thank you very much >>>Each Staff can login. >>>Each staff should only see their own page or dataset. This is correct
I want to create administrator page and each staff , 1, i want , Staff can see the staff page with ID and PW that an administrator has issued 2, administrator can see all the staff page and all staff's information 3, each staff should only see their own page or dataset. So, i don't know how to create staff page,only see their own page, please help me 2014年4月22日火曜日 21時01分34秒 UTC+9 Lachlan Musicman: > > Hi! > > I don't know how many people on this list speak Japanese > unfortunately. I'm not sure if you will get many responses. > > I read and speak a little Japanese, but had to use Google translate. > > I think you are asking: > > I have made a staff database. > Each Staff can login. > Each staff should only see their own page or dataset. > > But that isn't what's happened - all staff can see all staff data. > > Is that correct? > > If so, then you want to restrict access to the view - probably a class > based view? > > > This is an example that you might be able to use: > > http://stackoverflow.com/questions/15181622/django-authenticate-based-on-an-objects-properties-using-class-based-views > > > Cheers and good luck - let us know if that helps. > > L. > > > > On 22 April 2014 18:15, hito koto <hitoko...@gmail.com <javascript:>> > wrote: > > 初めまして、 > > Django でスタッフの管理ツールを開発しょうと始めたのですが、まったくできないです、誰かが教えてくださいませ! > > > > 1,管理人は管理ログインのID/PWで入ってすべてのスタッフの情報を閲覧し管理できる > > 2,スタッフは管理者が発行してくれたID/PWでログインで入ってスタッフ個人個人のサイトでスタッフ個人個人の情報しか閲覧、管理できないこと > > > > 今はスタッフのID/PWで入ってもすべての情報を見てしまう! > > なんかわからないです。教えてくださいませ! > > > > 上記を作りとしたコード以下です。 > > > > こちらはstartprojectのUrls.py: > > > > from django.conf.urls import patterns, include, url > > > > from django.contrib import admin > > admin.autodiscover() > > > > urlpatterns = patterns('' > > url(r'^admin/', include(admin.site.urls)), > > url(r'articles/', include("article.urls")), > > > > url(r'accounts/login/$', "kojin.views.login"), > > url(r'accounts/auth/$', "kojin.views.auth_view"), > > url(r'accounts/logout/$', "kojin.views.logout"), > > url(r'accounts/invalid/$', "kojin.views.invalid_login"), > > url(r'accounts/register/$', "kojin.views.register"), > > ) > > > > こちらはstartprojectのViews.py: > > > > from django.shortcuts import render_to_response > > from django.http import HttpResponseRedirect > > from django.contrib import auth > > from django.core.context_processors import csrf > > > > from django.contrib.auth.forms import UserCreationForm > > > > from django.shortcuts import render > > > > def login(request): > > c = {} > > c.update(csrf(request)) > > return render_to_response("login.html", c) > > > > def auth_view(request): > > username = request.POST.get("username", "") > > password = request.POST.get("password", "") > > user = auth.authenticate(username=username, password=password) > > > > if user is not None: > > auth.login(request, user) > > return HttpResponseRedirect("/articles/all/") > > else: > > return HttpResponseRedirect("/accounts/invalid") > > > > def loggedin(request): > > return render_to_response("loggedin.html", {'full_name': > > request.user.username}) > > > > def invalid_login(request): > > return render_to_response("invalid_login.html") > > > > def logout(request): > > auth.logout(request) > > return render_to_response("logout.html") > > > > > > def register(request): > > if request.method == 'GET': > > return render(request, 'register.html', > {'form':UserCreationForm()}) > > elif request.method == 'POST': > > form = UserCreationForm(request.POST) > > if form.is_valid(): > > form.save() > > return render_to_response('register_done.html', > > {'username':form['username'].value()}) > > else: > > return render(request, 'register.html', {'form':form}) > > else: > > return HttpResponseForbidden > > > > > > こちらはstartappのModels.py: > > > > from django.db import models > > > > class Staffr(models.Model): > > user_name = models.CharField(max_length=55, help_text="氏名(名)") > > first_kana = models.CharField(max_length=55, help_text="ふりがな(性)") > > last_kana = models.CharField(max_length=55, help_text="ふりがな(名)") > > employee_number = models.CharField(blank=True, max_length=22, > > help_text="社員番号") > > gender = models.CharField(max_length=6, choices=(('male', > > '男性'),('female', '女性')), help_text="性別" ) > > created_at = models.DateTimeField(auto_now_add=True, > help_text="登録日") > > updated_at = models.DateTimeField(auto_now=True, help_text="更新日") > > birthday = models.DateField(null=True, blank=True, help_text="生年月日") > > attendance = models.CharField( help_text="出勤" ) > > daikin = models.CharField( help_text="退勤" ) > > > > def __unicode__(self): > > return self.user_name > > > > class Address(models.Model): > > user = models.ForeignKey(User) > > postalcode = models.CharField(max_length=8, help_text="郵便番号") > > address = models.CharField(max_length=255, help_text="住所") > > residence = models.CharField(max_length=255, help_text="居住開始日") > > number = models.CharField(max_length=255, help_text="電話番号") > > station = models.CharField(max_length=255, help_text="通勤(最寄駅)") > > nearest_route = models.CharField(max_length=255, > help_text="通勤(最寄駅路線)") > > route = models.CharField(max_length=255, help_text="経路") > > > > こちらはstartappのViews.py: > > from django.shortcuts import render_to_response > > from django.http import HttpResponse > > from django.shortcuts import get_object_or_404 > > from tcsarticle.models import Staff > > from tcsarticle.models import Employment, Bank, Management > > from tcsarticle.models import Address, Contact, Support > > from django.core.context_processors import csrf > > from forms import ArticleForm > > from django.http import HttpResponseRedirect > > from django.contrib.auth import authenticate > > > > def staff_datas(request): > > args = {} > > args.update(csrf(request)) > > args['staff_datas'] = User.objects.all() > > return render_to_response("staff_datas.html", args) > > > > > > def staff_data(request, user_id=1): > > user = get_object_or_404(User, pk=user_id) > > return render_to_response("staff_data.html", > > {"user": User.objects.get(id=user_id) }) > > def address_datas(request): > > address_list = Address.objects.all() > > return render_to_response("staff_datas.html") > > > > def address_data(request, user_id=1): > > address = Address.object_or_404(Address, pk=user_id) > > return render_to_response("staff_data.html") > > > > > > def create(request): > > if request.POST: > > form = ArticleForm(request.POST) > > if form.is_valid(): > > form.save() > > return > > HttpResponseRedirect('/ihttest/ihttcs_test/tcsarticles/all') > > else: > > form = ArticleForm() > > args = {} > > args.update(csrf(request)) > > args['form'] = form > > return render_to_response('create.html', args) > > > > こちらはstartappのUrls.py: > > > > from django.conf.urls import patterns, include, url > > > > urlpatterns = patterns('', > > url(r'^all/$', "tcsarticle.views.staff_datas"), > > url(r'^get/(?P<user_id>\d+)/$', "article.views.staff_data"), > > > > url(r'^create/$', "tcsarticle.views.create"), > > ) > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Django users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to django-users...@googlegroups.com <javascript:>. > > To post to this group, send email to > > django...@googlegroups.com<javascript:>. > > > Visit this group at http://groups.google.com/group/django-users. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/django-users/71db60ba-2372-4a36-8420-ed8d7df66db8%40googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > > -- > From this perspective it is natural that anarchism be marked by > spontaneity, differentiation, and experimentation that it be marked by > an expressed affinity with chaos, if chaos is understood to be what > lies outside or beyond the dominant game or system. Because of the > resistance to definition and categorisation, the anarchist principle > has been variously interpreted as, rather than an articulated > position, “a moral attitude, an emotional climate, or even a mood”. > This mood hangs in dramatic tension between utopian hope or dystopian > nihilism... > ----- > http://zuihitsu.org/godspeed-you-black-emperor-and-the-politics-of-chaos > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7bb9faf9-0e26-4c3d-bc9c-39340d1bf7e2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
