添加贴吧资源下载权限控制

app/controllers/application_controller.rb

@@ -254,6 +254,28 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def authorize_attachment_download(ctrl = params[:controller], action = params[:action], global = false)
+    if @attachment.container_type == "Memo"
+      allowed = User.current.allowed_to?(:memos_attachments_download,nil,:global => true)
+    elsif  @attachment.container_type == "Project"
+
+    elsif @attachment.container_type == "course"
+
+    elsif @attachment.container_type == "contest"
+
+    end
+
+    if allowed
+      true
+    else
+      if @project && @project.archived?
+        render_403 :message => :notice_not_authorized_archived_project
+      else
+        deny_access
+      end
+    end
+  end
+
   def authorize_course(ctrl = params[:controller], action = params[:action], global = false)
     allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @course || @course, :global => global)
     if allowed

app/controllers/attachments_controller.rb

@@ -21,7 +21,7 @@ class AttachmentsController < ApplicationController
   before_filter :file_readable, :read_authorize, :only => [:show, :thumbnail]#Modified by young
   before_filter :delete_authorize, :only => :destroy
   before_filter :authorize_global, :only => :upload
-  
+  before_filter :authorize_attachment_download, :only => :download
   before_filter :login_without_softapplication, only: [:download]
   accept_api_auth :show, :download, :upload
   require 'iconv'

config/locales/zh.yml

@@ -492,7 +492,10 @@ zh:
   permission_select_contest_modules: 选择竞赛模块
   permission_manage_contestnotifications: 管理竞赛通知
   permission_notificationcomment_contestnotifications: 添加竞赛通知评论
-
+  permission_memos_attachments_download: 下载贴吧附件
+  permission_projects_attachments_download: 项目附件下载
+  permission_course_attachments_download: 课程附件下载
+  permission_contest_attachments_download: 竞赛附件下载
 
   project_module_issue_tracking: 问题跟踪
   project_module_time_tracking: 时间跟踪

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140922032830) do
+ActiveRecord::Schema.define(:version => 20140916005319) do
 
   create_table "activities", :force => true do |t|
     t.integer "act_id",   :null => false
@@ -437,9 +437,9 @@ ActiveRecord::Schema.define(:version => 20140922032830) do
     t.string   "web_title"
     t.string   "title"
     t.text     "description"
-    t.string   "page_type"
     t.datetime "created_at",                    :null => false
     t.datetime "updated_at",                    :null => false
+    t.string   "page_type"
     t.integer  "sort_type"
     t.integer  "image_width",  :default => 107
     t.integer  "image_height", :default => 63
@@ -878,18 +878,18 @@ ActiveRecord::Schema.define(:version => 20140922032830) do
   create_table "relative_memos", :force => true do |t|
     t.integer  "osp_id"
     t.integer  "parent_id"
-    t.string   "subject",                                                   :null => false
+    t.string   "subject",                               :null => false
-    t.text     "content",            :limit => 16777215,                    :null => false
+    t.text     "content",                               :null => false
     t.integer  "author_id"
-    t.integer  "replies_count",                          :default => 0
+    t.integer  "replies_count",      :default => 0
     t.integer  "last_reply_id"
-    t.boolean  "lock",                                   :default => false
+    t.boolean  "lock",               :default => false
-    t.boolean  "sticky",                                 :default => false
+    t.boolean  "sticky",             :default => false
-    t.boolean  "is_quote",                               :default => false
+    t.boolean  "is_quote",           :default => false
-    t.datetime "created_at",                                                :null => false
+    t.datetime "created_at",                            :null => false
-    t.datetime "updated_at",                                                :null => false
+    t.datetime "updated_at",                            :null => false
-    t.integer  "viewed_count_crawl",                     :default => 0
+    t.integer  "viewed_count_crawl", :default => 0
-    t.integer  "viewed_count_local",                     :default => 0
+    t.integer  "viewed_count_local", :default => 0
     t.string   "url"
     t.string   "username"
     t.string   "userhomeurl"

lib/redmine.rb

@@ -113,7 +113,10 @@ Redmine::AccessControl.map do |map|
   map.permission :close_course, {:courses => [:close, :reopen]}, :require => :member, :read => true ,:belong_to_course => true
   map.permission :select_course_modules, {:courses => :modules}, :require => :member  ,:belong_to_course => true
   map.permission :view_course_journals_for_messages, {:courses => :feedback}, :require => :member,:read => true  ,:belong_to_course => true
-
+  map.permission :memos_attachments_download,{:attachments => :download}
+  map.permission :projects_attachments_download,{:attachments => :download},:belong_to_project => true
+  map.permission :course_attachments_download,{:attachments => :download},:belong_to_course => true
+  map.permission :contest_attachments_download,{:attachments => :download},:belong_to_contest => true
   #与项目一致，注释掉
   #map.course_module :files do |map|
   #  map.permission :manage_files, {:files => [:new, :create]}, :require => :loggedin
@@ -125,7 +128,7 @@ Redmine::AccessControl.map do |map|
   #  map.permission :view_course_news, {:news => [:index, :show]}, :public => true, :read => true
   #  map.permission :comment_news, {:comments => :create}
   #  end
-  #作业模块权限
+
   map.course_module :bids do |map|
     map.permission :view_homework_attaches, {:bids => [:show, :show_project, :revision]}, :read => true,:belong_to_course => true
     map.permission :paret_in_homework,{},:require => :member ,:belong_to_course => true