用户只能看到他的数据 Django
User can only see his data Django
我正在构建一个合同管理系统,我希望用户只能看到他注册的公司、客户和用户,现在当我注册一个新用户时,他也可以看到其他用户注册的数据公司。
如何让它只看到他自己的客户、公司和合同?
views.py
# List the companies
@login_required
def client_company_list(request):
clients = ClientCompany.objects.all()
pending_payments_total = ClientCompany.objects.aggregate(sum=Sum('pending_payments'))['sum'] or 0
received_payments_total = ClientCompany.objects.aggregate(sum=Sum('received_payments'))['sum'] or 0
client_count = ClientCompany.objects.filter().count()
return render(request, 'list_client_company.html', {'clients': clients,
'pending_payments_total': pending_payments_total,
'received_payments_total': received_payments_total,
'client_count': client_count})
# Crate a new company
@login_required
def new_client_company(request):
# Start post add the company to the DB using POST or start a new form using None
form = ClientCompanyForm(request.POST, request.FILES, None)
# Check if the form is valid
if form.is_valid():
form.save()
return redirect('companies_list')
return render(request, 'client_company_form.html', {'form': form})
models.py
# Company client
class ClientCompany(models.Model):
company_name = models.CharField(max_length=30)
company_cnpj = models.IntegerField()
phone = models.IntegerField(null=True, blank=True)
email = models.EmailField(null=True, blank=True)
pending_payments = models.DecimalField(blank=True, null=True, max_digits=12, decimal_places=2)
received_payments = models.DecimalField(blank=True, null=True, max_digits=12, decimal_places=2)
description = models.TextField(blank=True, null=True)
# To return the name of the company on the django admin
def __str__(self):
return self.company_name
class UserManager(BaseUserManager):
# Create standard user
def create_user(self, email, full_name, password=None, is_active=True, is_staff=False, is_admin=False):
if not email:
raise ValueError('User must have an email address')
if not full_name:
raise ValueError('User must provide a full name')
if not password:
raise ValueError('User must provide a password')
user_obj = self.model(
email = self.normalize_email(email),
full_name = full_name
)
user_obj.set_password(password) # Defined user password
user_obj.staff = is_staff
user_obj.admin = is_admin
user_obj.active = is_active
user_obj.set_password(password) # Defined user password
user_obj.save(using=self._db) # Defined user password
return user_obj
# Create a staff user
def create_staff_user(self, email, full_name, password=None):
user = self.create_user(
email,
full_name=full_name,
password=password,
is_staff=True
)
return user
# Create superuser
def create_superuser(self, email, full_name, password=None):
user = self.create_user(
email,
full_name=full_name,
password=password,
is_staff=True,
is_admin=True
)
return user
# Create your models here.
class User(AbstractBaseUser):
email = models.EmailField(max_length=255, unique=True)
full_name = models.CharField(max_length=255, blank=True)
active = models.BooleanField(default=True) # If active can login
staff = models.BooleanField(default=False) # If the user is a staff member
admin = models.BooleanField(default=False) # If the user has superuser permissions
timestamp = models.DateTimeField(auto_now_add=True) # Get the time that the user has been created
#confirm = models.BooleanField(defaul=False) # Confirmed email
#confirmed_date = models.DateTimeField(auto_now_add=True) # Get the time that the email has been confirmed
USERNAME_FIELD = 'email' # That is now the username
REQUIRED_FIELDS = ['full_name'] # Email, name and password are required
objects = UserManager()
def __str__(self):
return self.email
def get_full_name(self): # Return the name of the user
return self.full_name
# def get_short_name(self):
# return self.email
def has_perm(self, perm, obj=None):
return True
def has_module_perms(self, app_label):
return True
# Check if is staff
@property
def is_staff(self):
return self.staff
# Check if is admin
@property
def is_admin(self):
return self.admin
# Check if is active
@property
def is_active(self):
return self.active
您需要将用户与 his/her 公司之间的关系存储在某处,以便您可以在视图中进行相应的过滤。
经典方法是为此创建一个配置文件模型,它将连接用户和公司。或者,如果您使用自己的用户模型(看起来像),那么您可以简单地将 FK 添加到公司的用户模型中。
我正在构建一个合同管理系统,我希望用户只能看到他注册的公司、客户和用户,现在当我注册一个新用户时,他也可以看到其他用户注册的数据公司。
如何让它只看到他自己的客户、公司和合同?
views.py
# List the companies
@login_required
def client_company_list(request):
clients = ClientCompany.objects.all()
pending_payments_total = ClientCompany.objects.aggregate(sum=Sum('pending_payments'))['sum'] or 0
received_payments_total = ClientCompany.objects.aggregate(sum=Sum('received_payments'))['sum'] or 0
client_count = ClientCompany.objects.filter().count()
return render(request, 'list_client_company.html', {'clients': clients,
'pending_payments_total': pending_payments_total,
'received_payments_total': received_payments_total,
'client_count': client_count})
# Crate a new company
@login_required
def new_client_company(request):
# Start post add the company to the DB using POST or start a new form using None
form = ClientCompanyForm(request.POST, request.FILES, None)
# Check if the form is valid
if form.is_valid():
form.save()
return redirect('companies_list')
return render(request, 'client_company_form.html', {'form': form})
models.py
# Company client
class ClientCompany(models.Model):
company_name = models.CharField(max_length=30)
company_cnpj = models.IntegerField()
phone = models.IntegerField(null=True, blank=True)
email = models.EmailField(null=True, blank=True)
pending_payments = models.DecimalField(blank=True, null=True, max_digits=12, decimal_places=2)
received_payments = models.DecimalField(blank=True, null=True, max_digits=12, decimal_places=2)
description = models.TextField(blank=True, null=True)
# To return the name of the company on the django admin
def __str__(self):
return self.company_name
class UserManager(BaseUserManager):
# Create standard user
def create_user(self, email, full_name, password=None, is_active=True, is_staff=False, is_admin=False):
if not email:
raise ValueError('User must have an email address')
if not full_name:
raise ValueError('User must provide a full name')
if not password:
raise ValueError('User must provide a password')
user_obj = self.model(
email = self.normalize_email(email),
full_name = full_name
)
user_obj.set_password(password) # Defined user password
user_obj.staff = is_staff
user_obj.admin = is_admin
user_obj.active = is_active
user_obj.set_password(password) # Defined user password
user_obj.save(using=self._db) # Defined user password
return user_obj
# Create a staff user
def create_staff_user(self, email, full_name, password=None):
user = self.create_user(
email,
full_name=full_name,
password=password,
is_staff=True
)
return user
# Create superuser
def create_superuser(self, email, full_name, password=None):
user = self.create_user(
email,
full_name=full_name,
password=password,
is_staff=True,
is_admin=True
)
return user
# Create your models here.
class User(AbstractBaseUser):
email = models.EmailField(max_length=255, unique=True)
full_name = models.CharField(max_length=255, blank=True)
active = models.BooleanField(default=True) # If active can login
staff = models.BooleanField(default=False) # If the user is a staff member
admin = models.BooleanField(default=False) # If the user has superuser permissions
timestamp = models.DateTimeField(auto_now_add=True) # Get the time that the user has been created
#confirm = models.BooleanField(defaul=False) # Confirmed email
#confirmed_date = models.DateTimeField(auto_now_add=True) # Get the time that the email has been confirmed
USERNAME_FIELD = 'email' # That is now the username
REQUIRED_FIELDS = ['full_name'] # Email, name and password are required
objects = UserManager()
def __str__(self):
return self.email
def get_full_name(self): # Return the name of the user
return self.full_name
# def get_short_name(self):
# return self.email
def has_perm(self, perm, obj=None):
return True
def has_module_perms(self, app_label):
return True
# Check if is staff
@property
def is_staff(self):
return self.staff
# Check if is admin
@property
def is_admin(self):
return self.admin
# Check if is active
@property
def is_active(self):
return self.active
您需要将用户与 his/her 公司之间的关系存储在某处,以便您可以在视图中进行相应的过滤。
经典方法是为此创建一个配置文件模型,它将连接用户和公司。或者,如果您使用自己的用户模型(看起来像),那么您可以简单地将 FK 添加到公司的用户模型中。