Django - 限制用户访问相同的值

时间:2017-03-26 13:17:48

标签: javascript python django python-3.x calendar

我有一个日历,假设它连接到当前的admins-association。管理员在日历中选择日期并注册表单以便设置事件。但是当我使用其他管理员关联登录时,我仍然可以看到上一个管理员的事件。我想让它们彼此分开。

仍然是一个新手,所以以正确的方式引导我,感谢你的帮助,伙计们!

models.py

class Administrator(AbstractUser):
        # inherits the standard User-model
        ...
        association = models.ForeignKey(Association)


class Event(models.Model):
      name = models.CharField(max_length=50)
      location = models.CharField(max_length=100)
      start = models.DateTimeField(blank=False)
      end = models.DateTimeField(blank=False)
      allday = models.BooleanField()
      description = models.TextField(max_length=200)
      synced = models.BooleanField(default=False)
      gid = models.CharField(default='', max_length=100)
      association = models.ForeignKey(Association)


class Association(models.Model):
        asoc_name = models.CharField(max_length=50, null=True, blank=True)

views.py

class calendar(ListView):

   model = Event
   template_name = 'calapp/calendar.html'

   def get_queryset(self):
       queryset =  Event.objects.filter(association=self.request.user.association)
       return queryset


def event_add_edit(request):
   if request.method == 'POST':
       res = {'success': False}

       action = request.POST['action']
       name = request.POST['name']
       location = request.POST['location']
       start = request.POST['start']
       end = request.POST['end']
       allday = request.POST['allday'] == 'true'
       description = request.POST['description']
       synced = request.POST['synced'] == 'true'
       association = Association.objects.filter(asoc_name=request.user.association)
       asoc = Association.objects.get(id=association)

       if action == 'add':
           Event.objects.create(
              name=name,
              location=location,
              start=start,
              end=end,
              allday=allday,
              description=description,
              synced=synced,
              association=asoc
           )

           res['success'] = True
           res['message'] = 'added'
           eid = Event.objects.latest('id').id
           res['eid'] = eid
           res['data'] = Event.objects.values().get(id=eid)
       elif action == 'edit':


           eid = request.POST['eid']
           event = Event.objects.get(id=eid)
           event.name = name
           event.location = location
           event.start = start
           event.end = end
           event.allday = allday
           event.description = description
           event.synced = synced
           event.save()

           res['success'] = True
           res['message'] = 'edited'
           res['eid'] = eid
           res['data'] = Event.objects.values().get(id=eid)

       return JsonResponse(res)
   else:
       raise Http404

calendar.html

<div id="container">
 <div id="cal-content-grid">
            <div id="week-days">
                <ul>
                    <li class="week-day">Sunday</li>
                    <li class="week-day">Monday</li>
                    <li class="week-day selected">Tuesday</li>
                    <li class="week-day">Wednesday</li>
                    <li class="week-day">Thursday</li>
                    <li class="week-day">Friday</li>
                    <li class="week-day">Saturday</li>
                </ul>
            </div>
            <div class="week-row">
                <ul>
                    <li class="week-row-cell disabled">1</li>
                    <li class="week-row-cell disabled">2</li>
                    <li class="week-row-cell disabled">3</li>
                    <li class="week-row-cell disabled">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
            <div class="week-row">
                <ul>
                    <li class="week-row-cell">1</li>
                    <li class="week-row-cell">2</li>
                    <li class="week-row-cell">3</li>
                    <li class="week-row-cell">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
            <div class="week-row">
                <ul>
                    <li class="week-row-cell">1</li>
                    <li class="week-row-cell">2</li>
                    <li class="week-row-cell">3</li>
                    <li class="week-row-cell selected">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
            <div class="week-row">
                <ul>
                    <li class="week-row-cell">1</li>
                    <li class="week-row-cell">2</li>
                    <li class="week-row-cell">3</li>
                    <li class="week-row-cell">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
            <div class="week-row">
                <ul>
                    <li class="week-row-cell">1</li>
                    <li class="week-row-cell">2</li>
                    <li class="week-row-cell">3</li>
                    <li class="week-row-cell">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
            <div class="week-row last">
                <ul>
                    <li class="week-row-cell">1</li>
                    <li class="week-row-cell">2</li>
                    <li class="week-row-cell">3</li>
                    <li class="week-row-cell">4</li>
                    <li class="week-row-cell">5</li>
                    <li class="week-row-cell">6</li>
                    <li class="week-row-cell last">7</li>
                </ul>
            </div>
        </div>
    </div>
</div>

