Merge remote-tracking branch 'origin/Django' into Django

修复普通用户无法进入数据管理的问题
2025-11-17 14:16:30 +08:00 · 2025-11-17 14:12:36 +08:00
5 changed files with 30 additions and 8 deletions
--- a/Achievement_Inputing/settings.py
+++ b/Achievement_Inputing/settings.py
@@ -33,6 +33,7 @@ ALLOWED_HOSTS = os.environ.get('DJANGO_ALLOWED_HOSTS', '127.0.0.1,localhost').sp
 # Application definition

 INSTALLED_APPS = [
+    'django_browser_reload',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
@@ -49,6 +50,7 @@ MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'whitenoise.middleware.WhiteNoiseMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django_browser_reload.middleware.BrowserReloadMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
--- a/Achievement_Inputing/urls.py
+++ b/Achievement_Inputing/urls.py
@@ -21,6 +21,7 @@ from django.conf.urls.static import static
 from main.views import home as main_home

 urlpatterns = [
+    path("__reload__/", include("django_browser_reload.urls")),
    path('admin/', admin.site.urls),
    path('accounts/', include('accounts.urls', namespace='accounts')),
    path('main/', include('main.urls', namespace='main')),
--- a/db.sqlite3
+++ b/db.sqlite3
--- a/elastic/templates/elastic/manage.html
+++ b/elastic/templates/elastic/manage.html
@@ -317,7 +317,7 @@
          <th>ID</th>
          <th>图片</th>
          <th>数据</th>
-          <th>作者</th>
+          <th>录入人</th>
          <th>操作</th>
        </tr>
      </thead>
--- a/elastic/views.py
+++ b/elastic/views.py
@@ -491,13 +491,32 @@ def manage_page(request):
        from django.shortcuts import redirect
        return redirect("/accounts/login/")

-    if int(request.session.get("permission", 1)) != 0:
-        from django.shortcuts import redirect
-        return redirect("/main/home/")
-    raw_results = search_all()
-    # if not is_admin:
-    #     uid = str(session_user_id)
-    #     raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid]
+    is_admin = int(request.session.get("permission", 1)) == 0
+    if is_admin:
+        raw_results = search_all()
+    else:
+        uid = str(session_user_id)
+        raw_results = [r for r in search_all() if str(r.get("writer_id", "")) == uid]
+
+    results = []
+    for r in raw_results:
+        try:
+            r_data = string_to_json(r.get("data", "{}"))
+            r_data["_id"] = r["id"]
+            r_data["_image"] = r.get("image", "")
+            results.append(r_data)
+        except Exception:
+            pass
+
+    return render(
+        request,
+        "elastic/manage.html",
+        {
+            "results": results,
+            "is_admin": is_admin,
+            "user_id": session_user_id,
+        },
+    )
    # 规范化键，避免模板点号访问下划线前缀字段
    results = []
    for r in raw_results:
Author	SHA1	Message	Date
Viajero-tect	9665e81698	Merge remote-tracking branch 'origin/Django' into Django	2025-11-17 14:16:30 +08:00
Viajero-tect	7afc6ba06b	修复普通用户无法进入数据管理的问题	2025-11-17 14:12:36 +08:00