可发送权限控制

2016-05-19 15:59:59 +08:00 · 2016-05-19 15:59:59 +08:00 · 984f706722
parent 0b2f6c9a53
commit 984f706722
2 changed files with 27 additions and 12 deletions
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@ -140,6 +140,11 @@ class Attachment < ActiveRecord::Base
        }
    )
  end
+
+  def get_apply_resource_status attachment_id, author_id
+    ApplyResource.where("attachment_id =? and apply_user_id =?", attachment_id, author_id).first.try(:status)
+  end
+
  # add by nwb
  # 公开的项目id列表
  def self.public_project_id
--- a/app/views/users/_resources_list.html.erb
+++ b/app/views/users/_resources_list.html.erb
@ -16,7 +16,7 @@
            <% end %>
          </li>
          <li class="resource-list-apply fr" id="resource_apply_status_<%=attach.id %>">
-            <% if attach.is_public == 0 && @type == "6" && attach.author != User.current %>
+            <% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current %>
                <% ah = attach.get_status_by_attach(User.current.id) %>
                <% if ah.nil? %>
                    <%= link_to("请求分享", apply_resource_user_path(User.current.id, :attachment_id => attach.id), :class => 'green_btn_share c_white', :remote => true) %>
@ -39,6 +39,8 @@
          <li class="resource-list-uploader fr hidden"><%=User.find(attach.author_id).realname.blank? ? User.find(attach.author_id).nickname : User.find(attach.author_id).realname %></li>
          <li class="resource-list-type fr"><%= get_resource_type(attach.container_type)%></li>
          <li class="resource-list-from fr hidden" title="<%= get_resource_origin(attach) %>"><%= get_resource_origin(attach) %></li>
+          <li style="display: none"><%= attach.is_public %></li>
+          <li style="display: none"><%= attach.get_apply_resource_status(attach.id, attach.author_id) %></li>
          <li style="display: none"><%= attach.id %></li>
        </ul>
        <div class="cl"></div>
@ -87,19 +89,27 @@
        document.oncontextmenu = function() {return true;}
        line.children().css("background-color",'white');
        id = line.children().last().html();
-        if (lastSendType === '2'){  //如果已经发送过一次了，那么就应该沿用上次发送的类型。
-            $.ajax({
-                type: 'get',
-                url: '<%= search_user_project_user_path(User.current.id) %>' + "?send_id=" + id + "&type=<%= @type %>",
-                data:{send_type:'file'}
-            });
+        is_public = line.children().eq(11).html();
+        user_id = line.children().eq(6).html();
+        apply_status = line.children().eq(12).html();
+        if(is_public == 0 && user_id != '<%= User.current.id %>' && apply_status != 2){
+            alert('您无权发送私有资源')
        }else{
-            $.ajax({
-                type: 'get',
-                url: '<%= search_user_course_user_path(User.current.id)%>' + "?send_id=" + id + "&type=<%= @type %>",
-                data:{send_type:'file'}
-            });
+            if (lastSendType === '2'){  //如果已经发送过一次了，那么就应该沿用上次发送的类型。
+                $.ajax({
+                    type: 'get',
+                    url: '<%= search_user_project_user_path(User.current.id) %>' + "?send_id=" + id + "&type=<%= @type %>",
+                    data:{send_type:'file'}
+                });
+            }else{
+                $.ajax({
+                    type: 'get',
+                    url: '<%= search_user_course_user_path(User.current.id)%>' + "?send_id=" + id + "&type=<%= @type %>",
+                    data:{send_type:'file'}
+                });
+            }
        }
+
    }

    function batch_send(){