作业的增、删、改、查以及作业资料的下载增加权限控制
This commit is contained in:
parent
78ac974a75
commit
af68d15451
|
|
@ -18,7 +18,8 @@ class HomeworkAttachController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
#if User.current.logged? && (!Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.nil? && (Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.roles&Role.where('id = ? or id = ? or id =?',5, 10, 7)).size >0)
|
bid = Bid.find params[:bid_id]
|
||||||
|
if User.current.admin? || User.current.member_of?(bid.courses.first)
|
||||||
user_id = params[:user_id]
|
user_id = params[:user_id]
|
||||||
bid_id = params[:bid_id]
|
bid_id = params[:bid_id]
|
||||||
sta = 0
|
sta = 0
|
||||||
|
|
@ -32,7 +33,7 @@ class HomeworkAttachController < ApplicationController
|
||||||
:bid_id => bid_id
|
:bid_id => bid_id
|
||||||
}
|
}
|
||||||
|
|
||||||
#@bid = Bid.find bid_id
|
|
||||||
#@homework_list = @bid.homeworks
|
#@homework_list = @bid.homeworks
|
||||||
|
|
||||||
@homework = HomeworkAttach.new(options)
|
@homework = HomeworkAttach.new(options)
|
||||||
|
|
@ -45,77 +46,98 @@ class HomeworkAttachController < ApplicationController
|
||||||
format.json { head :no_content }
|
format.json { head :no_content }
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
#end
|
else
|
||||||
|
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@homework = HomeworkAttach.new
|
|
||||||
@bid = Bid.find(params[:id])
|
@bid = Bid.find(params[:id])
|
||||||
|
if User.current.admin? || User.current.member_of?(@bid.courses.first)
|
||||||
respond_to do |format|
|
@homework = HomeworkAttach.new
|
||||||
format.html # new.html.erb
|
respond_to do |format|
|
||||||
format.json { render json: @homework }
|
format.html # new.html.erb
|
||||||
|
format.json { render json: @homework }
|
||||||
|
end
|
||||||
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def edit
|
def edit
|
||||||
@homework = HomeworkAttach.find(params[:id])
|
@homework = HomeworkAttach.find(params[:id])
|
||||||
|
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
|
||||||
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
@homework = HomeworkAttach.find(params[:id])
|
@homework = HomeworkAttach.find(params[:id])
|
||||||
name = params[:homework_name]
|
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
|
||||||
description = params[:homework_description]
|
name = params[:homework_name]
|
||||||
@homework.name = name
|
description = params[:homework_description]
|
||||||
@homework.description = description
|
@homework.name = name
|
||||||
if params[:attachments]
|
@homework.description = description
|
||||||
@homework.save_attachments(params[:attachments])
|
if params[:attachments]
|
||||||
end
|
@homework.save_attachments(params[:attachments])
|
||||||
if @homework.save
|
end
|
||||||
respond_to do |format|
|
if @homework.save
|
||||||
format.html { redirect_to project_for_bid_path @homework.bid }
|
respond_to do |format|
|
||||||
format.json { head :no_content }
|
format.html { redirect_to project_for_bid_path @homework.bid }
|
||||||
|
format.json { head :no_content }
|
||||||
|
end
|
||||||
|
else
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
@homework = HomeworkAttach.find(params[:id])
|
@homework = HomeworkAttach.find(params[:id])
|
||||||
if @homework.destroy
|
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
|
||||||
respond_to do |format|
|
if @homework.destroy
|
||||||
format.html { redirect_to project_for_bid_path @homework.bid }
|
respond_to do |format|
|
||||||
format.json { head :no_content }
|
format.html { redirect_to project_for_bid_path @homework.bid }
|
||||||
|
format.json { head :no_content }
|
||||||
|
end
|
||||||
|
else
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
#显示作业信息
|
#显示作业信息
|
||||||
def show
|
def show
|
||||||
@homework = HomeworkAttach.find(params[:id])
|
@homework = HomeworkAttach.find(params[:id])
|
||||||
# 打分统计
|
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
|
||||||
stars_reates = @homework.
