资源申请权限控制
This commit is contained in:
parent
66709b16e5
commit
eead7962cf
|
|
@ -363,7 +363,11 @@ class ApplicationController < ActionController::Base
|
|||
when "contest"
|
||||
return true
|
||||
when "Course"
|
||||
allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
|
||||
if @attachment.get_status_by_attach(User.current.id) == 2
|
||||
return true
|
||||
else
|
||||
allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
|
||||
end
|
||||
else
|
||||
return true
|
||||
end
|
||||
|
|
|
|||
|
|
@ -2705,7 +2705,7 @@ class UsersController < ApplicationController
|
|||
|
||||
# 获取公共资源搜索
|
||||
def get_public_resources_search user_course_ids, user_project_ids, order, score, search
|
||||
attachments = Attachment.where("is_publish = 1 and is_public = 1 and container_id is not null and container_type in('Project','OrgSubfield','Principal','Course') and (filename like :p)", :p => search).order("#{order.nil? ? 'created_on' : order} #{score}")
|
||||
attachments = Attachment.where("is_publish = 1 and container_id is not null and container_type in('Project','OrgSubfield','Principal','Course') and (filename like :p)", :p => search).order("#{order.nil? ? 'created_on' : order} #{score}")
|
||||
end
|
||||
|
||||
# 获取我的资源
|
||||
|
|
|
|||
|
|
@ -58,12 +58,21 @@ module ApplicationHelper
|
|||
when "Course"
|
||||
User.current.member_of_course?(attachment.container) ? true : false
|
||||
when "OrgSubfield"
|
||||
User.current.member_of_org?(attachment.container) ? true : false
|
||||
User.current.member_of_org?(attachment.container.organization) ? true : false
|
||||
when "Principal"
|
||||
User.current.id == attachment.author_id ? true : false
|
||||
end
|
||||
end
|
||||
|
||||
# 判断某个私有资源是否可以发送下载权限
|
||||
# 结果为true不能下载,false可以下载
|
||||
def private_attachment_allow attachment_id
|
||||
attach = Attachment.find(attachment_id)
|
||||
# 条件取否,result结果为true则不能下载
|
||||
result = attach.is_public == 0 && attach.author != User.current && !attach.get_apply_resource_status(attach.id, User.current.id) && !attach_show_allow(attach)
|
||||
return result
|
||||
end
|
||||
|
||||
# Time 2015-03-24 15:27:29
|
||||
# Author lizanle
|
||||
# Description 从硬盘上删除对应的资源文件
|
||||
|
|
@ -2109,20 +2118,20 @@ module ApplicationHelper
|
|||
candown= User.current.member_of?(project) || (project.is_public && attachment.is_public == 1)
|
||||
elsif attachment.container.is_a?(Project)
|
||||
project = attachment.container
|
||||
candown= User.current.member_of?(project) || (project.is_public && attachment.is_public == 1)
|
||||
candown = User.current.member_of?(project) || (attachment.is_public == 1) || attachment.get_status_by_attach(User.current.id) == 2
|
||||
elsif (attachment.container.has_attribute?(:board) || attachment.container.has_attribute?(:board_id)) && attachment.container.board &&
|
||||
attachment.container.board.project
|
||||
project = attachment.container.board.project
|
||||
candown = User.current.member_of?(project) || (project.is_public && attachment.is_public == 1)
|
||||
elsif (attachment.container.has_attribute?(:course) ||attachment.container.has_attribute?(:course_id) ) && attachment.container.course
|
||||
course = attachment.container.course
|
||||
candown = User.current.member_of_course?(course) || (course.is_public==1 && attachment.is_public == 1)
|
||||
candown = User.current.member_of_course?(course) || (attachment.is_public == 1) || attachment.get_status_by_attach(User.current.id) == 2
|
||||
elsif attachment.container.is_a?(Course)
|
||||
course = attachment.container
|
||||
candown= User.current.member_of_course?(course) || (course.is_public==1 && attachment.is_public == 1)
|
||||
candown= User.current.member_of_course?(course) || (attachment.is_public == 1) || attachment.get_status_by_attach(User.current.id) == 2
|
||||
elsif attachment.container.is_a?(OrgSubfield)
|
||||
org = attachment.container.organization
|
||||
candown = User.current.member_of_org?(org) || (org.is_public && attachment.is_public == 1)
|
||||
candown = User.current.member_of_org?(org) || (attachment.is_public == 1) || attachment.get_status_by_attach(User.current.id) == 2
