Merge branch 'szzh' of http://repository.trustie.net/xianbo/trustie2 into szzh
This commit is contained in:
commit
fae3c45920
|
|
@ -103,7 +103,11 @@ class MessagesController < ApplicationController
|
||||||
|
|
||||||
# Edit a message
|
# Edit a message
|
||||||
def edit
|
def edit
|
||||||
|
if @project
|
||||||
(render_403; return false) unless @message.editable_by?(User.current)
|
(render_403; return false) unless @message.editable_by?(User.current)
|
||||||
|
else
|
||||||
|
(render_403; return false) unless @message.course_editable_by?(User.current)
|
||||||
|
end
|
||||||
@message.safe_attributes = params[:message]
|
@message.safe_attributes = params[:message]
|
||||||
if request.post? && @message.save
|
if request.post? && @message.save
|
||||||
attachments = Attachment.attach_files(@message, params[:attachments])
|
attachments = Attachment.attach_files(@message, params[:attachments])
|
||||||
|
|
@ -124,7 +128,11 @@ class MessagesController < ApplicationController
|
||||||
|
|
||||||
# Delete a messages
|
# Delete a messages
|
||||||
def destroy
|
def destroy
|
||||||
|
if @project
|
||||||
(render_403; return false) unless @message.destroyable_by?(User.current)
|
(render_403; return false) unless @message.destroyable_by?(User.current)
|
||||||
|
else
|
||||||
|
(render_403; return false) unless @message.course_destroyable_by?(User.current)
|
||||||
|
end
|
||||||
r = @message.to_param
|
r = @message.to_param
|
||||||
@message.destroy
|
@message.destroy
|
||||||
# modify by nwb
|
# modify by nwb
|
||||||
|
|
|
||||||
|
|
@ -127,6 +127,14 @@ class Message < ActiveRecord::Base
|
||||||
board.course
|
board.course
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def course_editable_by?(usr)
|
||||||
|
usr && usr.logged? && (usr.allowed_to?(:edit_messages, course) || (self.author == usr && usr.allowed_to?(:edit_own_messages, course)))
|
||||||
|
end
|
||||||
|
|
||||||
|
def course_destroyable_by?(usr)
|
||||||
|
usr && usr.logged? && (usr.allowed_to?(:delete_messages, course) || (self.author == usr && usr.allowed_to?(:delete_own_messages, course)))
|
||||||
|
end
|
||||||
|
|
||||||
def editable_by?(usr)
|
def editable_by?(usr)
|
||||||
usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
|
usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
<div class="content-title-top-avtive">
|
<div class="content-title-top-avtive">
|
||||||
<!-- <h3><%= @author.nil? ? l(:label_activity) : l(:label_user_activity, link_to_user(@author)).html_safe %></h3> -->
|
<!-- <h3><%= @author.nil? ? l(:label_activity) : l(:label_user_activity, link_to_user(@author)).html_safe %></h3> -->
|
||||||
<p class="subtitle">
|
<p class="subtitle">
|
||||||
<%= l(:label_date_from_to, :start => format_date(@date_from), :end => format_date(@date_to - 1)) %>
|
<%#= l(:label_date_from_to, :start => format_date(@date_from), :end => format_date(@date_to - 1)) %>
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<% @events_by_day.keys.sort.reverse.each do |day| %>
|
<% @events_by_day.keys.sort.reverse.each do |day| %>
|
||||||
|
|
|
||||||
|
|
@ -148,7 +148,7 @@
|
||||||
"编辑",
|
"编辑",
|
||||||
{:action => 'edit', :id => message},
|
{:action => 'edit', :id => message},
|
||||||
:title => l(:button_edit)
|
:title => l(:button_edit)
|
||||||
) if message.editable_by?(User.current) %>
|
) if message.course_editable_by?(User.current) %>
|
||||||
<%= link_to(
|
<%= link_to(
|
||||||
#image_tag('delete.png'),
|
#image_tag('delete.png'),
|
||||||
"删除",
|
"删除",
|
||||||
|
|
@ -156,7 +156,7 @@
|
||||||
:method => :post,
|
:method => :post,
|
||||||
:data => {:confirm => l(:text_are_you_sure)},
|
:data => {:confirm => l(:text_are_you_sure)},
|
||||||
:title => l(:button_delete)
|
:title => l(:button_delete)
|
||||||
) if message.destroyable_by?(User.current) %>
|
) if message.course_destroyable_by?(User.current) %>
|
||||||
</div></td>
|
</div></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
|
|
|
||||||
|
|
@ -43,8 +43,13 @@ module Redmine
|
||||||
end
|
end
|
||||||
|
|
||||||
def attachments_visible?(user=User.current)
|
def attachments_visible?(user=User.current)
|
||||||
|
if self.respond_to?(:project)
|
||||||
(respond_to?(:visible?) ? visible?(user) : true) &&
|
(respond_to?(:visible?) ? visible?(user) : true) &&
|
||||||
user.allowed_to?(self.class.attachable_options[:view_permission], self.project)
|
user.allowed_to?(self.class.attachable_options[:view_permission], self.project)
|
||||||
|
else
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def attachments_deletable?(user=User.current)
|
def attachments_deletable?(user=User.current)
|
||||||
|
|
|
||||||
|
|
@ -107,7 +107,7 @@
|
||||||
<%
|
<%
|
||||||
submit_url = url_for(:controller => 'code_review', :action => 'new', :id=>@project)
|
submit_url = url_for(:controller => 'code_review', :action => 'new', :id=>@project)
|
||||||
%>
|
%>
|
||||||
<%= button_to_function l(:button_apply), "$('#review-form').load('#{submit_url}', $('#review_form').serialize2json())" %>
|
<%= button_to_function l(:label_button_ok), "$('#review-form').load('#{submit_url}', $('#review_form').serialize2json())" %>
|
||||||
|
|
||||||
<input type="button" value="<%=h l(:button_cancel) %> " onclick="javascript:hideForm();"/>
|
<input type="button" value="<%=h l(:button_cancel) %> " onclick="javascript:hideForm();"/>
|
||||||
<%= preview_link({ :controller => 'code_review', :action => 'preview', :id => @project}, 'review_form') %>
|
<%= preview_link({ :controller => 'code_review', :action => 'preview', :id => @project}, 'review_form') %>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue