherwise. IfobjisNone, should returnTrueorFalseto indicate whether viewing of objects of this type is permitted in general (e.g.,Falsewill be interpreted as meaning that the current user is not permitted to view any object of this type).The default implementation returns
Trueif the user has either the "change" or "view" permission.
所以在这种情况下,"change" 权限意味着 "view" 权限(这是很合乎逻辑的,因为更改对象而不是先看到它会很奇怪)。
你是对的,他们没有说明如何使用它,但我找到了如何使用它。默认情况下,查看权限将为 return true,因此它的唯一用例是你想阻止用户查看管理对象。这就是您可以做到的。
class ViewAdmin(admin.ModelAdmin):
def has_view_permission(self, request, obj=None):
return False