From ae5ced6a51d5b16afaaa905950bfd5d68b1b13ce Mon Sep 17 00:00:00 2001 From: z9hang Date: Wed, 4 Jun 2014 17:39:11 +0800 Subject: [PATCH 1/5] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E6=9D=83=E9=99=90?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=EF=BC=88=E9=83=A8=E5=88=86=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/locales/zh.yml | 19 +++++++++++++++++++ config/settings.yml | 1 + lib/redmine.rb | 24 ++++++++++++++++++------ 3 files changed, 38 insertions(+), 6 deletions(-) diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 9f6fb26c9..8d2ccfb50 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -454,6 +454,25 @@ zh: permission_manage_subtasks: 管理子任务 permission_view_journals_for_messages: 查看留言 permission_view_courses: 查看课程列表 + permission_new_course: 新建课程 + permission_configure_course: 配置课程 + permission_close_course: 关闭/重开课程 + permission_new_assignment: 新建任务 + permission_edit_assignment: 编辑任务 + permission_delete_assignment: 删除任务 + permission_new_placeholder: 新建占位 + permission_edit_placeholder: 编辑占位 + permission_delete_placeholder: 删除占位 + permission_commit_content: 提交内容 + permission_new_course_notify: 发布课程通知 + permission_edit_course_notify: 编辑课程通知 + permission_delete_course_notify: 删除课程通知 + permission_view_assignment: 查看任务 + permission_view_placeholder: 查看占位 + permission_view_course_messages: 查看留言 + permission_view_real_name: 查看真名 + + project_module_issue_tracking: 问题跟踪 project_module_time_tracking: 时间跟踪 diff --git a/config/settings.yml b/config/settings.yml index fbaba502f..f2c64a97c 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -172,6 +172,7 @@ default_projects_modules: - boards - calendar - gantt + - course default_projects_tracker_ids: serialized: true default: diff --git a/lib/redmine.rb b/lib/redmine.rb index 7b83c7cb6..5c96ce926 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -179,13 +179,25 @@ Redmine::AccessControl.map do |map| end #课程权限模块 - map.project_module :course do + map.project_module :course do |map| map.permission :view_courses,{:projects => [:course]},:read => true - end - - #作业模块权限 - map.project_module :bids do |map| - map.permission :view_homework_attaches, {:bids => [:show, :show_project, :revision]}, :read => true + #map.permission :new_course, {}, :read => true + #map.permission :configure_course,{},:read => true + #map.permission :close_course,{},:read => true + map.permission :new_assignment,{:projects => [:new_homework]},:read => true + map.permission :edit_assignment,{:bids => [:edit]},:read => true + map.permission :delete_assignment,{:bids => [:homework_destroy]},:read => true + map.permission :new_placeholder,{:homework_attach => [:new]},:read => true + map.permission :edit_placeholder,{},:read => true + map.permission :delete_placeholder,{},:read => true + map.permission :commit_content,{},:read => true + #map.permission :new_course_notify,{},:read => true + #map.permission :edit_course_notify,{},:read => true + #map.permission :delete_course_notify,{},:read => true + map.permission :view_assignment,{},:read => true + map.permission :view_placeholder,{},:read => true + map.permission :view_course_messages,{},:read => true + map.permission :view_real_name,{},:read => true end map.project_module :boards do |map| From cb03669085596ba2e4c10c08b220754f32b4dbbe Mon Sep 17 00:00:00 2001 From: z9hang Date: Thu, 5 Jun 2014 15:00:38 +0800 Subject: [PATCH 2/5] =?UTF-8?q?=E4=BD=9C=E4=B8=9A=E7=95=99=E8=A8=80?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/mailer.