如果用户不是员工,如何排除表单字段?我尝试了这个但是没有用,给出了一个错误:
global name 'user' is not defined
class PostForm(ModelForm):
class Meta:
model = Photo
exclude = ['author','featured','published']
def __init__(self, *args, **kwargs):
published = kwargs.pop('published', None)
super(PostForm, self).__init__(*args, **kwargs)
if not user.is_staff:
del self.fields['published']
view.py
def addpost(request):
if request.method == 'POST':
form = PostForm(request.POST,request.FILES,user=request.user)
if form.is_valid():
post = form.save(False)
post.author = request.user
form.save()
return HttpResponseRedirect(reverse('insight.content.views.index', ))
else:
form = PostForm(user=request.user)
ispost = True
return render_to_response('form_add_place.html', {'form': form,'ispost':ispost},context_instance=RequestContext(request))
小智 15
这可以在渲染表单时在模板中实现.它需要允许空值或在模型定义中具有默认值,或者覆盖其验证:
<form method="post">{% csrf_token %}
{% if request.user.is_staff %}
<p>{{ form.published }}</p>
{% endif %}
<p>{{ form.author }}</p>
<!-- ... your other fields -->
</form>
同样,您可以检查is_superuser或检查权限,请参阅文档:https://docs.djangoproject.com/en/dev/topics/auth/default/#permissions
您需要将请求中的用户实例传递给它 - 模型表单无权访问它。
my_form = PostForm(user=request.user)
然后,在你的__init__:
def __init__(self, *args, **kwargs):
published = kwargs.pop('published', None)
user = kwargs.pop('user', None)
super(PostForm, self).__init__(*args, **kwargs)
if not user.is_staff:
del self.fields['published']
| 归档时间: |
|
| 查看次数: |
19713 次 |
| 最近记录: |