|
# 打分统计
|
||||||
rates(:quality)
|
stars_reates = @homework.
|
||||||
stars_reates_count = stars_reates.count == 0 ? 1 : stars_reates.count
|
rates(:quality)
|
||||||
stars_status = stars_reates.select("stars, count(*) as scount").
|
stars_reates_count = stars_reates.count == 0 ? 1 : stars_reates.count
|
||||||
group("stars")
|
stars_status = stars_reates.select("stars, count(*) as scount").
|
||||||
@stars_status_map = Hash.new(0.0)
|
group("stars")
|
||||||
stars_status.each do |star_status|
|
@stars_status_map = Hash.new(0.0)
|
||||||
percent = (star_status.scount * 1.0/ stars_reates_count) * 100.to_f
|
stars_status.each do |star_status|
|
||||||
percent_m = format("%.2f", percent)
|
percent = (star_status.scount * 1.0/ stars_reates_count) * 100.to_f
|
||||||
@stars_status_map["star#{star_status.stars.to_i}".to_sym] =
|
percent_m = format("%.2f", percent)
|
||||||
percent_m.to_s + "%"
|
@stars_status_map["star#{star_status.stars.to_i}".to_sym] =
|
||||||
|
percent_m.to_s + "%"
|
||||||
|
end
|
||||||
|
@limit = 10
|
||||||
|
@jours = @homework.journals_for_messages.where("is_comprehensive_evaluation is null").order("created_on DESC")
|
||||||
|
@feedback_count = @jours.count
|
||||||
|
@feedback_pages = Paginator.new @feedback_count, @limit, params['page']
|
||||||
|
@offset ||= @feedback_pages.offset
|
||||||
|
@jour = @jours[@offset, @limit]
|
||||||
|
@comprehensive_evaluation = @homework.journals_for_messages.where("is_comprehensive_evaluation is not null").order("created_on DESC")
|
||||||
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
@limit = 10
|
|
||||||
@jours = @homework.journals_for_messages.where("is_comprehensive_evaluation is null").order("created_on DESC")
|
|
||||||
@feedback_count = @jours.count
|
|
||||||
@feedback_pages = Paginator.new @feedback_count, @limit, params['page']
|
|
||||||
@offset ||= @feedback_pages.offset
|
|
||||||
@jour = @jours[@offset, @limit]
|
|
||||||
@comprehensive_evaluation = @homework.journals_for_messages.where("is_comprehensive_evaluation is not null").order("created_on DESC")
|
|
||||||
end
|
end
|
||||||
|
|
||||||
#删除留言
|
#删除留言
|
||||||
|
|
|
||||||
|
|
@ -26,14 +26,19 @@ class ZipdownController < ApplicationController
|
||||||
obj_id = params[:obj_id]
|
obj_id = params[:obj_id]
|
||||||
user_id = params[:user_id]
|
user_id = params[:user_id]
|
||||||
obj = obj_class.constantize.find(obj_id)
|
obj = obj_class.constantize.find(obj_id)
|
||||||
zipfile = nil
|
|
||||||
case obj.class.to_s.to_sym
|
if User.current.admin? || User.current.member_of?(obj.courses.first)
|
||||||
when :Bid
|
zipfile = nil
|
||||||
zipfile = zip_user_bid obj,user_id
|
case obj.class.to_s.to_sym
|
||||||
else
|
when :Bid
|
||||||
logger.error "[ZipDown#assort] ===> #{obj.class.to_s.to_sym} unKown !!"
|
zipfile = zip_user_bid obj,user_id
|
||||||
|
else
|
||||||
|
logger.error "[ZipDown#assort] ===> #{obj.class.to_s.to_sym} unKown !!"
|
||||||
|
end
|
||||||
|
send_file zipfile, :filename => obj.name, :type => detect_content_type(zipfile) if zipfile
|
||||||
|
else
|
||||||
|
render_403 :message => :notice_not_authorized
|
||||||
end
|
end
|
||||||
send_file zipfile, :filename => obj.name, :type => detect_content_type(zipfile) if zipfile
|
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue