# -*coding:utf-8 -*- # Redmine - project management software # Copyright (C) 2006-2013 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class MembersController < ApplicationController helper :users model_object Member before_filter :find_model_object, :except => [:index, :create, :autocomplete, :allow_to_join_project, :refused_allow_to_join_project] #before_filter :find_model_object_contest, :except => [:index, :create, :autocomplete] before_filter :find_project_from_association, :except => [:index, :create, :autocomplete, :allow_to_join_project, :refused_allow_to_join_project] before_filter :find_project_by_project_id, :only => [:index, :create, :autocomplete] before_filter :authorize accept_api_auth :index, :show, :create, :update, :destroy def index @offset, @limit = api_offset_and_limit @member_count = @project.member_principals.count @member_pages = Paginator.new @member_count, @limit, params['page'] @offset ||= @member_pages.offset @members = @project.member_principals.all( :order => "#{Member.table_name}.id", :limit => @limit, :offset => @offset ) respond_to do |format| format.html { head 406 } format.api end end def show respond_to do |format| format.html { head 406 } format.api end end # 同意消息中申请加入项目 # 之所以role不在参数中传送是考虑到安全问题 # status(1:申请的消息;2:已操作过该消息(包括同意或者拒绝,消息状态更新);3:决绝消息;4:被拒人收到消息;5:拒绝者收到消息;6:同意后申请人收到消息;7:同意后批准人收到消息) def allow_to_join_project @applied_message = AppliedMessage.find(params[:applied_message_id]) applied_project = @applied_message.applied user = User.find(@applied_message.applied_user_id) project = Project.find(applied_project.project_id) if !applied_project.nil? if user.member_of?(project)|| AppliedMessage.where(:applied_id => @applied_message.applied_id, :status => 1).count == 0 @flash_message = "该申请已被其他管理员处理" # @applied_message.update_attribute(:status, 2) else ap_role = applied_project.try(:role) if ap_role begin members = [] user_grades = [] project_info = [] members << Member.new(:role_ids => ["#{ap_role}"], :user_id => @applied_message.applied_user_id) user_grades << UserGrade.new(:user_id => @applied_message.applied_user_id, :project_id => project.id) role = Role.find(ap_role) project_info << ProjectInfo.new(:project_id => project.id, :user_id => @applied_message.applied_user_id) if role.allowed_to?(:is_manager) project.members << members project.project_infos << project_info project.user_grades << user_grades unless user_grades.first.user_id.nil? # 添加成功后所有管理员收到的消息状态都要更新 applied_messages = AppliedMessage.where(:applied_id => @applied_message.applied_id, :project_id => @applied_message.project_id, :status => 1, :applied_type => "AppliedProject") applied_messages.update_all(:status => 7, :viewed => true) @applied_message = AppliedMessage.find(params[:applied_message_id]) # 添加成功后,申请人收到消息 AppliedMessage.create(:user_id => @applied_message.applied_user_id, :applied_type => "AppliedProject", :applied_id => applied_project.id , :status => 6, :viewed => false, :applied_user_id => @applied_message.user_id, :role => applied_project.role, :project_id => applied_project.project_id) ps = ProjectsService.new ps.send_wechat_join_project_notice user,project,ap_role,0 # 添加成功后,批准人收到消息 # AppliedMessage.create(:user_id => @applied_message.user_id, :applied_type => "AppliedProject", :applied_id => applied_project.id , # :status => 7, :viewed => true, :applied_user_id => @applied_message.applied_user_id, :role => applied_project.role, :project_id => applied_project.project_id) rescue Exception => e puts e end end end end # 同意消息中拒绝加入项目 # params[:user_id]为申请者ID # params[:send_id]为拒绝人ID # status(1:申请的消息;2:已操作过该消息(包括同意或者拒绝,消息状态更新);3:拒绝消息;4:被拒人收到消息;5:拒绝者收到消息;6:同意后申请人收到消息;7:同意后批准人收到消息) def refused_allow_to_join_project @applied_message = AppliedMessage.find(params[:applied_message_id]) # @applied_message.update_attribute(:status, 3) applied_project = @applied_message.applied project = Project.find(@applied_message.project_id) if !applied_project.nil? user = User.find(@applied_message.applied_user_id) if user.member_of?