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/models/mailer.rb b/app/models/mailer.rb index bb7a2424f..ed6cdd25a 100644 --- a/app/models/mailer.rb +++ b/app/models/mailer.rb @@ -70,7 +70,12 @@ class Mailer < ActionMailer::Base end mail :to => @recipients, :subject => "#{l(:label_your_course)}#{journals_for_message.jour.name}#{l(:label_have_message)} " - else + elsif journals_for_message.jour.class.to_s.to_sym == :Bid + if !journals_for_message.jour.author.notify_about? journals_for_message + return -1 + end + mail :to => journals_for_message.jour.author.mail, :subject => @title + else mail :to => @mail.mail, :subject => @title end From d83899e3e401fc11e69255b0a7c6e00dd0c16383 Mon Sep 17 00:00:00 2001 From: z9hang Date: Thu, 5 Jun 2014 17:39:48 +0800 Subject: [PATCH 3/5] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=96=B0=E5=BB=BA?= =?UTF-8?q?=E4=BB=BB=E5=8A=A1=E3=80=81=E7=BC=96=E8=BE=91=E4=BB=BB=E5=8A=A1?= =?UTF-8?q?=E3=80=81=E5=88=A0=E9=99=A4=E4=BB=BB=E5=8A=A1=E3=80=81=E6=96=B0?= =?UTF-8?q?=E5=BB=BA=E5=8D=A0=E4=BD=8D=E3=80=81=E7=BC=96=E8=BE=91=E5=8D=A0?= =?UTF-8?q?=E4=BD=8D=E3=80=81=E5=88=A0=E9=99=A4=E5=8D=A0=E4=BD=8D=E3=80=81?= =?UTF-8?q?=E6=9F=A5=E7=9C=8B=E4=BB=BB=E5=8A=A1=E3=80=81=E6=9F=A5=E7=9C=8B?= =?UTF-8?q?=E5=8D=A0=E4=BD=8D=E3=80=81=E6=9F=A5=E7=9C=8B=E7=95=99=E8=A8=80?= =?UTF-8?q?=E6=9D=83=E9=99=90=E4=BB=A3=E7=A0=81=EF=BC=88=E6=9C=AA=E5=BA=94?= =?UTF-8?q?=E7=94=A8=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/application_controller.rb | 8 +++++++ app/controllers/bids_controller.rb | 17 ++++++++++++++- app/controllers/homework_attach_controller.rb | 18 ++++++++++++++++ app/controllers/projects_controller.rb | 1 + config/locales/en.yml | 21 +++++++++++++++++++ config/locales/zh.yml | 3 ++- lib/redmine.rb | 14 +++++++------ 7 files changed, 74 insertions(+), 8 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index a25b346ca..4b877818b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -264,6 +264,14 @@ class ApplicationController < ActionController::Base render_404 end + #根据course_id找project + def find_project_by_course_id + @bid = Bid.find params[:course_id] + @project = @bid.courses[0] + rescue ActiveRecord::RecordNotFound + render_404 + end + # Find a project based on params[:project_id] # TODO: some subclasses override this, see about merging their logic def find_optional_project diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb index cdf6e7d5a..991d347e0 100644 --- a/app/controllers/bids_controller.rb +++ b/app/controllers/bids_controller.rb @@ -16,6 +16,13 @@ class BidsController < ApplicationController before_filter :memberAccess, only: :show_project + #判断当前角色权限时需先找到当前操作的project + before_filter :find_project_by_project_id, :only => [:edit] + before_filter :find_project_by_course_id, :only => [:homework_destroy] + before_filter :find_project_by_bid_id, :only => [:show_project] + #判断当前角色是否有操作权限 + #勿删 before_filter :authorize, :only => [:edit,:homework_destroy,:show_project] + helper :watchers helper :attachments include AttachmentsHelper @@ -25,7 +32,14 @@ class BidsController < ApplicationController helper :projects helper :words helper :welcome - + + def find_project_by_bid_id + @bid = Bid.find(params[:id]) + @project = @bid.courses[0] + rescue ActiveRecord::RecordNotFound + render_404 + end + def homework_ajax_modal @bid = Bid.find_by_id(params[:id]) # find_bid @@ -523,6 +537,7 @@ class BidsController < ApplicationController message = params[:bid_message][:message] + "\n" + params[:reference_content] else message = params[:bid_message][:message] + @m = message end refer_user_id = params[:bid_message][:reference_user_id].to_i @bid.add_jour(User.current, message, refer_user_id) diff --git a/app/controllers/homework_attach_controller.rb