1、解决非项目成员访问公开项目403问题

2、去掉以前无用代码，解决对应调用问题
2015-06-25 10:11:01 +08:00 · 2015-06-25 10:11:01 +08:00 · 777e3f6fad
parent 5b2202de75
commit 777e3f6fad
5 changed files with 12 additions and 12 deletions
--- a/app/controllers/git_usage_controller.rb
+++ b/app/controllers/git_usage_controller.rb
@ -1,6 +1,6 @@
 #added by baiyu
 class GitUsageController < ApplicationController
-  layout "project_base"
+  layout "base_projects"
  def ch_usage
    
  end
--- a/app/controllers/issue_categories_controller.rb
+++ b/app/controllers/issue_categories_controller.rb
@ -16,7 +16,7 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

 class IssueCategoriesController < ApplicationController
-  layout "project_base"
+  layout "base_projects"
  menu_item :settings
  model_object IssueCategory
  before_filter :find_model_object, :except => [:index, :new, :create]
--- a/app/controllers/organization_controller.rb
+++ b/app/controllers/organization_controller.rb
@ -1,5 +1,5 @@
 class OrganizationController < ApplicationController
-  layout 'project_base'
+  layout 'base_projects'
  before_filter :require_admin, :except => [:index]

  def index
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@ -438,9 +438,9 @@ class ProjectsController < ApplicationController
      case params[:role]
      when '1'
        @subPage_title = l :label_teacher_list
-        @members = searchTeacherAndAssistant(@project) 
+        @members = searchTeacherAndAssistant(@project)
      when '2'
-        @subPage_title = l :label_student_list 
+        @subPage_title = l :label_student_list
        @members = searchStudent(@project)
      else
        @subPage_title = ''
@ -578,7 +578,7 @@ class ProjectsController < ApplicationController
        format.api  { render_api_ok }
      end
    else
-      render :layout => "project_base"
+      render :layout => "base_projects"
    end
    # hide project in layout
    @project = nil
@ -586,7 +586,7 @@ class ProjectsController < ApplicationController

  def show_projects_score
    respond_to do |format|
-      format.html { render :layout => "project_base"}
+      format.html { render :layout => "base_projects"}
      format.js
    end
  end
@ -674,10 +674,10 @@ class ProjectsController < ApplicationController
  private

  def memberAccess
-    # 是课程，则判断当前用户是否参加了课程
-    # return 0 if @project.project_type == Project::ProjectType_project
-    # currentUser = User.current
-    render_403 unless User.current.member_of?(@project)
+    # 如果是私有项目，项目成员不对外公开，公开项目成员列表对外公开。
+    unless @project.is_public?
+      render_403 unless User.current.member_of?(@project)
+    end
  end

  def toggleCourse
--- a/plugins/redmine_code_review/app/controllers/code_review_controller.rb
+++ b/plugins/redmine_code_review/app/controllers/code_review_controller.rb
@ -16,7 +16,7 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

 class CodeReviewController < ApplicationController
-  layout "project_base"
+  layout "base_projects"
  unloadable
  before_filter :find_project, :authorize, :find_user, :find_setting, :find_repository