添加引用项目权限、修改引用判断

2014-07-08 09:12:16 +08:00 · 2014-07-08 09:12:16 +08:00 · 5e3a763776
parent 5f18b1a38c
commit 5e3a763776
4 changed files with 30 additions and 15 deletions
--- a/app/controllers/bids_controller.rb
+++ b/app/controllers/bids_controller.rb
@ -375,11 +375,14 @@ class BidsController < ApplicationController
    @option = []
    @membership.each do |membership|
      unless(membership.project.project_type==1)
-        membership.member_roles.each{|role|
-          if(role.role_id == 3)
-            @option << membership.project
-          end
-        }
+        if membership.user.allowed_to?(:quote_project,membership.project)
+          @option << membership.project
+        end
+        #membership.member_roles.each{|role|
+        #  if(role.role_id == 3)
+        #    @option << membership.project
+        #  end
+        #}
      end
    end

@ -454,14 +457,14 @@ class BidsController < ApplicationController
    if (User.current.logged? && User.current.member_of_course?(@bid.courses.first))
      # flash[:notice] = ""
      @membership = User.current.coursememberships.all(:conditions => Course.visible_condition(User.current))
-      @option = []
-      @membership.each do |membership|
-          membership.member_roles.each{|role|
-            if(role.role_id == 3)
-              @option << membership.course
-            end
-          }
-      end
+      #@option = []
+      #@membership.each do |membership|
+      #    membership.member_roles.each{|role|
+      #      if(role.role_id == 3)
+      #        @option << membership.course
+      #      end
+      #    }
+      #end

      @user = @bid.author
      @bidding_project = @bid.biding_projects.all
@ -990,7 +993,7 @@ class BidsController < ApplicationController
    return true if current_user.admin?
    #return 0 if @bid.courses.first.project_type == Project::ProjectType_project
    currentUser = User.current
-    render_403 unless currentUser.member_of_cousrse?(@bid.courses.first)
+    render_403 unless currentUser.member_of_course?(@bid.courses.first)
  end

 end
--- a/db/migrate/20140707095213_add_quate_project_permission.rb
+++ b/db/migrate/20140707095213_add_quate_project_permission.rb
@ -0,0 +1,11 @@
+class AddQuateProjectPermission < ActiveRecord::Migration
+  def change
+    # 添加课程权限
+    Role.all.each do |role|
+      if role.name == 'Manager'
+        role.permissions.append(:quote_project)
+        role.save(:validate => false)
+      end
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20140704034832) do
+ActiveRecord::Schema.define(:version => 20140707095213) do

  create_table "activities", :force => true do |t|
    t.integer "act_id",   :null => false
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@ -98,6 +98,7 @@ Redmine::AccessControl.map do |map|
  map.permission :manage_versions, {:projects => :settings, :versions => [:new, :create, :edit, :update, :close_completed, :destroy]}, :require => :member
  map.permission :add_subprojects, {:projects => [:new, :create]}, :require => :member
  map.permission :view_journals_for_messages, {:gantts => [:show, :update]}, :read => true
+  map.permission :quote_project, {},:require => :member

  #课程权限模块
  #added by nwb