使用 UserPassesTestMixin(基于 class 的视图)并重定向
Using UserPassesTestMixin (class based view) AND redirect as well
我正在尝试使用基于 Class 的视图,而我最终得到的是默认的 403 禁止访问页面。mixin 类 的顺序是否正确?代码是否像 get/post 中那样被使用,或者所有内容都被绕过并发生默认的 403 重定向?
到目前为止看到的所有工作示例,仅在基于函数的视图中指向装饰器@login_required,并使用请求对象重定向到登录页面。
documentation 提供了一些提示,但我不能让它与下面的代码一起工作。也把错误堆栈放在一起。
检查
"GET / HTTP/1.1" 200 2580
Forbidden (Permission denied): /app/custom-view
Traceback (most recent call last):
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\exception.py", line 34, in inner
response = get_response(request)
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\views\generic\base.py", line 68, in view
return self.dispatch(request, *args, **kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 52, in dispatch
return super().dispatch(request, *args, **kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 108, in dispatch
return self.handle_no_permission()
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 43, in handle_no_permission
raise PermissionDenied(self.get_permission_denied_message())
django.core.exceptions.PermissionDenied
代码:
class UserIsAdminMixin(UserPassesTestMixin):
def test_func(self):
return request.user.groups.filter(name='CustomAdmin').exists()
class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):
template_name = 'template.html'
# login_url = '/login/'
# redirect_field_name = 'my_link_name'
def get(self, request):
form = CustomForm()
# This does not work neither does setting up login_url
if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():
return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
我愿意尝试this solution,如果上述方法行不通
根据 ,您可以使用 handle_no_permission(self): 来处理重定向 URL。
简单地说:
def handle_no_permission(self):
return redirect('users:create-profile')
我正在尝试使用基于 Class 的视图,而我最终得到的是默认的 403 禁止访问页面。mixin 类 的顺序是否正确?代码是否像 get/post 中那样被使用,或者所有内容都被绕过并发生默认的 403 重定向?
到目前为止看到的所有工作示例,仅在基于函数的视图中指向装饰器@login_required,并使用请求对象重定向到登录页面。 documentation 提供了一些提示,但我不能让它与下面的代码一起工作。也把错误堆栈放在一起。
检查
"GET / HTTP/1.1" 200 2580
Forbidden (Permission denied): /app/custom-view
Traceback (most recent call last):
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\exception.py", line 34, in inner
response = get_response(request)
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "C:\Users\me\.envs\project\lib\site-packages\django\core\handlers\base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\views\generic\base.py", line 68, in view
return self.dispatch(request, *args, **kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 52, in dispatch
return super().dispatch(request, *args, **kwargs)
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 108, in dispatch
return self.handle_no_permission()
File "C:\Users\me\.envs\project\lib\site-packages\django\contrib\auth\mixins.py", line 43, in handle_no_permission
raise PermissionDenied(self.get_permission_denied_message())
django.core.exceptions.PermissionDenied
代码:
class UserIsAdminMixin(UserPassesTestMixin):
def test_func(self):
return request.user.groups.filter(name='CustomAdmin').exists()
class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):
template_name = 'template.html'
# login_url = '/login/'
# redirect_field_name = 'my_link_name'
def get(self, request):
form = CustomForm()
# This does not work neither does setting up login_url
if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():
return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
我愿意尝试this solution,如果上述方法行不通
根据 handle_no_permission(self): 来处理重定向 URL。
简单地说:
def handle_no_permission(self):
return redirect('users:create-profile')