 <div class="form-wrapper" id="add-event-form">
    <form action="" method="POST" role="form">
        {% csrf_token %}
        <input type="hidden" name="action" id="add-event-action" value="add">
        <input type="hidden" name="eid" id="add-event-eid" value="">
        <input type="hidden" name="synced" id="add-event-synced" value="false">
        <ul>
            <li class="form-li">
                <span class="form-top" id="add-event-top"></span>
                <span class="btn-fa btn-close form-close">
                    <i class="fa fa-times"></i>
                </span>
            </li>
            <li class="form-li">
                <span class="input-field">
                    <input id="add-event-name" maxlength="50" name="name" placeholder="Event Name" type="text" required>
                </span>
            </li>
            <li class="form-li">
                <span class="input-field">
                    <input id="add-event-location" maxlength="100" name="location" placeholder="Location" required>
                </span>
            </li>
            <li class="form-li">
                <span class="input-name">Starts</span>
                <span class="input-field datetime-field">
                    <input id="add-event-sdate" name="start_date" type="date" ><input id="add-event-stime" name="start_time" type="time" required>
                </span>
            </li>
            <li class="form-li">
                <span class="input-name">Ends</span>
                <span class="input-field datetime-field">
                    <input id="add-event-edate" name="end_date" type="date" ><input id="add-event-etime" name="end_time" type="time" required>
                </span>
            </li>
            <li class="form-li">
                <input id="add-event-allday" type="checkbox" name="allday">
                <label for="add-event-allday" class="input-name"> All Day</label>
            </li>
            <li class="form-li">
                <textarea id="add-event-desc" name="description" placeholder="Description" maxlength="200"></textarea>
            </li>
            <li class="form-li">
                <input class="form-btn form-close" type="button" value="Cancel">
                <input class="form-btn btn-right" type="submit" value="Save">
            </li>
        </ul>
    </form>
</div>

calendar.js

# parts of the code that may be useful

//generate event li
getEventli: function (event) {
    var $li = $("<li class='event-li'>");

    var $ename = $("<span class='event-li-name'>");
    $ename.text(event.name);
    $li.append($ename);

    var $etime = $("<span class='event-li-time'>");
    var start = new Date(event.start),
        h = cal.getHourStr(start.getHours());

    $etime.text(h);
    $li.append($etime);

    // add data-eid attribute for detail show
    $li.data("eid", event.id);
    $li.click(cal.showDetailForm);

    cal.eventsById[event.id].eventli.push($li);

    return $li;
},

1 个答案:

答案 0 :(得分:0)

您的查询错误,您请求所有关联,但您没有明确说明哪个用户将获得自己的模型。

association = Administrator.objects.filter(id=request.user.id).values('association__asoc_name')

但我建议你以其他方式重写模型。

class Administrator(AbstractUser):
    # inherits the standard User-model
    # User is only here to refernce trought all models by FK

class Association(models.Model):
    asoc_name = models.CharField(max_length=50, null=True, blank=True)
    user = models.ForeignKey(Administrator)

class Event(models.Model):
    name = models.CharField(max_length=50)
    association = models.ForeignKey(Association)
    # This kinde is esay to query and has some logic

# Example Event Query
q = Event.objects.filter(association__user__id=request.user.id)

# Example Association Query
q = Association.objects.filter(user=request.user.id)

# Exmpale Return Association and Event
q = Association.objects.filter(user=request.user.id).values('association__event__name')