Python 学习 第十篇 CMDB用户权限管理
2016-10-10 16:29:17
标签: python
版权声明:原创作品,谢绝转载!否则将追究法律责任。
不管是什么系统,用户权限都是至关重要的。所以我在注册用户的时候,就为他们分了两种权限。一种是普通用户的权限,一种是管理员权限。普通用户在数据库中的value是user,管理员的value是admin。
因为我想设计的系统是只有一位管理员的。所以这里我没有根据角色来进行判断。而是根据他的用户名来判断。管理员的用户名是唯一的,那就是admin。
闲话少说,先把注册用户的代码贴上来
逻辑端:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
@app .route( "/adduser" ,methods = [ 'GET' , 'POST' ])
def adduser():
if request.method = = "GET" :
username = session.get( "name" )
return render_template( "register.html" ,username = username)
#前端post请求,逻辑端通过request.form获取整个表单的值 if request.method = = "POST" :
userlist = dict ((k,v[ 0 ]) for k,v in dict (request.form).items())
userlist[ 'password' ] = hashlib.md5(userlist[ 'password' ] + salt).hexdigest()
userlist[ 're_password' ] = hashlib.md5(userlist[ 're_password' ] + salt).hexdigest()
if userlist[ "name" ] in [ n.values()[ 0 ] for n in get_userlist([ "name" ]) ]:
errmsg = "username is exist"
return json.dumps({ 'code' : '1' , 'errmsg' :errmsg})
if not userlist[ "name" ] or not userlist[ "password" ]:
errmsg = "username and password is not empty"
return json.dumps({ 'code' : '1' , 'errmsg' :errmsg})
if userlist[ "password" ] ! = userlist[ "re_password" ]:
errmsg = "password is error"
return json.dumps({ 'code' : '1' , 'errmsg' :errmsg})
fields = [ "name" , "name_cn" , "password" , "mobile" , "email" , "role" , "status" ]
values = [ '%s' % userlist[x] for x in fields]
userdict = dict ([(k,values[i]) for i,k in enumerate (fields)])
add_user(userdict)
return json.dumps({ 'code' : '0' , 'result' : "register sucess" })
|
数据端代码:
1
2
3
4
|
def add_user(userlist):
sql = "insert into users(%s)values('%s')" % ( "," .join(userlist.keys()), "','" .join(userlist.values()))
curs.execute(sql)
conn.commit()
|
前端代码:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
...省略 < div class = "form-group" >
< label for = "password" class = "col-sm-2 control-label" >密码< span class = "red-fonts" ></ span ></ label >
< div class = "col-sm-8" >
< input id = "password" name = "password" placeholder = "密码" type = "password" class = "form-control" >
</ div >
</ div >
< div class = "form-group" >
< label for = "password" class = "col-sm-2 control-label" >确认密码</ label >
< div class = "col-sm-8" >
< input id = "re_password" name = "re_password" placeholder = "再次确认密码" type = "password" class = "form-control" >
</ div >
</ div >
< div class = "form-group" >
< label for = "role" class = "col-sm-2 control-label" >角色</ label >
< div class = "col-sm-8" >
< select name = "role" >
< option value = "admin" class = "form-control" >管理员</ option >
< option value = "user" class = "form-control" >普通用户</ option >
</ select >
</ div >
</ div >
< div class = "form-group" >
< label for = "status" class = "col-sm-2 control-label" >状态</ label >
< div class = "col-sm-8" >
< select name = "status" >
< option value = "0" class = "form-control" >激活</ option >
< option value = "1" class = "form-control" >锁定</ option >
</ select >
</ div >
</ div >
...省略 |
因为我的前端是从别的地方套用过来的。这里我采用了继承
判断用户权限就在base.html这个模板里面做
1
2
3
4
5
6
|
< ul class = "nav nav-second-level collapse" >
< li class = "group" >< a href = "/userinfo" >个人中心</ a ></ li >
{%if username=='admin'%}
< li class = "user" >< a href = "/userlist" >用户列表</ a ></ li >
{%endif%}
</ ul >
|
这里的username 是从逻辑端传到前端的。细心的同学好好看下就知道了
1
2
3
4
5
6
7
8
9
10
|
< li id = "jasset" >
< a >< i class = "fa fa-inbox" ></ i > < span class = "nav-label" >资产管理</ span >< span class = "fa arrow" ></ span ></ a >
{%if username=='admin'%}
< ul class = "nav nav-second-level collapse" >
< li class = "group" >< a href = "/idc" >机房管理</ a ></ li >
< li class = "asset" > < a href = "/cabinet" >机柜管理</ a ></ li >
< li class = "idc" > < a href = "/server" >服务器管理</ a ></ li >
</ ul >
{%endif%}
</ li > <!-- 资产管理 -->
|
到这里。用户权限就已经做完了
普通用户只可以看到他自己的个人信息。
管理员用户可以看到所有的信息
本文出自 “不抛弃!不放弃” 博客,谢绝转载!