|
||||
elsif attachment.container.is_a?(OrgDocumentComment)
|
||||
org = attachment.container.organization
|
||||
candown = User.current.member_of_org?(org) || (org.is_public && attachment.is_public == 1)
|
||||
|
|
|
|||
|
|
@ -142,7 +142,8 @@ class Attachment < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def get_apply_resource_status attachment_id, author_id
|
||||
ApplyResource.where("attachment_id =? and apply_user_id =?", attachment_id, author_id).first.try(:status)
|
||||
status = ApplyResource.where("attachment_id =? and user_id =?", attachment_id, author_id).first.try(:status)
|
||||
status == 2 ? true :false
|
||||
end
|
||||
|
||||
# add by nwb
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<% attachments.each do |attach| %>
|
||||
<ul class="resource-list" onmouseover="if($('#contextMenu').css('display') != 'block')$(this).children().css('background-color', '#e1e1e1')" onmouseout=" if($('#contextMenu').css('display') == 'none')$(this).children().css('background-color', 'white')">
|
||||
<li class="resource-list-checkbox fl">
|
||||
<% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current && attach.get_apply_resource_status(attach.id, attach.author_id) != 2 && !attach_show_allow(attach) %>
|
||||
<% if private_attachment_allow(attach.id) && (@type == "6" || @type == "2") %>
|
||||
<input name="checkbox1[]" type="checkbox" disabled="disabled" data-has-history="<%= attach.attachment_histories.count == 0 ? 'N' : 'Y' %>" data-deleteble="<%= User.current.id ==attach.author_id ? 'Y' : 'N' %>" onclick="checkAllBox($(this));" value="<%= attach.id%>" class="resourcesCheckbox" />
|
||||
<% else %>
|
||||
<input name="checkbox1[]" type="checkbox" data-has-history="<%= attach.attachment_histories.count == 0 ? 'N' : 'Y' %>" data-deleteble="<%= User.current.id ==attach.author_id ? 'Y' : 'N' %>" onclick="checkAllBox($(this));" value="<%= attach.id%>" class="resourcesCheckbox" />
|
||||
|
|
@ -14,17 +14,17 @@
|
|||
<!--<input name="checkbox2" type="checkbox" value="" class="resourcesCheckbox" />-->
|
||||
</li>
|
||||
<li class="resource-list-name fl">
|
||||
<% if attach.is_public == 0 && !attach_show_allow(attach) && attach.get_apply_resource_status(attach.id, attach.author_id) != "2" %>
|
||||
<% if private_attachment_allow(attach.id) %>
|
||||
<a style="cursor: default" class = "resourcesBlack resource-list-middle hidden mw280" title="<%= attach.filename %>"><%= attach.filename %> </a>
|
||||
<% else %>
|
||||
<%= link_to truncate(attach.filename, :length => 30), download_named_attachment_path(attach.id, attach.filename), :title => attach.filename, :class => 'resourcesBlack resource-list-middle hidden mw280' %>
|
||||
<% end %>
|
||||
<% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current %>
|
||||
<% if private_attachment_allow(attach.id) && (@type == "6" || @type == "2") %>
|
||||
<img src="/images/locked.png" alt="私有" title="私有" class="resource-list-middle" height="16" width="16">
|
||||
<% end %>
|
||||
</li>
|
||||
<li class="resource-list-apply fr" id="resource_apply_status_<%=attach.id %>">
|
||||
<% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current && !attach_show_allow(attach) %>
|
||||
<% if private_attachment_allow(attach.id) && (@type == "6" || @type == "2") %>
|
||||
<% ah = attach.get_status_by_attach(User.current.id) %>
|
||||
<% if ah.nil? %>
|
||||
<%= link_to("请求分享", apply_resource_user_path(User.current.id, :attachment_id => attach.id), :class => 'green_btn_share c_white', :remote => true) %>
|
||||
|
|
@ -36,7 +36,12 @@
|
|||
已拒绝
|
||||
<% end %>
|
||||
<% else %>
|
||||
--
|
||||
<% ah = attach.get_status_by_attach(User.current.id) %>
|
||||
<% if ah == 2 %>
|
||||
可引用
|
||||
<% else %>
|
||||
--
|
||||
<% end %>
|
||||
<% end %>
|
||||
</li>
|
||||
<li class="resource-list-time fr"><%= format_date(attach.created_on) %></li>
|
||||
|
|
@ -47,9 +52,9 @@
|
|||
<li class="resource-list-uploader fr hidden"><%=User.find(attach.author_id).realname.blank? ? User.find(attach.author_id).nickname : User.find(attach.author_id).realname %></li>
