parent
87b623bc51
commit
0031f90c64
|
|
@ -630,7 +630,13 @@ class CoursesController < ApplicationController
|
|||
:with_subprojects => false,
|
||||
:author => @author)
|
||||
@activity.scope_select {|t| has["show_#{t}"]}
|
||||
events = @activity.events(@date_from, @date_to)
|
||||
# modify by nwb
|
||||
# 添加私密性判断
|
||||
if User.current.member_of_course?(@course)|| User.current.admin?
|
||||
events = @activity.events(@date_from, @date_to)
|
||||
else
|
||||
events = @activity.events(@date_from, @date_to, :is_public => 1)
|
||||
end
|
||||
|
||||
@offset, @limit = api_offset_and_limit({:limit => 10})
|
||||
@events_count = events.count
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ class DocumentsController < ApplicationController
|
|||
before_filter :find_model_object, :except => [:index, :new, :create]
|
||||
before_filter :find_project_from_association, :except => [:index, :new, :create]
|
||||
before_filter :authorize , :except => [:index]#Added by young
|
||||
before_filter :authorize_document
|
||||
|
||||
helper :attachments
|
||||
|
||||
|
|
@ -100,4 +101,12 @@ class DocumentsController < ApplicationController
|
|||
end
|
||||
redirect_to document_path(@document)
|
||||
end
|
||||
|
||||
# 权限判断
|
||||
# add by nwb
|
||||
def authorize_document
|
||||
if !(User.current.admin? || User.current.member_of?(@project) || @document.is_public==1)
|
||||
render_403 :message => :notice_not_authorized
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -697,8 +697,14 @@ class ProjectsController < ApplicationController
|
|||
@activity.scope_select {|t| !has["show_#{t}"].nil?}
|
||||
# logger.debug "=========================================#{@activity.scope}"
|
||||
# @activity.scope = (@author.nil? ? :default : :all) if @activity.scope.empty?
|
||||
#Added by young
|
||||
events = @activity.events(@date_from, @date_to)
|
||||
|
||||
# modify by nwb
|
||||
# 添加私密性判断
|
||||
if User.current.member_of?(@project)|| User.current.admin?
|
||||
events = @activity.events(@date_from, @date_to)
|
||||
else
|
||||
events = @activity.events(@date_from, @date_to, :is_public => 1)
|
||||
end
|
||||
|
||||
@offset, @limit = api_offset_and_limit({:limit => 10})
|
||||
@events_count = events.count
|
||||
|
|
|
|||
|
|
@ -39,19 +39,22 @@ class Attachment < ActiveRecord::Base
|
|||
|
||||
#课程资源文件
|
||||
acts_as_activity_provider :type => 'course_files',
|
||||
:is_public => 'attachments.is_public',
|
||||
:permission => :view_files,
|
||||
:author_key => :author_id,
|
||||
:find_options => {:select => "#{Attachment.table_name}.*",
|
||||
:joins => "LEFT JOIN #{Course.table_name} ON ( #{Attachment.table_name}.container_type='Course' AND #{Attachment.table_name}.container_id = #{Course.table_name}.id )"}
|
||||
|
||||
acts_as_activity_provider :type => 'files',
|
||||
:is_public => 'attachments.is_public',
|
||||
:permission => :view_files,
|
||||
:author_key => :author_id,
|
||||
:find_options => {:select => "#{Attachment.table_name}.*",
|
||||
:find_options => { :select => "#{Attachment.table_name}.*",
|
||||
:joins => "LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " +
|
||||
"LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )"}
|
||||
|
||||
acts_as_activity_provider :type => 'documents',
|
||||
:is_public => 'documents.is_public',
|
||||
:permission => :view_documents,
|
||||
:author_key => :author_id,
|
||||
:find_options => {:select => "#{Attachment.table_name}.*",
|
||||
|
|
|
|||
|
|
@ -30,7 +30,8 @@ class Document < ActiveRecord::Base
|
|||
acts_as_event :title => Proc.new {|o| "#{l(:label_document)}: #{o.title}"},
|
||||
:author => Proc.new {|o| o.attachments.reorder("#{Attachment.table_name}.created_on ASC").first.try(:author) },
|
||||
:url => Proc.new {|o| {:controller => 'documents', :action => 'show', :id => o.id}}
|
||||
acts_as_activity_provider :find_options => {:include => :project}
|
||||
acts_as_activity_provider :find_options => {:include => :project},
|
||||
:is_public => 'documents.is_public'
|
||||
|
||||
validates_presence_of :project, :title, :category
|
||||
validates_length_of :title, :maximum => 60
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ module Redmine
|
|||
send :include, Redmine::Acts::ActivityProvider::InstanceMethods
|
||||
end
|
||||
|
||||
options.assert_valid_keys(:type, :permission, :timestamp, :author_key, :find_options, :func)
|
||||
options.assert_valid_keys(:type, :permission, :timestamp, :author_key, :find_options, :func,:is_public)
|
||||
self.activity_provider_options ||= {}
|
||||
|
||||
# One model can provide different event types
|
||||
|
|
@ -65,6 +65,11 @@ module Redmine
|
|||
scope = scope.scoped(:conditions => ["#{provider_options[:author_key]} = ?", options[:author].id])
|
||||
end
|
||||
|
||||
# add by nwb
|
||||
if options[:is_public] && !provider_options[:is_public].nil?
|
||||
scope = scope.scoped(:conditions => ["#{provider_options[:is_public]} = ?", options[:is_public]])
|
||||
end
|
||||
|
||||
if options[:limit]
|
||||
# id and creation time should be in same order in most cases
|
||||
scope = scope.scoped(:order => "#{table_name}.id DESC", :limit => options[:limit])
|
||||
|
|
|
|||
|
|
@ -82,6 +82,8 @@ module Redmine
|
|||
def events(from = nil, to = nil, options={})
|
||||
e = []
|
||||
@options[:limit] = options[:limit]
|
||||
# modify by nwb
|
||||
@options[:is_public] = options[:is_public]
|
||||
|
||||
@scope.each do |event_type|
|
||||
constantized_providers(event_type).each do |provider|
|
||||
|
|
|
|||
Loading…
Reference in New Issue