b/app/controllers/homework_attach_controller.rb index 24e1a86e4..13ec7a189 100644 --- a/app/controllers/homework_attach_controller.rb +++ b/app/controllers/homework_attach_controller.rb @@ -1,5 +1,23 @@ class HomeworkAttachController < ApplicationController ############################### + #判断当前角色权限时需先找到当前操作的project + before_filter :find_project_by_bid_id, :only => [:new] + before_filter :find_project_by_hoemwork_id, :only => [:edit,:update,:destroy] + #判断当前角色是否有操作权限 + #勿删 before_filter :authorize, :only => [:new,:edit,:update,:destroy] + + def find_project_by_bid_id + @bid = Bid.find(params[:id]) + @project = @bid.courses[0] + rescue ActiveRecord::RecordNotFound + render_404 + end + + def find_project_by_hoemwork_id + @homework = HomeworkAttach.find(params[:id]) + @project = @homework.bid.courses[0] + end + def index @homeworks = HomeworkAttach.all respond_to do |format| diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 16d9d71d4..8d6f53715 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -37,6 +37,7 @@ class ProjectsController < ApplicationController # before_filter :authorize, :except => [:new_join, :new_homework, :homework, :statistics, :search, :watcherlist, :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy, :member, :focus, :file, # :statistics, :feedback, :course, :enterprise_course, :course_enterprise, :project_respond, :share, # :show_projects_score, :issue_score_index, :news_score_index, :file_score_index, :code_submit_score_index, :projects_topic_score_index] + #此条勿删 课程相关权限 ,:new_homework,:homework,:feedback before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course] before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy, :calendar] diff --git a/config/locales/en.yml b/config/locales/en.yml index 23911e568..d8bfc966c 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -473,6 +473,27 @@ en: permission_export_wiki_pages: Export wiki pages permission_manage_subtasks: Manage subtasks permission_manage_related_issues: Manage related issues + permission_view_journals_for_messages: View journals messages + permission_view_courses: View courses + permission_new_course: Create course + permission_configure_course: Configure course + permission_close_course: Close/open course + permission_new_assignment: Create assignment + permission_edit_assignment: Edit assignment + permission_delete_assignment: Delete assignment + permission_new_placeholder: Create placeholder + permission_edit_placeholder: Edit placeholder + permission_delete_placeholder: Delete placeholder + permission_commit_content: Commit content + permission_new_course_notify: Create course notify + permission_edit_course_notify: Eidt course notify + permission_delete_course_notify: Delete course notify + permission_view_assignment: View assignment + permission_view_placeholder: View placeholder + permission_view_course_messages: View course messages + permission_view_real_name: View real name + permission_view_students: View students + permission_export_homeworks: Export homeworks project_module_issue_tracking: Issue tracking project_module_time_tracking: Time tracking diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 8d2ccfb50..c945bbdaa 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -471,7 +471,8 @@ zh: permission_view_placeholder: 查看占位 permission_view_course_messages: 查看留言 permission_view_real_name: 查看真名 - + permission_view_students: 查看学生列表 + permission_export_homeworks: 导出作业 project_module_issue_tracking: 问题跟踪 diff --git a/lib/redmine.rb b/lib/redmine.rb index 5c96ce926..33d9bf58f 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -188,16 +188,18 @@ Redmine::AccessControl.map do |map| map.permission :edit_assignment,{:bids => [:edit]},:read => true map.permission :delete_assignment,{:bids => [:homework_destroy]},:read => true map.permission :new_placeholder,{:homework_attach => [:new]},:read => true - map.permission :edit_placeholder,{},:read => true - map.permission :delete_placeholder,{},:read => true - map.permission :commit_content,{},:read => true + map.permission :edit_placeholder,{:homework_attach => [:edit,:update]},:read => true + map.permission :delete_placeholder,{:homework_attach => [:destroy]},:read => true + #map.permission :commit_content,{},:read => true #map.permission :new_course_notify,{},:read => true #map.permission :edit_course_notify,{},:read => true #map.permission :delete_course_notify,{},:read => true - map.permission :view_assignment,{},:read => true - map.permission :view_placeholder,{},:read => true - map.permission :view_course_messages,{},:read => true + map.permission :view_assignment,{:projects => [:homework]},:read => true + map.permission :view_placeholder,{:bids => [:show_project]},:read => true + map.permission :view_course_messages,{:projects => [:feedback]},:read => true map.permission :view_real_name,{},:read => true + map.permission :view_students,{}, :read=>true + map.permission :export_homeworks,{},:read => true end map.project_module :boards do |map| From 4478c86ceae67bb8680b36cd24a6663cb50567d2 Mon Sep 17 00:00:00 2001 From: z9hang Date: Fri, 6 Jun 2014 10:37:06 +0800 Subject: [PATCH 4/5] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E8=AF=BE=E7=A8=8B=20?= =?UTF-8?q?=E6=9F=A5=E7=9C=8B=E7=9C=9F=E5=90=8D=E3=80=81=E6=9F=A5=E7=9C=8B?= =?UTF-8?q?=E6=88=90=E5=91=98=E3=80=81=E4=BD=9C=E4=B8=9A=E5=AF=BC=E5=87=BA?= =?UTF-8?q?=E6=9D=83=E9=99=90=E4=BB=A3=E7=A0=81=EF=BC=88=E6=9C=AA=E5=BA=94?= =?UTF-8?q?=E7=94=A8=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Gemfile.lock | 2 +- app/controllers/projects_controller.rb | 5 ++++- app/controllers/zipdown_controller.rb | 14 ++++++++++++++ config/locales/zh.yml | 4 ++-- lib/redmine.rb | 6 +++--- 5 files changed, 24 insertions(+), 7 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6680070a7..e6ee7da71 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -134,7 +134,7 @@ PLATFORMS DEPENDENCIES activerecord-jdbc-adapter (= 1.2.5) activerecord-jdbcmysql-adapter - acts-as-taggable-on + acts-as-taggable-on (= 2.4.1) better_errors! builder (= 3.0.0) coderay (~> 1.0.6) diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 8d6f53715..ad3dc3dca 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -37,7 +37,7 @@ class ProjectsController < ApplicationController # before_filter :authorize, :except => [:new_join, :new_homework, :homework, :statistics, :search, :watcherlist, :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy, :member, :focus, :file, # :statistics, :feedback, :course, :enterprise_course, :course_enterprise, :project_respond, :share, # :show_projects_score, :issue_score_index, :news_score_index, :file_score_index, :code_submit_score_index, :projects_topic_score_index] - #此条勿删 课程相关权限 ,:new_homework,:homework,:feedback + #此条勿删 课程相关权限 ,:new_homework,:homework,:feedback,,:member before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course] before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy, :calendar] @@ -722,6 +722,9 @@ class ProjectsController < ApplicationController @teachers= searchTeacherAndAssistant(@project) @canShowRealName = isCourseTeacher(User.current.id) end + + #勿删 real_name action为虚拟的该方法并不存在,用来辅助判断真名权限 + #勿删 @canShowRealName = User.current.allowed_to?