权限管理机制优化
This commit is contained in:
parent
fd71435b30
commit
9634046d11
|
@ -172,7 +172,7 @@ class CoursesController < ApplicationController
|
|||
## 有角色参数的才是课程,没有的就是项目
|
||||
@render_file = 'member_list'
|
||||
@teachers= searchTeacherAndAssistant(@course)
|
||||
@canShowCode = isCourseTeacher(User.current.id)
|
||||
@canShowCode = isCourseTeacher(User.current.id,@course)
|
||||
case params[:role]
|
||||
when '1'
|
||||
@subPage_title = l :label_teacher_list
|
||||
|
@ -643,7 +643,7 @@ class CoursesController < ApplicationController
|
|||
@sort_by = %w(category date title author).include?(params[:sort_by]) ? params[:sort_by] : 'category'
|
||||
#
|
||||
@teachers= searchTeacherAndAssistant(@course)
|
||||
@canShowRealName = isCourseTeacher(User.current.id)
|
||||
@canShowRealName = isCourseTeacher(User.current.id,@course)
|
||||
|
||||
if(User.find_by_id(CourseInfos.find_by_course_id(@course.id).try(:user_id)))
|
||||
@user = User.find_by_id(CourseInfos.find_by_course_id(@course.id).user_id)
|
||||
|
@ -656,9 +656,10 @@ class CoursesController < ApplicationController
|
|||
end
|
||||
|
||||
#判断指定用户是否为课程教师
|
||||
def isCourseTeacher(id)
|
||||
def isCourseTeacher(id,course)
|
||||
result = false
|
||||
if @teachers && @teachers.find_by_user_id(id) != nil
|
||||
user = User.find(id)
|
||||
if user.nil? && user.allowed_to?(:as_teacher,course)#@teachers && @teachers.count != 0 && @teachers.find_by_user_id(id) != nil
|
||||
result = true
|
||||
end
|
||||
result
|
||||
|
|
|
@ -7,26 +7,27 @@ module CoursesHelper
|
|||
3. define search by roles
|
||||
4. define search member function
|
||||
=end
|
||||
TeacherRoles = [3, 4, 7, 9]
|
||||
StudentRoles = [5, 10]
|
||||
AllPeople = StudentRoles+TeacherRoles
|
||||
#TeacherRoles = [3, 4, 7, 9]
|
||||
#StudentRoles = [5, 10]
|
||||
#AllPeople = StudentRoles+TeacherRoles
|
||||
## return people count
|
||||
|
||||
# 返回x项目成员数量,即roles表中定义的所有成员
|
||||
def projectCount project
|
||||
searchCountByRoles project, AllPeople
|
||||
#searchCountByRoles project, AllPeople
|
||||
project.members.count
|
||||
end
|
||||
|
||||
# 返回教师数量,即roles表中定义的Manager
|
||||
def teacherCount project
|
||||
searchCountByRoles project, TeacherRoles
|
||||
searchTeacherAndAssistant(project).count
|
||||
# or
|
||||
# searchTeacherAndAssistant(project).count
|
||||
end
|
||||
|
||||
# 返回学生数量,即roles表中定义的Reporter
|
||||
def studentCount project
|
||||
searchCountByRoles project,StudentRoles
|
||||
searchStudent(project).count
|
||||
# or
|
||||
# searchStudent(project).count
|
||||
end
|
||||
|
@ -133,29 +134,39 @@ module CoursesHelper
|
|||
# =====================================================================================
|
||||
# return people list
|
||||
def searchTeacherAndAssistant project
|
||||
searchPeopleByRoles(project, TeacherRoles)
|
||||
end
|
||||
|
||||
def searchStudent project
|
||||
searchPeopleByRoles(project, StudentRoles)
|
||||
end
|
||||
# =====================================================================================
|
||||
|
||||
def searchCountByRoles project, roles_id
|
||||
members = searchPeopleByRoles project, roles_id
|
||||
members.count
|
||||
end
|
||||
|
||||
def searchPeopleByRoles project, roles_id
|
||||
#searchPeopleByRoles(project, TeacherRoles)
|
||||
members = []
|
||||
begin
|
||||
members = project.members.joins(:member_roles).where("member_roles.role_id IN (:role_id)", {:role_id => roles_id})
|
||||
rescue Exception => e
|
||||
logger.error "[CoursesHelper] ===> #{e}"
|
||||
project.members.each do |m|
|
||||
members << m if m && m.user && m.user.allowed_to?(:as_teacher,project)
|
||||
end
|
||||
members
|
||||
end
|
||||
|
||||
def searchStudent project
|
||||
#searchPeopleByRoles(project, StudentRoles)
|
||||
members = []
|
||||
project.members.each do |m|
|
||||
members << m if m && m.user && m.user.allowed_to?(:as_student,project)
|
||||
end
|
||||
members
|
||||
end
|
||||
# =====================================================================================
|
||||
|
||||
#def searchCountByRoles project, roles_id
|
||||
# members = searchPeopleByRoles project, roles_id
|
||||
# members.count
|
||||
#end
|
||||
|
||||
#def searchPeopleByRoles project, roles_id
|
||||
# members = []
|
||||
# begin
|
||||
