请教Django的UserGroupPermission管理

Django的用户权限体系是一个比较正规的RBAC(基于角色的访问控制)模型的实现。用户不能不能访问某个view，由其拥有的role角色判断，其拥有的角色由其用户自身拥有的角色集合+其所在的组拥有的角色集合的并集所决定。更详细的可以查查RBAC这个模型的说明。

在你的admin.py中加入

from django import forms

from django.contrib import admin

from django.utils.translation import ugettext_lazy as _

from django.contrib.admin.widgets import FilteredSelectMultiple

from django.contrib.auth.models import User, Group

class GroupAdminForm(forms.ModelForm):

users = forms.ModelMultipleChoiceField(

queryset=User.objects.all(),

required=False,

widget=FilteredSelectMultiple(

verbose_name=_('Users'),

is_stacked=False

)

)

class Meta:

model = Group

def __init__(self, *args, **kwargs):

super(GroupAdminForm, self).__init__(*args, **kwargs)

if self.instance and self.instance.pk:

self.fields['users'].initial = self.instance.users.all()

def save(self, commit=True):

group = super(GroupAdminForm, self).save(commit=False)

if commit:

group.save()

if group.pk:

group.users = self.cleaned_data['users']

self.save_m2m()

return group

class GroupAdmin(admin.ModelAdmin):

form = GroupAdminForm

admin.site.unregister(Group)

admin.site.register(Group, GroupAdmin)

---