数据库

from django.db import models

class Menu(models.Model):
    """
    菜单组:
    """
    title = models.CharField(max_length=32)

    def __str__(self):
        return self.title

class Group(models.Model):
    """
    权限组
    """
    caption = models.CharField(verbose_name='组名称',max_length=16)
    menu = models.ForeignKey(verbose_name='所属菜单',to='Menu',default=1)            #多个组需要属于一个菜单

    def __str__(self):
        return self.caption

class Permission(models.Model):
    """
    权限表
    """
    title = models.CharField(verbose_name='标题',max_length=32)
    url = models.CharField(verbose_name="含正则URL",max_length=64)

    menu_gp = models.ForeignKey(verbose_name='组内菜单',to='Permission',null=True,blank=True,related_name='x1')    #多种权限属于一个组

    code = models.CharField(verbose_name="代码",max_length=16)
    group = models.ForeignKey(verbose_name='所属组',to="Group")

    class Meta:
        verbose_name_plural = "权限表"

    def __str__(self):
        return self.title

class User(models.Model):
    """
    用户表
    """
    username = models.CharField(verbose_name='用户名',max_length=32)
    password = models.CharField(verbose_name='密码',max_length=64)
    email = models.EmailField(verbose_name='邮箱',max_length=32)
    roles = models.ManyToManyField(verbose_name='具有的所有角色',to="Role",blank=True) #一个用户可以有多种权限,一种权限可是是多个用户所共有

    class Meta:
        verbose_name_plural = "用户表"

    def __str__(self):
        return self.username

class Role(models.Model):
    """
    角色表
    """
    title = models.CharField(max_length=32)
    permissions = models.ManyToManyField(verbose_name='具有的所有权限',to='Permission',blank=True)      #一种权限可以对应多种角色,一个角色可以对应多个权限
    class Meta:
        verbose_name_plural = "角色表"

    def __str__(self):
        return self.title

权限信息初始化

from django.conf import settings


def init_permission(user,request):
    """
    初始化权限信息,获取权限信息并放置到session中。
    :param user:
    :param request:
    :return:
    """
    permission_list = user.roles.values('permissions__id',
                                        'permissions__title',              # 用户列表
                                        'permissions__url',
                                        'permissions__code',
                                        'permissions__menu_gp_id',         # 组内菜单ID,Null表示是菜单
                                        'permissions__group_id',
                                        'permissions__group__menu_id',     # 菜单ID
                                        'permissions__group__menu__title',#  菜单名称
                                        ).distinct()

    # 菜单相关(以后再匹配)
    sub_permission_list = []
    for item in permission_list:
        tpl = {
            'id':item['permissions__id'],
            'title':item['permissions__title'],
            'url':item['permissions__url'],
            'menu_gp_id':item['permissions__menu_gp_id'],
            'menu_id':item['permissions__group__menu_id'],
            'menu_title':item['permissions__group__menu__title'],
        }
        sub_permission_list.append(tpl)
    request.session[settings.PERMISSION_MENU_KEY] = sub_permission_list

    # 权限相关
    result = {}
    for item in  permission_list:
        group_id = item['permissions__group_id']
        code = item['permissions__code']
        url = item['permissions__url']
        if group_id in result:
            result[group_id]['codes'].append(code)
            result[group_id]['urls'].append(url)
        else:
            result[group_id] = {
                'codes':[code,],
                'urls':[url,]
            }
    # 权限url
    request.session[settings.PERMISSION_URL_DICT_KEY] = result