diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb
index 2273de4e4..d63f0cfbb 100644
--- a/app/controllers/bids_controller.rb
+++ b/app/controllers/bids_controller.rb
@@ -14,6 +14,8 @@ class BidsController < ApplicationController
# end
before_filter :require_login,:only => [:set_reward, :destroy, :add, :new, ]
+ before_filter :memberAccess, only: :show_project
+
helper :watchers
helper :attachments
include AttachmentsHelper
@@ -875,7 +877,14 @@ class BidsController < ApplicationController
end
rescue
render_404
- end
+ end
+
+ def memberAccess
+ # 是课程,则判断当前用户是否参加了课程
+ return 0 if @bid.courses.first.project_type == Project::ProjectType_project
+ currentUser = User.current
+ render_403 unless currentUser.member_of?(@bid.courses.first)
+ end
end
diff --git a/app/views/layouts/base_courses.html.erb b/app/views/layouts/base_courses.html.erb
index 785479bd5..4e0135eaa 100644
--- a/app/views/layouts/base_courses.html.erb
+++ b/app/views/layouts/base_courses.html.erb
@@ -114,10 +114,18 @@
|
- <%= link_to "#{teacherCount(@project)}", project_member_path(@project, :role => 1), :course => '1' %>
+ <% if User.current.member_of?(@project) %>
+ <%= link_to "#{teacherCount(@project)}", project_member_path(@project, :role => 1), :course => '1' %>
+ <% else %>
+ <%= teacherCount(@project)%>
+ <% end%>
|
- <%= link_to "#{studentCount(@project)}", project_member_path(@project, :role => 2), :course => '1' %>
+ <% if User.current.member_of?(@project) %>
+ <%= link_to "#{studentCount(@project)}", project_member_path(@project, :role => 2), :course => '1' %>
+ <% else %>
+ <%= studentCount(@project)%>
+ <% end %>
|
<%= link_to files_count, project_files_path(@project) %> |
diff --git a/app/views/layouts/base_homework.html.erb b/app/views/layouts/base_homework.html.erb
index aa60f3645..cfdea4a5e 100644
--- a/app/views/layouts/base_homework.html.erb
+++ b/app/views/layouts/base_homework.html.erb
@@ -151,6 +151,7 @@
<%= link_to l(:label_question_student), {:controller => 'bids', :action => 'show' },:class => link_class(:respond)%>
+ <% if User.current.member_of? @bid.courses.first%>
<% if User.current.logged? && @bid.courses.first && (!Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.nil? && (Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.roles&Role.where('id = ? or id = ? or id =?',5, 10, 7)).size >0) %>
<%= link_to l(:label_homework_commit), {:controller => 'bids', :action => 'show_project' },:class => link_class(:project)%>
@@ -159,9 +160,10 @@
<% end %>
+ <% end %>
<%= yield %>
diff --git a/app/views/projects/_course.html.erb b/app/views/projects/_course.html.erb
index adc7c9306..6ea802037 100644
--- a/app/views/projects/_course.html.erb
+++ b/app/views/projects/_course.html.erb
@@ -45,7 +45,7 @@
<%= content_tag('span', l(:label_x_data,:count => files_count)) %>
- <%= content_tag('span', "#{@project.members.count}", :class => "info") %>
+ <%= content_tag('span', "#{garble @project.members.count}", :class => "info") %>
<%= content_tag('span', l(:label_x_member, :count => @project.members.count)) %>