# 标准库导入 from django.http import JsonResponse, HttpResponseBadRequest from django.shortcuts import redirect, render, get_object_or_404 from django.utils.decorators import method_decorator # Django组件导入 from django.contrib import messages from django.contrib.auth import logout from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.models import Permission, User from django.contrib.auth.views import LoginView from django.views.decorators.csrf import csrf_protect # 本地Django应用导入 from application.accounts.models import AccountProfile from common.utils.page_helper import paginate_query_and_assign_numbers @method_decorator(csrf_protect, name='dispatch') class CustomLoginView(LoginView): template_name = 'accounts/login.html' def form_valid(self, form): remember_me = form.cleaned_data.get('remember_me') if remember_me: self.request.session.set_expiry(1209600) # 2 weeks else: self.request.session.set_expiry(0) # Browser close return super(CustomLoginView, self).form_valid(form) def form_invalid(self, form): messages.error(self.request, '用户名或密码错误。') return super().form_invalid(form) def logout_view(request): logout(request) # Redirect to a success page, such as the home page return redirect('user_login') @login_required @permission_required('auth.view_user', raise_exception=True) def user_permissions_list(request): query_set = AccountProfile.objects.filter().order_by('id') name = request.GET.get('name', '') primary_department = request.GET.get('primary_department', '') if name: query_set = query_set.filter(employee_information__name__icontains=name) if primary_department: query_set = query_set.filter(employee_information__primary_department=primary_department) query_set = query_set.filter(user__is_superuser=True) items = paginate_query_and_assign_numbers( request=request, queryset=query_set, per_page=10 ) # 构建上下文查询参数字符串 query_params = '&name={}' + format(name) + '&primary_department={}' + format(primary_department) context = { 'list_key': 'id', 'breadcrumb_list': [ {"title": "首页", "name": "index"}, {"title": "权限设置", "name": "user_permissions_list"}, {"title": "账号权限表", "name": "user_permissions_list"} ], "form_action_url": "user_permissions_list", 'filters': [ { "type": "text", "id": "name", "name": "name", "label": "姓名", "placeholder": "请输入姓名" }, { "type": "select", "id": "primary_department", "name": "primary_department", "label": "一级部门", "options": [ {"value": "天信", "display": "天信"}, {"value": "混改", "display": "混改"}, {"value": "艾力芬特", "display": "艾力芬特"}, {"value": "星河", "display": "星河"}, {"value": "星海", "display": "星海"} ] } ], "table_columns": [ {"header": "姓名", "field": "employee_information.name"}, {"header": "邮箱", "field": "user.email"}, {"header": "角色", "field": "user.is_superuser"}, {"header": "部门", "field": "employee_information.primary_department"}, {"header": "职务", "field": "employee_information.position"}, {"header": "状态", "field": "employee_information.status"}, {"header": "权限", "field": "authority"}, {"header": "编辑", "field": "actions"} ], 'query_params': query_params, 'items': items, } return render(request, 'accounts/user_permissions_list.html', context) @login_required @permission_required('auth.view_permission', raise_exception=True) def available_permissions(request): # 从请求中获取'user_id'查询参数 user_id = request.GET.get('user_id') if not user_id: return HttpResponseBadRequest('User ID is required.') try: user_id = int(user_id) except ValueError: return HttpResponseBadRequest('Invalid User ID.') # 使用user_id获取用户对象 user = get_object_or_404(User, pk=user_id) # 获取用户已有的权限 user_permissions = user.user_permissions.all() # 获取系统中所有的权限 all_permissions = Permission.objects.all() # 找出用户尚未拥有的权限 available_permissions = all_permissions.exclude(id__in=user_permissions.values_list('id', flat=True)) # 修改权限的显示格式 def format_permission(permission): name = permission['name'] # 用于匹配 "Can add ", "Can change ", "Can delete ", "Can view " 等 action_prefixes = ['Can add ', 'Can change ', 'Can delete ', 'Can view '] for prefix in action_prefixes: if name.startswith(prefix): # 移除动作描述,保留资源名称 name = name.replace(prefix, '') break return { 'id': permission['id'], 'resource': name, # 这里的name已经不包含动作描述 'permission': permission['codename'].split('_')[0], # 动作描述从codename中提取 'codename': permission['codename'] } # 序列化可添加的权限并格式化 formatted_permissions_list = [format_permission(perm) for perm in available_permissions.values('id', 'name', 'codename')] # 返回JSON响应 return JsonResponse(formatted_permissions_list, safe=False) @login_required def get_user_existing_permissions(request): # 从请求中获取'user_id'查询参数 user_id = request.GET.get('user_id') if not user_id: return JsonResponse({'error': 'User ID is required.'}, status=400) try: user_id = int(user_id) except ValueError: return JsonResponse({'error': 'Invalid User ID.'}, status=400) # 使用user_id获取用户对象 user = get_object_or_404(User, pk=user_id) # 获取用户已有的权限 user_permissions = user.user_permissions.all().values('id', 'name', 'codename') # 将权限序列化为列表 permissions_list = list(user_permissions) # 返回JSON响应 return JsonResponse(permissions_list, safe=False)