设置权限,其他人不能访问我的消息列表
This commit is contained in:
parent
d68ade19e1
commit
42745092c5
|
|
@ -95,9 +95,11 @@ class UsersController < ApplicationController
|
|||
# 说明: homework 发布作业;message:讨论区; news:新闻; poll:问卷;works_reviewers:作品评阅;works_reply:作品回复
|
||||
# issue:问题;journal:缺陷状态更新; forum:公共贴吧: user_feedback: 用户留言; new_reply:新闻回复(comment)
|
||||
def user_messages
|
||||
unless User.current.logged?
|
||||
if !User.current.logged?
|
||||
redirect_to signin_url
|
||||
return
|
||||
elsif @user != User.current && !User.current.admin?
|
||||
return render_403
|
||||
end
|
||||
# 记录当前点击按钮的时间
|
||||
# 考虑到用户未退出刷新消息页面
|
||||
|
|
|
|||
|
|
@ -54,17 +54,17 @@
|
|||
<span style="color: red;float: left">【系统消息】</span><li class="homepageSystenMessageContent fl" id="content_<%= usm.id %>">
|
||||
<li class="homepageSystenMessageContent fl">
|
||||
|
||||
<%= link_to usm.subject.nil? ? (usm.content.nil? ? usm.description.html_safe : usm.content.html_safe) : usm.subject, user_system_messages_path(User.current),
|
||||
<%= link_to usm.subject.blank? ? (usm.content.nil? ? usm.description.html_safe : usm.content.html_safe) : usm.subject, user_system_messages_path(User.current),
|
||||
:id => "content_link_#{usm.id}",
|
||||
:onmouseover =>"message_titile_show($(this),event);",
|
||||
:onmouseout => "message_titile_hide($(this));"
|
||||
%>
|
||||
</li>
|
||||
<div style="display:none;" class="message_title_red system_message_style">
|
||||
<% unless usm.subject.nil? %>
|
||||
<% unless usm.subject.blank? %>
|
||||
<p><strong>标题:</strong><%= usm.subject %></p>
|
||||
<% end %>
|
||||
<% if (!usm.description.nil? && usm.description != "") || (!usm.content.nil? && usm.content != "") %>
|
||||
<% if (!usm.description.blank?) || (!usm.content.blank?) %>
|
||||
<div class="fl"><strong>内容:</strong></div><div class="ml36"><%= usm.description.nil? ? usm.content.html_safe : usm.description.html_safe %></div>
|
||||
<% end %>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue