jacknudt
/
socialforge
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

1.给各角色添加项目相关的权限 

2.添加课程权限解析系统
This commit is contained in:
nwb 2014-06-06 13:56:48 +08:00
parent 388d14f075
commit 59742b9ddb
14 changed files with 186 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/controllers/application_controller.rb
View File

@ -245,6 +245,24 @@ class ApplicationController < ActionController::Base
end
end
def authorize_course(ctrl = params[:controller], action = params[:action], global = false)
allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @course || @course, :global => global)
if allowed
true
else
if @course && @course.archived?
render_403 :message => :notice_not_authorized_archived_project
else
deny_access
end
end
end
def authorize_course_global(ctrl = params[:controller], action = params[:action], global = true)
authorize_course(ctrl, action, global)
end
# Authorize the user for the requested action outside a project
def authorize_global(ctrl = params[:controller], action = params[:action], global = true)
authorize(ctrl, action, global)

4
app/controllers/courses_controller.rb
View File

@ -7,8 +7,8 @@ class CoursesController < ApplicationController
menu_item l(:label_sort_by_influence), :only => :index
before_filter :find_course, :except => [ :index, :search,:list, :new, :create, :copy, :statistics, :new_join, :course, :enterprise_course, :course_enterprise,:view_homework_attaches]
before_filter :authorize, :only => [:show, :settings, :edit, :update, :modules, :close, :reopen, :view_homework_attaches, :course]
before_filter :authorize_global, :only => [:view_homework_attaches, :new,:create]
before_filter :authorize_course, :only => [:show, :settings, :edit, :update, :modules, :close, :reopen, :view_homework_attaches, :course]
before_filter :authorize_course_global, :only => [:view_homework_attaches, :new,:create]
before_filter :require_admin, :only => [:copy, :archive, :unarchive, :destroy, :calendar]
before_filter :toggleCourse, only: [:finishcourse, :restartcourse]

15
app/helpers/courses_helper.rb
View File

@ -50,6 +50,21 @@ module CoursesHelper
garble count
end
def eventToLanguageCourse event_type, course
case event_type
when "issue-note"
l :label_issue
when "issue"
l :label_issue
when "attachment"
l :label_attachment
when "news"
l :label_notification
else
""
end
end
def garble count
count = count.round( 1-count.to_s.size ).to_i
return count.to_s if count.to_s.size.eql?(1)

1
app/models/board.rb
View File

@ -18,6 +18,7 @@
class Board < ActiveRecord::Base
include Redmine::SafeAttributes
belongs_to :project
belongs_to :course
has_many :topics, :class_name => 'Message', :conditions => "#{Message.table_name}.parent_id IS NULL", :order => "#{Message.table_name}.created_on DESC"
has_many :messages, :dependent => :destroy, :order => "#{Message.table_name}.created_on DESC"
belongs_to :last_message, :class_name => 'Message', :foreign_key => :last_message_id

34
app/models/course.rb
View File

@ -22,6 +22,7 @@ class Course < ActiveRecord::Base
has_many :homework_for_courses, :dependent => :destroy
has_many :student, :through => :students_for_courses, :source => :user
has_many :course_infos, :class_name => 'CourseInfos',:dependent => :destroy
has_many :enabled_modules, :dependent => :delete_all
acts_as_taggable
#acts_as_nested_set :order => 'name', :dependent => :destroy
@ -76,6 +77,39 @@ class Course < ActiveRecord::Base
allowed_to_condition(user, :view_course, options)
end
def active?
self.status == STATUS_ACTIVE
end
#课程权限判断
def allows_to?(action)
if archived?
# No action allowed on archived projects
return false
end
unless active? || Redmine::AccessControl.read_action?(action)
# No write action allowed on closed projects
return false
end
# No action allowed on disabled modules
if action.is_a? Hash
allowed_actions.include? "#{action[:controller]}/#{action[:action]}"
else
allowed_permissions.include? action
end
end
def allowed_permissions
@allowed_permissions ||= begin
module_names = enabled_modules.all(:select => :name).collect {|m| m.name}
Redmine::AccessControl.modules_permissions(module_names).collect {|p| p.name}
end
end
def allowed_actions
@actions_allowed ||= allowed_permissions.inject([]) { |actions, permission| actions += Redmine::AccessControl.allowed_actions(permission) }.flatten
end
# 返回用户组可以访问的课程
def users_by_role
members.includes(:user, :roles).all.inject({}) do |h, m|

17
app/models/message.rb
View File

@ -31,6 +31,10 @@ class Message < ActiveRecord::Base
:include => {:board => :project},
:project_key => "#{Board.table_name}.project_id",
:date_column => "#{table_name}.created_on"
acts_as_searchable :columns => ['subject', 'content'],
:include => {:board => :course},
:course_key => "#{Board.table_name}.course_id",
:date_column => "#{table_name}.created_at"
acts_as_event :title => Proc.new {|o| "#{o.board.name}: #{o.subject}"},
:description => :content,
:datetime => :updated_on,
@ -42,6 +46,8 @@ class Message < ActiveRecord::Base
acts_as_activity_provider :find_options => {:include => [{:board => :project}, :author]},
:author_key => :author_id
acts_as_activity_provider :find_options => {:include => [{:board => :course}, :author]},
:author_key => :author_id
acts_as_watchable
validates_presence_of :board, :subject, :content
@ -60,6 +66,7 @@ class Message < ActiveRecord::Base
includes(:board => :project).where(Project.allowed_to_condition(args.shift || User.current, :view_messages, *args))
}
safe_attributes 'subject', 'content'
safe_attributes 'locked', 'sticky', 'board_id',
:if => lambda {|message, user|
@ -67,7 +74,11 @@ class Message < ActiveRecord::Base
}
def visible?(user=User.current)
if project
!user.nil? && user.allowed_to?(:view_messages, project)
elsif course
!user.nil? && user.allowed_to?(:view_messages, course)
end
end
def cannot_reply_to_locked_topic
@ -87,7 +98,7 @@ class Message < ActiveRecord::Base
if parent && parent.id
Message.update_all({:last_reply_id => parent.children.maximum(:id)}, {:id => parent.id})
end
board.reset_counters!
board.reset_counters!(board.id)
end
def sticky=(arg)
@ -102,6 +113,10 @@ class Message < ActiveRecord::Base
board.project
end
def course
board.course
end
def editable_by?(usr)
usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
end

