Developing with Django full Stack – 26. Developing Dashboard features display page

Hello, everyone. This is the latest edition of Learning Python. What can YOU do? Django tutorials from scratch to finally successfully deploy live projects. In this section, we’ll refine our Dashboard feature display page.

Peekpa.com official address: Peekpa.com

PI ye each article, are configured with the corresponding code. The code Tag for this article is Post_026

In the last section, we used Request. session to create a page that could only be accessed by entering a password, you know. So in this section, we’ll develop how to present our CMS Dashboard to others. Also, our database data won’t change after he does some crazy work in CMS.

Create a User

There is no User view function in our previous CMS, so here we refer to the development of management tools before, we first have to develop the User add interface. I won’t go into too much detail here, because the main point of the previous article was very detailed, so here, we will develop the user publish page, and then add a user:

It can be seen that the Email of the newly added User is [email protected], and the password is still the previous 12341234.

Limit display

First of all, let’s analyze the contents we restrict to be displayed, mainly Code and User on the left, because these two sections will involve the privacy of some websites, so we will block them here. That is, if the administrator logs in, then we show it; If you are not an administrator, you naturally cannot see these two sections.

Next, the first thing we need to do is limit the presentation.

There are two parts to limiting display: one is not showing it on the UI; The second part is to enter the URL and not show it.

So the first part, I’m not going to show you at the UI level, that’s easy. {% if request.user.is_superuser %} XXXXXX {% endif %}: {% if request.user.is_superuser %}:

{% if request.user.is_superuser %}
    {% url 'cms:code_manage_view' as code_manage_view %}
    {% url 'cms:code_publish_view' as code_publish_view %}
    <li class="nav-item has-treeview {% if request.path == code_manage_view or request.path == code_publish_view %}menu-open{% endif %}">
        <a href="#" class="nav-link {% if request.path == code_manage_view or request.path == code_publish_view %}active{% endif %}">
          <i class="nav-icon fas fa-code"></i>
          <p>
            Code
            <i class="right fas fa-angle-left"></i>
          </p>
        </a>
        <ul class="nav nav-treeview">
          <li class="nav-item">
            <a href="{% url 'cms:code_manage_view' %}" class="nav-link {% if request.path == code_manage_view %}active{% endif %}">
              <i class="far fa-circle nav-icon"></i>
              <p>Management</p>
            </a>
          </li>
          <li class="nav-item">
            <a href="{% url 'cms:code_publish_view' %}" class="nav-link {% if request.path == code_publish_view %}active{% endif %}">
              <i class="far fa-circle nav-icon"></i>
              <p>Publish</p>
            </a>
          </li>
        </ul>
    </li>
{% endif %}
Copy the code

After doing so, we log in to the Sidebar with Peekpa’s account again, and we will find that they are missing in the left Sidebar:

But, if we input code the manage site http://127.0.0.1:8000/cms/dashboard/code/manage, this page will come out:

This is because we haven’t made any changes to Django’s view functions, so we’re going to use decorators here.

In the peekpauser/decorators.py decorator file, write a peekpa_login_superuser function to determine if the user is the super administrator:

def peekpa_login_superuser(func):
    def wrapper(request, *args, **kwargs):
        if request.user.is_superuser:
            return func(request, *args, **kwargs)
        else:
            if request.is_ajax():
                return restful.unauth(message='Please login first! ')
            else:
                return redirect(reverse('cms:login'))
    return wrapper
Copy the code

In CMS /views.py, we need to modify the view function of Code and User. Note that the view function and the view class are modified:

@peekpa_login_required
@peekpa_login_superuser
def code_manage_view(request):
    
    
@peekpa_login_required
@peekpa_login_superuser
def code_publish_view(request):

@method_decorator(peekpa_login_required, name='post')
@method_decorator(peekpa_login_superuser, name='post')
class CodeView(View):

@method_decorator(peekpa_login_required, name='get')
@method_decorator(peekpa_login_superuser, name='get')
class CodeEditView(View):

@method_decorator(peekpa_login_required, name='post')
@method_decorator(peekpa_login_superuser, name='post')
class CodeDeleteView(View):
Copy the code

At this point, we will open the page look at: http://127.0.0.1:8000/cms/dashboard/code/manage

In the lower right corner, the system has automatically redirected us to the login page, indicating that the function of only showing the content to the administrator has been completed.

Blocking operation

Up to now, if the user is not a super administrator, he cannot see some special pages, including entering urls. And you can see everything else. The next, and most important, step is that if the user is not the super administrator, he cannot manipulate the data, but can only view it, and submitting changes does not take effect.

The implementation of this idea, in fact, is very simple, just need to each time the data is submitted to the data (mainly new and modify two kinds of), through ‘ ‘to judge it:

@method_decorator(peekpa_login_required, name='post')
class CategoryView(View):
    def post(self, request):
        # new commit
        if 'submit' in request.POST:
            form = CategoryForm(request.POST)
            if form.is_valid():
                name = form.cleaned_data.get('name')
                # check if the user is the super administrator, if so, commit, otherwise return
                if request.user.is_superuser:
                    Category.objects.create(name=name)
                return redirect(reverse("cms:category_publish_view"))
            else:
                return restful.method_error("Form is error", form.get_errors())
Copy the code

Add the user identity logic in front of all the data submission and modification methods in all the sections, and you’re done.

Later, when the system is set up, as long as you add a sample account, you can let others log in to your system through this account and see the management console of your system, but no operation of others can modify your data, very perfect.

Technical summary

So just to conclude,

Development of function display:

1. The function demonstration is to make the sample account can only read, not modify;
2. So the first step is to add User, a specific account for the sample account;
3. The next is to shield the page, shielding is divided into two steps, the first step is to shield the entrance of the page, the second is to shield the URL corresponding mapping function;
4. If you want to shield the data modification function, before the data modification, to determine whether the user is qualified to operate, if not, skip;
5. To complete.

The only way to get the code: follow “PI Ye Lu code” and reply “code” to get it.

Long press the two-dimensional code below to pay attention to, if the article is inspiring to you, welcome to look at and forward.