权限控制

This commit is contained in:
huang 2017-02-24 15:33:15 +08:00
parent 2e81633308
commit bd0bd02084
6 changed files with 19 additions and 18 deletions

View File

@ -932,7 +932,7 @@ class ProjectsController < ApplicationController
def training_task_status
status = params[:status].to_i
task_id = params[:taskId]
message = params[:msg].to_i
message = params[:msg]
begin
@training_task = TrainingTask.find(task_id)
# 如果已经执行成功过,则不重复执行
@ -953,11 +953,11 @@ class ProjectsController < ApplicationController
@training_task.update_attribute(:status, 1)
end
# 创建一条回复提醒
content = "恭喜您通过测评"
content = position == original_tasks_count ? "恭喜您,您已经完成了实训项目的所有任务" : "恭喜您,您已经完成了本任务"
add_training_task_journal(content, original_project.user_id)
end
else
content = "遗憾,您没有通过该步"
content = "抱歉,您的任务未通过,请继续加油,错误信息如下:#{message}"
add_training_task_journal(content, original_project.user_id)
end
end

View File

@ -2,11 +2,12 @@
class TrainingTasksController < ApplicationController
layout 'base_projects'
before_filter :find_training_task, :only => [:show, :edit, :update, :add_journal, :complete_training_task]
before_filter :find_project, :only => [:index, :new, :create, :update_form, :issue_commits, :commit_for_issue, :issue_commit_delete, :destroy]
before_filter :allow_manager, :only => [:index, :show]
before_filter :allow_members, :only => [:new, :create]
before_filter :build_new_task_from_params, :only => [:new, :create, :update_form]
before_filter :find_training_task, :only => [:show, :edit, :update, :add_journal, :complete_training_task]
# before_filter :find_issues, :only => [:bulk_edit, :bulk_update, :destroy]
@ -95,6 +96,9 @@ class TrainingTasksController < ApplicationController
# Add a new issue
# The new issue will be created from an existing one if copy_from parameter is given
def new
if @project.is_child_training_project?
return render_404
end
# 顶部导航
@project_menu_type = 11
respond_to do |format|
@ -104,6 +108,9 @@ class TrainingTasksController < ApplicationController
# 用户发布新任务
def create
if @project.is_child_training_project?
return render_404
end
@training_task.save_attachments(params[:attachments] || (params[:training_task] && params[:training_task][:uploads]))
@training_task.subject = params[:training_task][:subject]
@training_task.description = params[:training_task][:description]
@ -312,6 +319,10 @@ class TrainingTasksController < ApplicationController
render_404
end
def find_training_task
end
def allow_members
if !(User.current.member_of?(@project) || User.current.admin?)
render_403
@ -319,7 +330,7 @@ class TrainingTasksController < ApplicationController
end
def allow_manager
if !(User.current.admin? || is_project_member?(User.current.id, @project.id))
if !(User.current.admin? || is_project_manager?(User.current.id, @project.id) || is_project_manager?(User.current, @project.try(:forked_from_project_id)) )
return render_403
end
end

View File

@ -43,7 +43,7 @@
<% end %>
<!--实训任务-->
<% if !@project.enabled_modules.where("name = 'training_tasks'").empty? %>
<% if User.current.admin? || is_project_member?(User.current.id, @project.id) %>
<% if User.current.admin? || is_project_manager?(User.current.id, @project.id) || is_project_manager?(User.current, @project.try(:forked_from_project_id)) %>
<li id="project_menu_011">
<%= link_to training_tasks_count > 0 ? "#{l(:project_module_training_tasks)}<span class='issues_nav_tag ml5'>#{switch_integer_into_k training_tasks_count}</span>".html_safe : "#{l(:project_module_training_tasks)}", project_training_tasks_url(@project), :class => "pro_new_proname", :title => "#{training_tasks_count}" %>
</li>

View File

@ -41,7 +41,7 @@
<% when "Issue" %>
<%= render :partial => 'projects/act_issues', :locals => {:activity => activity.forge_act, :user_activity_id => activity.id, :project_id => activity.project_id} %>
<% when "TrainingTask" %>
<% if User.current.admin? || is_project_member?(User.current.id, @project.id) %>
<% if User.current.admin? || is_project_manager?(User.current.id, @project.id) || is_project_manager?(User.current, @project.try(:forked_from_project_id)) %>
<%= render :partial => 'projects/act_training_tasks', :locals => {:activity => activity.forge_act, :user_activity_id => activity.id, :project_id => activity.project_id} %>
<% end %>
<!--message-->

View File

@ -8,7 +8,7 @@
<% end %>
<div class=" fl ml5">
<div class="issues_list_titlebox clear">
<a href="<%= training_task_path(activity)%>" class="issues_list_title fl task-list-title" target="_blank" title="<%= activity.subject.to_s %>" >
<a href="<%= training_task_path(activity, :project_id => @project.id) %>" class="issues_list_title fl task-list-title" target="_blank" title="<%= activity.subject.to_s %>" >
<span class="task-step mr5">step<%= activity.position %></span>
<%= activity.subject.to_s %>
</a>
@ -31,13 +31,6 @@
<a href="javascript:void(0);" class="fl mt2"><%= activity.journals.count %></a>
<% end %>
</td>
<% if @project.is_child_training_project? %>
<td>
<div id="task_action_status_<%= activity.id %>">
<%= render :partial => 'action_status', :locals => {:activity => activity} %>
</div>
</td>
<% end %>
</tr>
<% end %>

View File

@ -222,9 +222,6 @@
<tr>
<th><p class="text-left">所有<span class="issues_nav_tag ml5" style=" font-weight: normal;"><%= @training_tasks_count %></span></p></th>
<th class="w50">&nbsp;</th>
<% if @project.is_child_training_project? %>
<th class="w100">&nbsp;</th>
<% end %>
</tr>
</thead>
<tbody id="issue_list">