如果用户不是员工,如何排除表单字段?我试过这个但是没有用,给出了一个错误:
global name 'user' is not defined
class PostForm(ModelForm):
class Meta:
model = Photo
exclude = ['author','featured','published']
def __init__(self, *args, **kwargs):
published = kwargs.pop('published', None)
super(PostForm, self).__init__(*args, **kwargs)
if not user.is_staff:
del self.fields['published']
view.py
def addpost(request):
if request.method == 'POST':
form = PostForm(request.POST,request.FILES,user=request.user)
if form.is_valid():
post = form.save(False)
post.author = request.user
form.save()
return HttpResponseRedirect(reverse('insight.content.views.index', ))
else:
form = PostForm(user=request.user)
ispost = True
return render_to_response('form_add_place.html', {'form': form,'ispost':ispost},context_instance=RequestContext(request))
答案 0 :(得分:12)
这可以在渲染表单时在模板中实现。它需要允许空值或在模型定义中具有默认值,或者覆盖其验证:
<form method="post">{% csrf_token %}
{% if request.user.is_staff %}
<p>{{ form.published }}</p>
{% endif %}
<p>{{ form.author }}</p>
<!-- ... your other fields -->
</form>
同样,您可以查看is_superuser或查看权限,请参阅文档:https://docs.djangoproject.com/en/dev/topics/auth/default/#permissions
答案 1 :(得分:3)
您需要从请求中传递用户实例 - 模型表单无权访问它。
my_form = PostForm(user=request.user)
然后,在__init__:
def __init__(self, *args, **kwargs):
published = kwargs.pop('published', None)
user = kwargs.pop('user', None)
super(PostForm, self).__init__(*args, **kwargs)
if not user.is_staff:
del self.fields['published']