我尝试根据用户角色为模型创建 django 自定义权限。
组织模式:
class Organization_Model(models.Model):
id = models.AutoField(primary_key=True, unique=False, editable=False)
Name = models.CharField()
组织角色:
class Organization_Roles_Model(models.Model):
id = models.AutoField(primary_key=True, unique=False, editable=False)
Name = models.CharField()
组织成员:
class Organization_Members_Model(models.Model):
id = models.AutoField(primary_key=True, unique=False, editable=False)
Organization = models.ForeignKey(Organization_Model)
User = models.ForeignKey(User)
Role = models.ForeignKey(Organization_Roles_Model)
组织组:
class Organization_AssetsGroups_Model(models.Model):
id = models.AutoField(primary_key=True, unique=False, editable=False)
Organization = models.ForeignKey(Organization_Model)
Name = models.CharField()
自定义权限:
class isOrgOwnerOrAdmin(BasePermission):
def has_object_permission(self, request, view, object):
User = request.user
Roles = Organization_Roles_Model.objects.filter(Name__in=['Owner', 'Admin'])
OrgsMember = [OrgID for OrgID in Organization_Members_Model.objects.filter(User=User, Role__in=Roles).values_list('Organization', flat=True)]
if object.id in OrgsMember:
return True
我创建了此权限,该权限只能应用于 Organization_Model,但我想创建一个权限,该权限可应用于根据其在组织中的角色链接到 Organization_Model 的所有对象。如何在不为与 Organization_Model 相关的每个对象创建权限的情况下轻松实现这一点?