This commit is contained in:
yanxd 2014-06-06 16:18:48 +08:00
commit 8b176c0027
12 changed files with 127 additions and 11 deletions

View File

@ -134,7 +134,7 @@ PLATFORMS
DEPENDENCIES DEPENDENCIES
activerecord-jdbc-adapter (= 1.2.5) activerecord-jdbc-adapter (= 1.2.5)
activerecord-jdbcmysql-adapter activerecord-jdbcmysql-adapter
acts-as-taggable-on acts-as-taggable-on (= 2.4.1)
better_errors! better_errors!
builder (= 3.0.0) builder (= 3.0.0)
coderay (~> 1.0.6) coderay (~> 1.0.6)

View File

@ -264,6 +264,14 @@ class ApplicationController < ActionController::Base
render_404 render_404
end end
#根据course_id找project
def find_project_by_course_id
@bid = Bid.find params[:course_id]
@project = @bid.courses[0]
rescue ActiveRecord::RecordNotFound
render_404
end
# Find a project based on params[:project_id] # Find a project based on params[:project_id]
# TODO: some subclasses override this, see about merging their logic # TODO: some subclasses override this, see about merging their logic
def find_optional_project def find_optional_project

View File

@ -16,6 +16,13 @@ class BidsController < ApplicationController
before_filter :memberAccess, only: :show_project before_filter :memberAccess, only: :show_project
#判断当前角色权限时需先找到当前操作的project
before_filter :find_project_by_project_id, :only => [:edit]
before_filter :find_project_by_course_id, :only => [:homework_destroy]
before_filter :find_project_by_bid_id, :only => [:show_project]
#判断当前角色是否有操作权限
#勿删 before_filter :authorize, :only => [:edit,:homework_destroy,:show_project]
helper :watchers helper :watchers
helper :attachments helper :attachments
include AttachmentsHelper include AttachmentsHelper
@ -25,7 +32,14 @@ class BidsController < ApplicationController
helper :projects helper :projects
helper :words helper :words
helper :welcome helper :welcome
def find_project_by_bid_id
@bid = Bid.find(params[:id])
@project = @bid.courses[0]
rescue ActiveRecord::RecordNotFound
render_404
end
def homework_ajax_modal def homework_ajax_modal
@bid = Bid.find_by_id(params[:id]) @bid = Bid.find_by_id(params[:id])
# find_bid # find_bid
@ -526,6 +540,7 @@ class BidsController < ApplicationController
message = params[:bid_message][:message] + "\n" + params[:reference_content] message = params[:bid_message][:message] + "\n" + params[:reference_content]
else else
message = params[:bid_message][:message] message = params[:bid_message][:message]
@m = message
end end
refer_user_id = params[:bid_message][:reference_user_id].to_i refer_user_id = params[:bid_message][:reference_user_id].to_i
@bid.add_jour(User.current, message, refer_user_id) @bid.add_jour(User.current, message, refer_user_id)

View File

@ -1,5 +1,23 @@
class HomeworkAttachController < ApplicationController class HomeworkAttachController < ApplicationController
############################### ###############################
#判断当前角色权限时需先找到当前操作的project
before_filter :find_project_by_bid_id, :only => [:new]
before_filter :find_project_by_hoemwork_id, :only => [:edit,:update,:destroy]
#判断当前角色是否有操作权限
#勿删 before_filter :authorize, :only => [:new,:edit,:update,:destroy]
def find_project_by_bid_id
@bid = Bid.find(params[:id])
@project = @bid.courses[0]
rescue ActiveRecord::RecordNotFound
render_404
end
def find_project_by_hoemwork_id
@homework = HomeworkAttach.find(params[:id])
@project = @homework.bid.courses[0]
end
def index def index
@homeworks = HomeworkAttach.all @homeworks = HomeworkAttach.all
respond_to do |format| respond_to do |format|

