设置权限,其他人不能访问我的消息列表

This commit is contained in:
huang 2015-09-19 12:58:45 +08:00
parent d68ade19e1
commit 42745092c5
2 changed files with 6 additions and 4 deletions

View File

@ -95,9 +95,11 @@ class UsersController < ApplicationController
# 说明: homework 发布作业message讨论区 news新闻 poll问卷works_reviewers作品评阅works_reply:作品回复
# issue问题journal缺陷状态更新 forum公共贴吧: user_feedback: 用户留言; new_reply:新闻回复comment
def user_messages
unless User.current.logged?
if !User.current.logged?
redirect_to signin_url
return
elsif @user != User.current && !User.current.admin?
return render_403
end
# 记录当前点击按钮的时间
# 考虑到用户未退出刷新消息页面

View File

@ -54,17 +54,17 @@
<span style="color: red;float: left">【系统消息】</span><li class="homepageSystenMessageContent fl" id="content_<%= usm.id %>">
<li class="homepageSystenMessageContent fl">
<%= link_to usm.subject.nil? ? (usm.content.nil? ? usm.description.html_safe : usm.content.html_safe) : usm.subject, user_system_messages_path(User.current),
<%= link_to usm.subject.blank? ? (usm.content.nil? ? usm.description.html_safe : usm.content.html_safe) : usm.subject, user_system_messages_path(User.current),
:id => "content_link_#{usm.id}",
:onmouseover =>"message_titile_show($(this),event);",
:onmouseout => "message_titile_hide($(this));"
%>
</li>
<div style="display:none;" class="message_title_red system_message_style">
<% unless usm.subject.nil? %>
<% unless usm.subject.blank? %>
<p><strong>标题:</strong><%= usm.subject %></p>
<% end %>
<% if (!usm.description.nil? && usm.description != "") || (!usm.content.nil? && usm.content != "") %>
<% if (!usm.description.blank?) || (!usm.content.blank?) %>
<div class="fl"><strong>内容:</strong></div><div class="ml36"><%= usm.description.nil? ? usm.content.html_safe : usm.description.html_safe %></div>
<% end %>
</div>