|
||||
<li class="resource-list-type fr"><%= get_resource_type(attach.container_type)%></li>
|
||||
<li class="resource-list-from fr hidden" title="<%= get_resource_origin(attach) %>"><%= get_resource_origin(attach) %></li>
|
||||
<li style="display: none"><%= attach.is_public %></li>
|
||||
<li style="display: none"><%= private_attachment_allow(attach.id) %></li>
|
||||
<li style="display: none"><%= attach.get_apply_resource_status(attach.id, User.current.id) %></li>
|
||||
<li style="display: none"><%= attach_show_allow(attach) == true ? 0 : 1 %></li>
|
||||
<li style="display: none"><%= private_attachment_allow(attach.id) ? 0 : 1 %></li>
|
||||
<li style="display: none"><%= attach.id %></li>
|
||||
</ul>
|
||||
<div class="cl"></div>
|
||||
|
|
@ -99,11 +104,9 @@
|
|||
document.oncontextmenu = function() {return true;}
|
||||
line.children().css("background-color",'white');
|
||||
id = line.children().last().html();
|
||||
is_public = line.children().eq(11).html();
|
||||
user_id = line.children().eq(6).html();
|
||||
apply_status = line.children().eq(12).html();
|
||||
allow = line.children().eq(13).html();
|
||||
if(is_public == 0 && user_id != '<%= User.current.id %>' && apply_status != 2 && allow == 1){
|
||||
if( allow == 0){
|
||||
alert('您无权发送私有资源')
|
||||
}else{
|
||||
if (lastSendType === '2'){ //如果已经发送过一次了,那么就应该沿用上次发送的类型。
|
||||
|
|
|
|||
|
|
@ -6,20 +6,20 @@
|
|||
<ul class="subjectRow">
|
||||
<li class="subjectName fl hidden">
|
||||
<label>
|
||||
<% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current && attach.get_apply_resource_status(attach.id, attach.author_id) != 2 && !attach_show_allow(attach)%>
|
||||
<% if private_attachment_allow(attach.id) && (@type == "6" || @type == "2") %>
|
||||
<input name="checkbox1[]" type="checkbox" disabled="disabled" data-has-history="<%= attach.attachment_histories.count == 0 ? 'N' : 'Y' %>" data-deleteble="<%= User.current.id ==attach.author_id ? 'Y' : 'N' %>" onclick="checkAllBox($(this));" value="<%= attach.id%>" class="mr5" style="vertical-align:middle;" />
|
||||
<% else %>
|
||||
<input name="checkbox1[]" type="checkbox" data-has-history="<%= attach.attachment_histories.count == 0 ? 'N' : 'Y' %>" data-deleteble="<%= User.current.id ==attach.author_id ? 'Y' : 'N' %>" onclick="checkAllBox($(this));" value="<%= attach.id%>" class="mr5" style="vertical-align:middle;" />
|
||||
<% end %>
|
||||
|
||||
<span>
|
||||
<% if attach.is_public == 0 && !attach_show_allow(attach) && attach.get_apply_resource_status(attach.id, attach.author_id) != 2 %>
|
||||
<% if private_attachment_allow(attach.id) %>
|
||||
<a style="cursor: default" title="<%= attach.filename %>"><%= attach.filename %> </a>
|
||||
<% else %>
|
||||
<%= link_to truncate(attach.filename, :length => 30), download_named_attachment_path(attach.id, attach.filename), :title => attach.filename%>
|
||||
<% end %>
|
||||
</span>
|
||||
<% if attach.is_public == 0 && (@type == "6" || @type == "2") && attach.author != User.current %>
|
||||
<% if private_attachment_allow(attach.id) && (@type == "6" || @type == "2") %>
|
||||
<img src="/images/locked.png" alt="私有" title="私有" class="resource-list-middle" height="16" width="16">
|
||||
<% end %>
|
||||
</label>
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@
|
|||
<a href="<%= user_resource_user_path(@user, :type => '1', :status => 6) %>" class="resource-tab" id="my_resource_list" data-remote="true">我的资源</a>
|
||||
</li>
|
||||
<li class="fl resource-switch">
|
||||
<a href="<%= user_resource_user_path(@user, :type => '2', :status => 6) %>" class="resource-tab" id="private_resource_list" data-remote="true">引用资源</a>
|
||||
<a href="<%= user_resource_user_path(@user, :type => '2', :status => 6) %>" class="resource-tab" id="private_resource_list" data-remote="true">申请资源</a>
|
||||
</li>
|
||||
<li class="fl w680 border-bottom h34"> </li>
|
||||
<li class="fr resource-banner-li border-bottom h34">
|
||||
|
|
|
|||
Loading…
Reference in New Issue