课程通知访问增加权限控制
This commit is contained in:
parent
d2814b4b47
commit
a2537899b7
|
@ -65,23 +65,27 @@ class NewsController < ApplicationController
|
||||||
format.atom { render_feed(@newss, :title => (@project ? @project.name : Setting.app_title) + ": #{l(:label_news_plural)}") }
|
format.atom { render_feed(@newss, :title => (@project ? @project.name : Setting.app_title) + ": #{l(:label_news_plural)}") }
|
||||||
end
|
end
|
||||||
elsif @course
|
elsif @course
|
||||||
scope = @course ? @course.news.course_visible : News.course_visible
|
if (User.current.admin? || @course.is_public == 1 || (@course.is_public == 0 && User.current.member_of_course?(@course)))
|
||||||
|
scope = @course ? @course.news.course_visible : News.course_visible
|
||||||
|
|
||||||
@news_count = scope.count
|
@news_count = scope.count
|
||||||
@news_pages = Paginator.new @news_count, @limit, params['page']
|
@news_pages = Paginator.new @news_count, @limit, params['page']
|
||||||
@offset ||= @news_pages.offset
|
@offset ||= @news_pages.offset
|
||||||
@newss = scope.all(:include => [:author, :course],
|
@newss = scope.all(:include => [:author, :course],
|
||||||
:order => "#{News.table_name}.created_on DESC",
|
:order => "#{News.table_name}.created_on DESC",
|
||||||
:offset => @offset,
|
:offset => @offset,
|
||||||
:limit => @limit)
|
:limit => @limit)
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
format.html {
|
format.html {
|
||||||
@news = News.new
|
@news = News.new
|
||||||
render :layout => 'base_courses'
|
render :layout => 'base_courses'
|
||||||
}
|
}
|
||||||
format.api
|
format.api
|
||||||
format.atom { render_feed(@newss, :title => (@course ? @course.name : Setting.app_title) + ": #{l(:label_news_plural)}") }
|
format.atom { render_feed(@newss, :title => (@course ? @course.name : Setting.app_title) + ": #{l(:label_news_plural)}") }
|
||||||
|
end
|
||||||
|
else
|
||||||
|
render_403
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue