初めまして、
Django でスタッフの管理ツールを開発しょうと始めたのですが、まったくできないです、誰かが教えてくださいませ!
1,管理人は管理ログインのID/PWで入ってすべてのスタッフの情報を閲覧し管理できる
2,スタッフは管理者が発行してくれたID/PWでログインで入ってスタッフ個人個人のサイトでスタッフ個人個人の情報しか閲覧、管理できないこと
今はスタッフのID/PWで入ってもすべての情報を見てしまう!
なんかわからないです。教えてくださいませ!
上記を作りとしたコード以下です。
こちらはstartprojectのUrls.py:
from django.conf.urls import patterns, include, url
from django.contrib import admin
admin.autodiscover()
urlpatterns = patterns(''
url(r'^admin/', include(admin.site.urls)),
url(r'articles/', include("article.urls")),
url(r'accounts/login/$', "kojin.views.login"),
url(r'accounts/auth/$', "kojin.views.auth_view"),
url(r'accounts/logout/$', "kojin.views.logout"),
url(r'accounts/invalid/$', "kojin.views.invalid_login"),
url(r'accounts/register/$', "kojin.views.register"),
)
こちらはstartprojectのViews.py:
from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect
from django.contrib import auth
from django.core.context_processors import csrf
from django.contrib.auth.forms import UserCreationForm
from django.shortcuts import render
def login(request):
c = {}
c.update(csrf(request))
return render_to_response("login.html", c)
def auth_view(request):
username = request.POST.get("username", "")
password = request.POST.get("password", "")
user = auth.authenticate(username=username, password=password)
if user is not None:
auth.login(request, user)
return HttpResponseRedirect("/articles/all/")
else:
return HttpResponseRedirect("/accounts/invalid")
def loggedin(request):
return render_to_response("loggedin.html", {'full_name':
request.user.username})
def invalid_login(request):
return render_to_response("invalid_login.html")
def logout(request):
auth.logout(request)
return render_to_response("logout.html")
def register(request):
if request.method == 'GET':
return render(request, 'register.html', {'form':UserCreationForm()})
elif request.method == 'POST':
form = UserCreationForm(request.POST)
if form.is_valid():
form.save()
return render_to_response('register_done.html',
{'username':form['username'].value()})
else:
return render(request, 'register.html', {'form':form})
else:
return HttpResponseForbidden
こちらはstartappのModels.py:
from django.db import models
class Staffr(models.Model):
user_name = models.CharField(max_length=55, help_text="氏名(名)")
first_kana = models.CharField(max_length=55, help_text="ふりがな(性)")
last_kana = models.CharField(max_length=55, help_text="ふりがな(名)")
employee_number = models.CharField(blank=True, max_length=22,
help_text="社員番号")
gender = models.CharField(max_length=6, choices=(('male',
'男性'),('female', '女性')), help_text="性別" )
created_at = models.DateTimeField(auto_now_add=True, help_text="登録日")
updated_at = models.DateTimeField(auto_now=True, help_text="更新日")
birthday = models.DateField(null=True, blank=True, help_text="生年月日")
attendance = models.CharField( help_text="出勤" )
daikin = models.CharField( help_text="退勤" )
def __unicode__(self):
return self.user_name
class Address(models.Model):
user = models.ForeignKey(User)
postalcode = models.CharField(max_length=8, help_text="郵便番号")
address = models.CharField(max_length=255, help_text="住所")
residence = models.CharField(max_length=255, help_text="居住開始日")
number = models.CharField(max_length=255, help_text="電話番号")
station = models.CharField(max_length=255, help_text="通勤(最寄駅)")
nearest_route = models.CharField(max_length=255, help_text="通勤(最寄駅路線)")
route = models.CharField(max_length=255, help_text="経路")
こちらはstartappのViews.py:
from django.shortcuts import render_to_response
from django.http import HttpResponse
from django.shortcuts import get_object_or_404
from tcsarticle.models import Staff
from tcsarticle.models import Employment, Bank, Management
from tcsarticle.models import Address, Contact, Support
from django.core.context_processors import csrf
from forms import ArticleForm
from django.http import HttpResponseRedirect
from django.contrib.auth import authenticate
def staff_datas(request):
args = {}
args.update(csrf(request))
args['staff_datas'] = User.objects.all()
return render_to_response("staff_datas.html", args)
def staff_data(request, user_id=1):
user = get_object_or_404(User, pk=user_id)
return render_to_response("staff_data.html",
{"user": User.objects.get(id=user_id) })
def address_datas(request):
address_list = Address.objects.all()
return render_to_response("staff_datas.html")
def address_data(request, user_id=1):
address = Address.object_or_404(Address, pk=user_id)
return render_to_response("staff_data.html")
def create(request):
if request.POST:
form = ArticleForm(request.POST)
if form.is_valid():
form.save()
return
HttpResponseRedirect('/ihttest/ihttcs_test/tcsarticles/all')
else:
form = ArticleForm()
args = {}
args.update(csrf(request))
args['form'] = form
return render_to_response('create.html', args)
こちらはstartappのUrls.py:
from django.conf.urls import patterns, include, url
urlpatterns = patterns('',
url(r'^all/$', "tcsarticle.views.staff_datas"),
url(r'^get/(?P<user_id>\d+)/$', "article.views.staff_data"),
url(r'^create/$', "tcsarticle.views.create"),
)
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/71db60ba-2372-4a36-8420-ed8d7df66db8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
