效果图：

 一、models层给权限增加url的别名

这是做是为了在模板用别名判断当前用户是否有这个url（权限）

rbac/models.py

class Permission(models.Model):    """    权限表    """    title = models.CharField(verbose_name='标题', max_length=32)    url = models.CharField(verbose_name='含正则的URL', max_length=128)    menu = models.ForeignKey(verbose_name='所属菜单', to=Menu, null=True, blank=True,                             help_text='null表示不是菜单，非null表示是二级菜单', on_delete=models.CASCADE                             )    name = models.CharField(verbose_name='url的别名', max_length=32, unique=True)  # +    pid = models.ForeignKey(verbose_name='关联的权限', to='Permission', null=True, blank=True, related_name='parents',                            help_text='对于非菜单权限需要选择一个可以成为菜单的权限，用于做默认展开和选中菜单',                            on_delete=models.CASCADE                            )    def __str__(self):        return self.title

 

注意：刚创建的时候设置成null=True和blank=True,当添加完数据后再设置unique=True，并删除null=True和blank=True

二、在初始化权限中增加别名

把用户权限以字典的形式储存，别名作为key。values还是一个字典，储存其他信息。

rbac/service/init_permission.py

from permission_learn import settingsdef init_permission(current_user, request):    """    用户权限的初始化    :param current_user:  当前登录用户    :param request:    :return:    """    permission_menu_queryset = current_user.roles.filter(permissions__isnull=False).values(        'permissions__id',        'permissions__title',        'permissions__url',        'permissions__name',        'permissions__pid_id',        'permissions__pid__title',  # +        'permissions__pid__url',        'permissions__menu_id',        'permissions__menu__title',        'permissions__menu__icon',    )    permission_dict = {}  # +     menu_dict = {}    for item in permission_menu_queryset:        permission_dict[item['permissions__name']] = {            'id': item['permissions__id'],            'title': item['permissions__title'],            'url': item['permissions__url'],            'pid': item['permissions__pid_id'],            'p_title': item['permissions__pid__title'],            'p_url': item['permissions__pid__url'],        }        menu_id = item['permissions__menu_id']        if not menu_id:            continue        second_menu = {
   'id': item["permissions__id"], 'title': item['permissions__title'],                       'url': item['permissions__url']}        if menu_id in menu_dict:            menu_dict[menu_id]['second_menu'].append(second_menu)        else:            menu_dict[menu_id] = {                'title': item['permissions__menu__title'],                'icon': item['permissions__menu__icon'],                'second_menu': [second_menu, ]            }    request.session[settings.PERMISSION_SESSION_KEY] = permission_dict    request.session[settings.MENU_SESSION_KEY] = menu_dict 

三、中间件处理

rbac/middlewares/rbac.py

没有太大变化，换一下名字就行

import refrom django.utils.deprecation import MiddlewareMixinfrom django.shortcuts import HttpResponsefrom permission_learn import settingsclass RbacMiddleware(MiddlewareMixin):   def process_request(self, request):       white_list = settings.WHITE_LIST       current_path = request.path       for valid_url in white_list:           if re.match(valid_url, current_path):               return None       permission_dict = request.session.get(settings.PERMISSION_SESSION_KEY)       if not permission_dict:           return HttpResponse('请先登录 ')       has_permission = False       url_record = [           {
    'title': '首页', 'url': '#'}       ]       for item in permission_dict.values():           regex = '^%s$' % item['url']           if re.match(regex, current_path):               has_permission = True               request.current_selected_permission = item['pid'] or item['id']               if not item['pid']:  # 选中的是二级菜单                   url_record.extend([                       {
    'title': item['title'], 'url': item['url'], 'class': 'active'}                   ])               else:  # 选中的是具体权限                   url_record.extend([                       {
    'title': item['p_title'], 'url': item['p_url']},                       {
    'title': item['title'], 'url': item['url'], 'class': 'active'},                   ])               request.breadcrumb = url_record  # 通过request，把储存信息传给用户               break       if not has_permission:           return HttpResponse('未获取权限，请先获取权限')

四、模板处理

在templatestag里判断用户是否有权限（是否有url的别名）

rbac/templatestag/rbac.py

@register.filter()def has_permission(request, name):    """判断是否有权限"""    if name in request.session[settings.PERMISSION_SESSION_KEY]:        return True

 

在需要把权限控制到按钮的模板传入request，和url的别名，并进行判断。这里拿用户列表举例

业务app/templates/customer_list.html

{% extends 'layout.html' %}{% load rbac %}   
     ... {% if request|has_permission:'customer_add' %}              添加客户     {% endif %} {% if request|has_permission:'customer_import' %}             批量导入    {% endif %}{% if request|has_permission:'customer_edit' or request|has_permission:'customer_del' %}     选项{% endif %}{% if request|has_permission:'customer_edit' or request|has_permission:'customer_del' %}            {% if request|has_permission:'customer_edit' %}                                                {% endif %}        {% if request|has_permission:'customer_del' %}            |                                                {% endif %}    {% endif %}...