# members = project.members.joins(:member_roles).where("member_roles.role_id IN (:role_id)", {:role_id => roles_id})
|
||||
# rescue Exception => e
|
||||
# logger.error "[CoursesHelper] ===> #{e}"
|
||||
# end
|
||||
# members
|
||||
#end
|
||||
|
||||
def sort_courses(state)
|
||||
content = ''.html_safe
|
||||
case state
|
||||
|
@ -186,15 +197,15 @@ module CoursesHelper
|
|||
end
|
||||
|
||||
#useless
|
||||
def searchMembersByRole project, role_id
|
||||
members = []
|
||||
begin
|
||||
members = project.members.joins(:member_roles).where("member_roles.role_id = :role_id", {:role_id => role_id })
|
||||
rescue Exception => e
|
||||
logger.error "[CoursesHelper] ===> #{e}"
|
||||
end
|
||||
members
|
||||
end
|
||||
#def searchMembersByRole project, role_id
|
||||
# members = []
|
||||
# begin
|
||||
# members = project.members.joins(:member_roles).where("member_roles.role_id = :role_id", {:role_id => role_id })
|
||||
# rescue Exception => e
|
||||
# logger.error "[CoursesHelper] ===> #{e}"
|
||||
# end
|
||||
# members
|
||||
#end
|
||||
|
||||
def sort_course(state, school_id)
|
||||
content = ''.html_safe
|
||||
|
@ -270,9 +281,10 @@ module CoursesHelper
|
|||
def find_by_extra_from_project extra
|
||||
Course.find_by_extra(try(extra))
|
||||
end
|
||||
#判断制定用户是不是当前课程的老师
|
||||
#判断指定用户是不是当前课程的老师
|
||||
def is_course_teacher (user,course)
|
||||
course.members.joins(:member_roles).where("member_roles.role_id IN (:role_id) and members.user_id = #{user.id}", {:role_id => TeacherRoles}).count != 0
|
||||
#course.members.joins(:member_roles).where("member_roles.role_id IN (:role_id) and members.user_id = #{user.id}", {:role_id => TeacherRoles}).count != 0
|
||||
user.allowed_to?(:as_teacher,course)
|
||||
#修改为根据用户是否有发布任务的权限来判断用户是否是课程的老师
|
||||
#is_teacher = false
|
||||
#@membership = user.memberships.all(:conditions => Project.visible_condition(User.current))
|
||||
|
@ -287,7 +299,8 @@ module CoursesHelper
|
|||
end
|
||||
#当前用户是不是指定课程的学生
|
||||
def is_cur_course_student course
|
||||
course.members.joins(:member_roles).where("member_roles.role_id IN (:role_id) and members.user_id = #{User.current.id}", {:role_id => StudentRoles}).count != 0
|
||||
#course.members.joins(:member_roles).where("member_roles.role_id IN (:role_id) and members.user_id = #{User.current.id}", {:role_id => StudentRoles}).count != 0
|
||||
!(User.current.allowed_to?(:as_teacher,course))
|
||||
#修改:能新建占位且不能新建任务的角色判定为学生
|
||||
#is_student = false
|
||||
#@membership = User.current.memberships.all(:conditions => Project.visible_condition(User.current))
|
||||
|
@ -329,7 +342,7 @@ module CoursesHelper
|
|||
|
||||
#获取作业的互评得分
|
||||
def student_score_for_homework homework
|
||||
member = searchPeopleByRoles(homework.bid.courses.first,TeacherRoles).first
|
||||
member = searchTeacherAndAssistant(homework.bid.courses.first).first#searchPeopleByRoles(homework.bid.courses.first,TeacherRoles).first
|
||||
student_stars = homework.rates(:quality).where("rater_id <> #{member.user_id}").select("stars")
|
||||
student_stars_count = 0
|
||||
student_stars.each do |star|
|
||||
|
@ -340,7 +353,7 @@ module CoursesHelper
|
|||
|
||||
#获取作业的教师评分
|
||||
def teacher_score_for_homework homework
|
||||
member = searchPeopleByRoles(homework.bid.courses.first,TeacherRoles).first
|
||||
member = searchTeacherAndAssistant(homework.bid.courses.first).first#searchPeopleByRoles(homework.bid.courses.first,TeacherRoles).first
|
||||
teacher_stars = homework.rates(:quality).where("rater_id = #{member.user_id}").select("stars").first
|
||||
return format("%.2f",teacher_stars == nil ? 0 : teacher_stars.stars)
|
||||
end
|
||||
|
|
|
@ -165,7 +165,7 @@
|
|||
<option value = '2014'>2014</option>
|
||||
<option value = '2015'>2015</option>
|
||||
<option value = '2016'>2016</option>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
|
||||
<% elsif @course.time == 2014 %>
|
||||
<p><table><tr><td class="info" align="right" style="width: 86px"><strong><%= l(:label_term) %><span class="required"> * </span></strong></td>
|
||||
|
@ -179,7 +179,7 @@
|
|||
<option value = '2014' selected='selected'>2014</option>
|
||||
<option value = '2015'>2015</option>
|
||||
<option value = '2016'>2016</option>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
|
||||
<% elsif @course.time == 2015 %>
|
||||
