jacknudt
/
socialforge
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

修复进入我的动态,关注人没有进行权限过滤的BUG

This commit is contained in:
sw 2015-03-07 11:38:15 +08:00
parent 3e3cde0805
commit 945b9ff9cf
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/controllers/users_controller.rb
View File

@ -443,15 +443,15 @@ class UsersController < ApplicationController
activity = Activity.where(where_condition).where('user_id in (?)', watcher).order('id desc')
else
activity = Activity.where(where_condition).where('user_id = ?', @user.id).order('id desc')
activity = activity.reject { |e|
!User.current.admin? &&
(((e.act_type == "Issue") && !e.act.project.visible?(User.current)) ||
(e.act_type == "Bid" && e.act.courses.first.is_public == 0 && !User.current.member_of_course?(e.act.courses.first)) ||
(e.act_type == "Journal" && e.act.respond_to?("Project") && !e.act.project.visible?(User.current)) ||
(e.act_type == "News" && ((!e.act.project.nil? && !e.act.project.visible?(User.current)) || (!e.act.course.nil? && e.act.course.is_public == 0 && !User.current.member_of_course?(e.act.course)))) ||
(e.act_type == "Message" && !e.act.board.nil? && ((!e.act.board.project.nil? && !e.act.board.project.visible?(User.current)) || (!e.act.board.course.nil? && e.act.board.course.is_public == 0 && !User.current.member_of_course?(e.act.board.course)))))
}
end
activity = activity.reject { |e|
!User.current.admin? &&
(((e.act_type == "Issue") && !e.act.project.visible?(User.current)) ||
(e.act_type == "Bid" && e.act.courses.first.is_public == 0 && !User.current.member_of_course?(e.act.courses.first)) ||
(e.act_type == "Journal" && e.act.respond_to?("Project") && !e.act.project.visible?(User.current)) ||
(e.act_type == "News" && ((!e.act.project.nil? && !e.act.project.visible?(User.current)) || (!e.act.course.nil? && e.act.course.is_public == 0 && !User.current.member_of_course?(e.act.course)))) ||
(e.act_type == "Message" && !e.act.board.nil? && ((!e.act.board.project.nil? && !e.act.board.project.visible?(User.current)) || (!e.act.board.course.nil? && e.act.board.course.is_public == 0 && !User.current.member_of_course?(e.act.board.course)))))
}
@activity_count = activity.count
@activity_pages = Paginator.new @activity_count, pre_count, params['page']
@activity = activity.slice(@activity_pages.offset,@activity_pages.per_page)