34
app/models/user.rb
View File

@ -655,6 +655,27 @@ class User < Principal
roles
end
# 用户课程权限判断
def roles_for_course(course)
roles = []
# No role on archived courses
return roles if course.nil? || course.archived?
if logged?
# Find course membership
membership = membership(course)
if membership
roles = membership.roles
else
@role_non_member ||= Role.non_member
roles << @role_non_member
end
else
@role_anonymous ||= Role.anonymous
roles << @role_anonymous
end
roles
end
# Return true if the user is a member of project
def member_of?(project)
projects.to_a.include?(project)
@ -733,6 +754,19 @@ class User < Principal
role.allowed_to?(action) &&
(block_given? ? yield(role, self) : true)
}
#添加课程相关的权限判断
elsif context && context.is_a?(Course)
return false unless context.allows_to?(action)
# Admin users are authorized for anything else
return true if admin?
roles = roles_for_course(context)
return false unless roles
roles.any? {|role|
(context.is_public? || role.member?) &&
role.allowed_to?(action) &&
(block_given? ? yield(role, self) : true)
}
elsif context && context.is_a?(Array)
if context.empty?
false

2
app/views/courses/show.html.erb
View File

@ -16,7 +16,7 @@
<table width="580px" border="0">
<tr>
<td colspan="2" valign="top">
<strong> <%= h(e.course) if @course.nil? || @course.id != e.course.id %></strong>
<strong> <%= h(e.course) if @course.nil? || (e.course != nil && @course.id != e.course.id) %></strong>
<span class="font_lighter">
<% if @canShowRealName %>
<%= link_to_user(e.event_author) if e.respond_to?(:event_author) %>(<%= link_to_user(e.event_author,@canShowRealName) if e.respond_to?(:event_author) %>)

2
app/views/users/_course_list_have_entity.html.erb
View File

@ -1,6 +1,6 @@
<div class="user_course_list menu-div">
<div class="menu">
<%= link_to "#{l(:label_course_new)}", new_course_path(course: 1, project_type: 1), class: 'icon icon-add' if @user == User.current %>
<%= link_to "#{l(:label_course_new)}", new_course_path, class: 'icon icon-add' if @user == User.current %>
<ul>
<li mode='doing' class="on">进行中</li>
<li mode='end'>已完结</li>

50
db/migrate/20140606028512_add_course_roles.rb Normal file
View File

@ -0,0 +1,50 @@
# -*coding:utf-8 -*-
class AddCourseRoles < ActiveRecord::Migration
def change
# 添加课程权限
Role.all.each do |role|
if role.name == 'Non member'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
elsif role.name == 'Anonymous'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
elsif role.name == 'Manager'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
role.permissions.append(:add_course )
role.permissions.append(:close_course )
role.permissions.append(:select_course_modules )
role.permissions.append(:edit_course )
elsif role.name =='Developer'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
role.permissions.append(:add_course )
role.permissions.append(:close_course )
role.permissions.append(:select_course_modules )
role.permissions.append(:edit_course )
elsif role.name == 'Reporter'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
elsif role.name == '助教'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
role.permissions.append(:add_course )
role.permissions.append(:select_course_modules )
role.permissions.append(:edit_course )
elsif role.name == '老师'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
role.permissions.append(:add_course )
role.permissions.append(:close_course )
role.permissions.append(:select_course_modules )
role.permissions.append(:edit_course )
elsif role.name == '学生'
role.permissions.append(:view_course )
role.permissions.append(:search_course )
end
role.save
end
end
end

2
db/schema.rb
View File

@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20140606027403) do
ActiveRecord::Schema.define(:version => 20140606028512) do
create_table "activities", :force => true do |t|
t.integer "act_id", :null => false

9
lib/redmine.rb
View File

@ -99,9 +99,14 @@ Redmine::AccessControl.map do |map|
map.permission :view_journals_for_messages, {:gantts => [:show, :update]}, :read => true
#课程权限模块
map.course_module :course do
map.permission :view_course, {:courses => [:show], :activities => [:index]}, :public => true, :read => true
map.permission :view_courses,{:courses => [:course]},:read => true
map.permission :search_course, {:search => :index}, :public => true, :read => true
map.permission :add_course, {:courses => [:new, :create]}, :require => :loggedin
map.permission :edit_course, {:courses => [:settings, :edit, :update]}, :require => :member
map.permission :close_course, {:courses => [:close, :reopen]}, :require => :member, :read => true
map.permission :select_course_modules, {:courses => :modules}, :require => :member
map.course_module :course do
end
map.project_module :issue_tracking do |map|

1
lib/redmine/access_control.rb
View File

@ -110,6 +110,7 @@ module Redmine
@public = options[:public] || false
@require = options[:require]
@read = options[:read] || false
@course_module = options[:course_module]
@project_module = options[:project_module]
hash.each do |controller, actions|
if actions.is_a? Array