View File

@ -37,6 +37,7 @@ class ProjectsController < ApplicationController
# before_filter :authorize, :except => [:new_join, :new_homework, :homework, :statistics, :search, :watcherlist, :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy, :member, :focus, :file, # before_filter :authorize, :except => [:new_join, :new_homework, :homework, :statistics, :search, :watcherlist, :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy, :member, :focus, :file,
# :statistics, :feedback, :course, :enterprise_course, :course_enterprise, :project_respond, :share, # :statistics, :feedback, :course, :enterprise_course, :course_enterprise, :project_respond, :share,
# :show_projects_score, :issue_score_index, :news_score_index, :file_score_index, :code_submit_score_index, :projects_topic_score_index] # :show_projects_score, :issue_score_index, :news_score_index, :file_score_index, :code_submit_score_index, :projects_topic_score_index]
#此条勿删 课程相关权限 ,:new_homework,:homework,:feedback,,:member
before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course] before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course]
before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches] before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches]
before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy, :calendar] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy, :calendar]
@ -721,6 +722,9 @@ class ProjectsController < ApplicationController
@teachers= searchTeacherAndAssistant(@project) @teachers= searchTeacherAndAssistant(@project)
@canShowRealName = isCourseTeacher(User.current.id) @canShowRealName = isCourseTeacher(User.current.id)
end end
#勿删 real_name action为虚拟的该方法并不存在用来辅助判断真名权限
#勿删 @canShowRealName = User.current.allowed_to?({:controller => "projects", :action => "real_name"}, @project || @projects, :global => false)
respond_to do |format| respond_to do |format|
format.html{render :layout => 'base_courses' if @base_courses_tag==1} format.html{render :layout => 'base_courses' if @base_courses_tag==1}
format.api format.api

View File

@ -1,7 +1,21 @@
class ZipdownController < ApplicationController class ZipdownController < ApplicationController
#查找项目(课程)
before_filter :find_project_by_bid_id, :only => [:assort,:download_user_homework]
#检查权限
#勿删 before_filter :authorize, :only => [:assort,:download_user_homework]
SAVE_FOLDER = "#{Rails.root}/files" SAVE_FOLDER = "#{Rails.root}/files"
OUTPUT_FOLDER = "#{Rails.root}/tmp/archiveZip" OUTPUT_FOLDER = "#{Rails.root}/tmp/archiveZip"
#通过作业Id找到项目课程
def find_project_by_bid_id
obj_class = params[:obj_class]
obj_id = params[:obj_id]
obj = obj_class.constantize.find(obj_id)
case obj.class.to_s.to_sym
when :Bid
@project = obj.courses[0]
end
end
def assort def assort
obj_class = params[:obj_class] obj_class = params[:obj_class]
obj_id = params[:obj_id] obj_id = params[:obj_id]

View File

@ -1,8 +1,9 @@
<% if @bid.homework_type == Bid::HomeworkFile %> <% if @bid.homework_type == Bid::HomeworkFile %>
<!-- 提交文件类型 -->
<%= render :partial => 'homework' %> <%= render :partial => 'homework' %>
<% else %> <% else %>
<!-- 提交引用项目 -->
<script type="text/javascript" language="javascript"> <script type="text/javascript" language="javascript">
function clearInfo(id, content) { function clearInfo(id, content) {
var text = $('#' + id); var text = $('#' + id);

View File

@ -7,7 +7,7 @@
<% else %> <% else %>
<p class="font_description"> <p class="font_description">
<%= l(:label_project_cousre_studentun) %><%= link_to"#{l(:label_course_join_student)}",{:controller=>'projects',:action=>'course', :course => 1}, :class => 'icon icon-add' %> <%= l(:label_project_cousre_studentun) %><%= link_to"#{l(:label_course_join_student)}",{:controller=>'projects',:action=>'course', :project_type => 1}, :class => 'icon icon-add' %>
</p> </p>
<% end %> <% end %>
<% else %> <% else %>