<p><table><tr><td class="info" align="right" style="width: 86px"><strong><%= l(:label_term) %><span class="required"> * </span></strong></td>
|
||||
|
@ -193,7 +193,7 @@
|
|||
<option value = '2014'>2014</option>
|
||||
<option value = '2015' selected='selected'>2015</option>
|
||||
<option value = '2016'>2016</option>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
|
||||
<% elsif @course.time == 2016 %>
|
||||
<p><table><tr><td class="info" align="right" style="width: 86px"><strong><%= l(:label_term) %><span class="required"> * </span></strong></td>
|
||||
|
@ -207,7 +207,7 @@
|
|||
<option value = '2014'>2014</option>
|
||||
<option value = '2015'>2015</option>
|
||||
<option value = '2016' selected='selected'>2016</option>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<option value = '2017'>2017</option>".html_safe %></td></tr></table></p>
|
||||
|
||||
<% elsif @course.time == 2017 %>
|
||||
<p><table><tr><td class="info" align="right" style="width: 86px"><strong><%= l(:label_term) %><span class="required"> * </span></strong></td>
|
||||
|
@ -221,7 +221,7 @@
|
|||
<option value = '2014'>2014</option>
|
||||
<option value = '2015'>2015</option>
|
||||
<option value = '2016'>2016</option>
|
||||
<option value = '2017' selected='selected'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<option value = '2017' selected='selected'>2017</option>".html_safe %></td></tr></table></p>
|
||||
<% else %>
|
||||
<p><table><tr><td class="info" align="right" style="width: 86px"><strong><%= l(:label_term) %><span class="required"> * </span></strong></td>
|
||||
<td class="info" style="width: 10px">
|
||||
|
|
|
@ -476,6 +476,20 @@ zh:
|
|||
permission_view_real_name: 查看真名
|
||||
permission_view_students: 查看成员
|
||||
permission_export_homeworks: 导出作业
|
||||
permission_quote_project: 引用项目
|
||||
permission_is_manager: 作为管理员
|
||||
permission_as_teacher: 作为教师
|
||||
permission_as_student: 作为学生
|
||||
permission_paret_in_homework: 加入作业
|
||||
permission_view_homework_attaches: 查看作业附件
|
||||
permission_view_course_journals_for_messages: 查看课程留言
|
||||
permission_select_course_modules: 选择课程模块
|
||||
permission_view_course_files: 查看课程资源
|
||||
permission_add_course: 新建课程
|
||||
permission_edit_course: 编辑课程
|
||||
permission_select_contest_modules: 选择竞赛模块
|
||||
permission_manage_contestnotifications: 管理竞赛通知
|
||||
|
||||
|
||||
|
||||
project_module_issue_tracking: 问题跟踪
|
||||
|
@ -1289,6 +1303,9 @@ zh:
|
|||
permission_add_documents: Add documents
|
||||
permission_edit_documents: Edit documents
|
||||
permission_delete_documents: Delete documents
|
||||
permission_add_documents: 新建文档
|
||||
permission_edit_documents: 编辑文档
|
||||
permission_delete_documents: 删除文档
|
||||
label_gantt_progress_line: Progress line
|
||||
setting_jsonp_enabled: Enable JSONP support
|
||||
field_inherit_members: Inherit members
|
||||
|
|
|
@ -1,11 +1,18 @@
|
|||
# -*coding:utf-8 -*-
|
||||
class AddAuthority < ActiveRecord::Migration
|
||||
def change
|
||||
# 添加课程权限
|
||||
Role.all.each do |role|
|
||||
if role.name == '学生'
|
||||
role.permissions.append(:paret_in_homework)
|
||||
role.permissions.append(:as_student)
|
||||
elsif role.name == 'Manager'
|
||||
role.permissions.append(:is_manager)
|
||||
role.permissions.append(:as_teacher)
|
||||
elsif role.name == '助教'
|
||||
role.permissions.append(:as_teacher)
|
||||
elsif role.name == '老师'
|
||||
role.permissions.append(:as_teacher)
|
||||
end
|
||||
role.save(:validate => false)
|
||||
end
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
#
|
||||
# It's strongly recommended to check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(:version => 20140707095213) do
|
||||
ActiveRecord::Schema.define(:version => 20140708023356) do
|
||||
|
||||
create_table "activities", :force => true do |t|
|
||||
t.integer "act_id", :null => false
|
||||
|
|
|
@ -100,6 +100,8 @@ Redmine::AccessControl.map do |map|
|
|||
map.permission :view_journals_for_messages, {:gantts => [:show, :update]}, :read => true
|
||||
map.permission :quote_project, {},:require => :member
|
||||
map.permission :is_manager,{},:require => :member
|
||||
map.permission :as_teacher,{},:require => :member
|
||||
map.permission :as_student,{},:require => :member
|
||||
|
||||
#课程权限模块
|
||||
#added by nwb
|
||||
|
|
Loading…
Reference in New Issue