这是我的工作示例。
1) 查询集
class PermissionQuerySet(models.query.QuerySet):
def editable_by(self, user):
return self.filter(user=user)
def viewable_by(self, user):
return self.filter(user=user)
2) 管理人员
class PermissionManager(models.Manager):
def get_query_set(self):
return PermissionQuerySet(self.model)
def editable_by(self, user, *args):
return self.get_query_set().editable_by(user, *args)
def viewable_by(self, user, *args):
return self.get_query_set().viewable_by(user, *args)
3) 型号
class MyModel(models.Model):
...
objects = PermissionManager()
这种方法与基于类的视图完美配合。我看到你在使用 TastyPie。我以前从未使用过它,但它似乎也使用基于类的视图。
这是工作示例:
class MyUpdateView(UpdateView):
def post(self, request, *args, **kwargs):
self.request = request
super(MyUpdateView, self).post(request, *args, **kwargs)
def get_query_set(self):
queryset = super(MyUpdateView, self).get_query_set()
queryset = queryset.editable_by(self.request.user)
if not queryset.exists():
raise Exception("This reward is not yours, you can't delete it !")
return queryset
我想你可以想象如何在CreateView、DeleteView中使用这种方式。我认为在 TastyPie 中实现这一点很容易。