View File

@ -473,6 +473,27 @@ en:
permission_export_wiki_pages: Export wiki pages permission_export_wiki_pages: Export wiki pages
permission_manage_subtasks: Manage subtasks permission_manage_subtasks: Manage subtasks
permission_manage_related_issues: Manage related issues permission_manage_related_issues: Manage related issues
permission_view_journals_for_messages: View journals messages
permission_view_courses: View courses
permission_new_course: Create course
permission_configure_course: Configure course
permission_close_course: Close/open course
permission_new_assignment: Create assignment
permission_edit_assignment: Edit assignment
permission_delete_assignment: Delete assignment
permission_new_placeholder: Create placeholder
permission_edit_placeholder: Edit placeholder
permission_delete_placeholder: Delete placeholder
permission_commit_content: Commit content
permission_new_course_notify: Create course notify
permission_edit_course_notify: Eidt course notify
permission_delete_course_notify: Delete course notify
permission_view_assignment: View assignment
permission_view_placeholder: View placeholder
permission_view_course_messages: View course messages
permission_view_real_name: View real name
permission_view_students: View students
permission_export_homeworks: Export homeworks
project_module_issue_tracking: Issue tracking project_module_issue_tracking: Issue tracking
project_module_time_tracking: Time tracking project_module_time_tracking: Time tracking

View File

@ -453,7 +453,27 @@ zh:
permission_export_wiki_pages: 导出 wiki 页面 permission_export_wiki_pages: 导出 wiki 页面
permission_manage_subtasks: 管理子任务 permission_manage_subtasks: 管理子任务
permission_view_journals_for_messages: 查看留言 permission_view_journals_for_messages: 查看留言
permission_view_courses: 查看课程列表 permission_view_courses: 查看课程
permission_new_course: 新建课程
permission_configure_course: 配置课程
permission_close_course: 关闭/重开课程
permission_new_assignment: 新建任务
permission_edit_assignment: 编辑任务
permission_delete_assignment: 删除任务
permission_new_placeholder: 新建占位
permission_edit_placeholder: 编辑占位
permission_delete_placeholder: 删除占位
permission_commit_content: 提交内容
permission_new_course_notify: 发布课程通知
permission_edit_course_notify: 编辑课程通知
permission_delete_course_notify: 删除课程通知
permission_view_assignment: 查看任务
permission_view_placeholder: 查看占位
permission_view_course_messages: 查看留言
permission_view_real_name: 查看真名
permission_view_students: 查看成员
permission_export_homeworks: 导出作业
project_module_issue_tracking: 问题跟踪 project_module_issue_tracking: 问题跟踪
project_module_time_tracking: 时间跟踪 project_module_time_tracking: 时间跟踪

View File

@ -172,6 +172,7 @@ default_projects_modules:
- boards - boards
- calendar - calendar
- gantt - gantt
- course
default_projects_tracker_ids: default_projects_tracker_ids:
serialized: true serialized: true
default: default:

View File

@ -179,13 +179,27 @@ Redmine::AccessControl.map do |map|
end end
#课程权限模块 #课程权限模块
map.project_module :course do map.project_module :course do |map|
map.permission :view_courses,{:projects => [:course]},:read => true map.permission :view_courses,{:projects => [:course]},:read => true
end #map.permission :new_course, {}, :read => true
#map.permission :configure_course,{},:read => true
#作业模块权限 #map.permission :close_course,{},:read => true
map.project_module :bids do |map| map.permission :new_assignment,{:projects => [:new_homework]},:read => true
map.permission :view_homework_attaches, {:bids => [:show, :show_project, :revision]}, :read => true map.permission :edit_assignment,{:bids => [:edit]},:read => true
map.permission :delete_assignment,{:bids => [:homework_destroy]},:read => true
map.permission :new_placeholder,{:homework_attach => [:new]},:read => true
map.permission :edit_placeholder,{:homework_attach => [:edit,:update]},:read => true
map.permission :delete_placeholder,{:homework_attach => [:destroy]},:read => true
#map.permission :commit_content,{},:read => true
#map.permission :new_course_notify,{},:read => true
#map.permission :edit_course_notify,{},:read => true
#map.permission :delete_course_notify,{},:read => true
map.permission :view_assignment,{:projects => [:homework]},:read => true
map.permission :view_placeholder,{:bids => [:show_project]},:read => true
map.permission :view_course_messages,{:projects => [:feedback]},:read => true
map.permission :view_real_name,{:projects => [:real_name]},:read => true
map.permission :view_students,{:projects => [:member]}, :read=>true
map.permission :export_homeworks,{:zipdown => [:assort,:download_user_homework]},:read => true
end end
map.project_module :boards do |map| map.project_module :boards do |map|