({:controller => "projects", :action => "real_name"}, @project || @projects, :global => false) respond_to do |format| format.html{render :layout => 'base_courses' if @base_courses_tag==1} format.api diff --git a/app/controllers/zipdown_controller.rb b/app/controllers/zipdown_controller.rb index 5caa97a22..ee5460805 100644 --- a/app/controllers/zipdown_controller.rb +++ b/app/controllers/zipdown_controller.rb @@ -1,7 +1,21 @@ class ZipdownController < ApplicationController + #查找项目(课程) + before_filter :find_project_by_bid_id, :only => [:assort,:download_user_homework] + #检查权限 + #勿删 before_filter :authorize, :only => [:assort,:download_user_homework] SAVE_FOLDER = "#{Rails.root}/files" OUTPUT_FOLDER = "#{Rails.root}/tmp/archiveZip" + #通过作业Id找到项目(课程) + def find_project_by_bid_id + obj_class = params[:obj_class] + obj_id = params[:obj_id] + obj = obj_class.constantize.find(obj_id) + case obj.class.to_s.to_sym + when :Bid + @project = obj.courses[0] + end + end def assort obj_class = params[:obj_class] obj_id = params[:obj_id] diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 139e8fe94..42886845e 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -453,7 +453,7 @@ zh: permission_export_wiki_pages: 导出 wiki 页面 permission_manage_subtasks: 管理子任务 permission_view_journals_for_messages: 查看留言 - permission_view_courses: 查看课程列表 + permission_view_courses: 查看课程 permission_new_course: 新建课程 permission_configure_course: 配置课程 permission_close_course: 关闭/重开课程 @@ -471,7 +471,7 @@ zh: permission_view_placeholder: 查看占位 permission_view_course_messages: 查看留言 permission_view_real_name: 查看真名 - permission_view_students: 查看学生列表 + permission_view_students: 查看成员 permission_export_homeworks: 导出作业 diff --git a/lib/redmine.rb b/lib/redmine.rb index 33d9bf58f..7d3aa9ea7 100644 --- a/lib/redmine.rb +++ b/lib/redmine.rb @@ -197,9 +197,9 @@ Redmine::AccessControl.map do |map| map.permission :view_assignment,{:projects => [:homework]},:read => true map.permission :view_placeholder,{:bids => [:show_project]},:read => true map.permission :view_course_messages,{:projects => [:feedback]},:read => true - map.permission :view_real_name,{},:read => true - map.permission :view_students,{}, :read=>true - map.permission :export_homeworks,{},:read => true + map.permission :view_real_name,{:projects => [:real_name]},:read => true + map.permission :view_students,{:projects => [:member]}, :read=>true + map.permission :export_homeworks,{:zipdown => [:assort,:download_user_homework]},:read => true end map.project_module :boards do |map| From cf5c7a66104ebe8ee3292a0a45503957ec0a2b85 Mon Sep 17 00:00:00 2001 From: z9hang Date: Fri, 6 Jun 2014 14:01:03 +0800 Subject: [PATCH 5/5] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=AD=A6=E7=94=9F?= =?UTF-8?q?=E4=BB=8E=E4=B8=AA=E4=BA=BA=E4=B8=BB=E9=A1=B5=E8=AF=BE=E7=A8=8B?= =?UTF-8?q?=E6=A0=87=E7=AD=BE=E9=A1=B5=E6=9C=AA=E5=8F=82=E5=8A=A0=E8=AF=BE?= =?UTF-8?q?=E7=A8=8B=E7=8A=B6=E6=80=81=E4=B8=8B=E7=82=B9=E5=87=BB=E5=8A=A0?= =?UTF-8?q?=E5=85=A5=E8=AF=BE=E7=A8=8B=E8=BF=9B=E5=85=A5=E8=AF=BE=E7=A8=8B?= =?UTF-8?q?=E5=88=97=E8=A1=A8=E6=90=9C=E7=B4=A2=E8=AF=BE=E7=A8=8B=E5=A4=B1?= =?UTF-8?q?=E8=B4=A5bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/bids/show_project.html.erb | 3 ++- app/views/users/_my_joinedcourse.html.erb | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/app/views/bids/show_project.html.erb b/app/views/bids/show_project.html.erb index c14d2e14c..039de6b7a 100644 --- a/app/views/bids/show_project.html.erb +++ b/app/views/bids/show_project.html.erb @@ -1,8 +1,9 @@ <% if @bid.homework_type == Bid::HomeworkFile %> + <%= render :partial => 'homework' %> <% else %> - +