(project) || AppliedMessage.where(:applied_id => @applied_message.applied_id, :status => 1).count == 0 @flash_message = "该申请已被其他管理员处理" # @applied_message.update_attribute(:status, 2) else # 发送消息给被拒者,user_id对应的收到信息的用户 AppliedMessage.create(:user_id => @applied_message.applied_user_id, :applied_type => "AppliedProject", :applied_id => applied_project.id ,:status => 4, :viewed => false, :applied_user_id => @applied_message.user_id, :role => applied_project.role, :project_id => applied_project.project_id) # 拒绝功后所有管理员收到的消息状态都要更新 applied_messages = AppliedMessage.where(:applied_id => @applied_message.applied_id, :project_id => @applied_message.project_id, :status => 1, :applied_type => "AppliedProject") applied_messages.update_all(:status => 5, :viewed => true) @applied_message = AppliedMessage.find(params[:applied_message_id]) # AppliedMessage.create(:user_id => @applied_message.user_id, :applied_type => "AppliedProject", :applied_id => applied_project.id ,:status => 5, # :viewed => true, :applied_user_id => @applied_message.applied_user_id, :role => applied_project.role, :project_id => applied_project.project_id) ps = ProjectsService.new user = User.find(@applied_message.applied_user_id) ap_role = applied_project.try(:role) ps.send_wechat_join_project_notice user,project,ap_role,1 applied_project.delete end end def create if params[:refusal_button] members = [] applied_members = true if params[:membership] if params[:membership][:user_ids] attrs = params[:membership].dup user_ids = attrs.delete(:user_ids) user_ids.each do |user_id| AppliedProject.deleteappiled(user_id, @project.id) end @succes_message = "拒绝成功" end end respond_to do |format| format.js end else #modify by nwb #更改课程成员逻辑 applied_members = false members = [] user_grades = [] if @project project_info = [] if params[:membership] if params[:membership][:user_ids] ActiveRecord::Base.transaction do begin attrs = params[:membership].dup user_ids = attrs.delete(:user_ids) user_ids.each do |user_id| members << Member.new(:role_ids => params[:membership][:role_ids], :user_id => user_id) user_grades << UserGrade.new(:user_id => user_id, :project_id => @project.id) #给新成员发送加入项目的消息,发送者id放在ForgeMessage的forge_message_id字段中, #forge_message_type设置为JoinProject forge_join = ForgeMessage.new(:user_id =>user_id, :forge_message_id=>User.current.id,:project_id => @project.id,:forge_message_type=>"JoinProject", :viewed => false) forge_join.save ## added by nie if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) project_info << ProjectInfo.new(:user_id => user_id, :project_id => @project.id) if role.allowed_to?(:is_manager) # ProjectInfo.create(:name => "test", :user_id => 123) end ## end end rescue Gitlab::Error::Forbidden => e @message = l(:label_pull_request_forbidden) rescue Gitlab::Error::BadRequest => e @message = "添加成员失败,可能是你添加的用户名中含有非法字符" rescue Exception => e puts e end end else members << Member.new(:role_ids => params[:membership][:role_ids], :user_id => params[:membership][:user_id]) user_grades << UserGrade.new(:user_id => params[:membership][:user_id], :project_id => @project.id) ## added by nie if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) project_info << ProjectInfo.new(:project_id => @project.id, :user_id => params[:membership][:user_id]) if role.allowed_to?(:is_manager) end ## end end @project.members << members # added by nie @project.project_infos << project_info @project.user_grades << user_grades unless user_grades.first.user_id.nil? # end end if members.present? && members.all? { |m| m.valid? } members.each do |member| AppliedProject.deleteappiled(member.user_id, @project.id) end end if params[:flag] unless members.present? && members.all? {|m| m.valid? } flash[:error] = members.empty? ? l(:label_user_role_null) :members.collect {|m| m.errors.full_messages}.flatten.uniq.join(', ') else flash[:notice] = l(:label_invite_success) end respond_to do |format| format.html { redirect_to invite_members_project_url(@project) } end else unless members.present? && members.all? {|m| m.valid? } @project_error_message = members.empty? ? l(:label_user_role_null) :members.collect {|m| m.errors.full_messages}.flatten.uniq.join(', ') else @succes_message = "添加成功" end respond_to do |format| format.html { redirect_to_settings_in_projects } format.js format.api { @member = members.first if @member.valid? render :action => 'show', :status => :created, :location => membership_url(@member) else render_validation_errors(@member) end } end end elsif @course course_info = [] if params[:membership] @create_member_error_messages = "角色不能留空" unless params[:membership][:role_ids] @create_member_error_messages = "用户不能留空" unless params[:membership][:user_ids] if params[:membership][:user_ids] attrs = params[:membership].dup user_ids = attrs.delete(:user_ids) user_ids.each do |user_id| member = Member.new(:role_ids => params[:membership][:role_ids], :user_id => user_id) role_ids = params[:membership][:role_ids] #role = Role.find(params[:membership][:role_ids]) # 这里的判断只能通过角色名,可以弄成常量 if role_ids && role_ids.include?("10") StudentsForCourse.create(:student_id => user_id, :course_id =>@course.id) end #给新成员和老师发送加入课程的消息,发送者id放在CourseMessage的course_message_id字段中 #course_message_type设置为JoinCourse #status = 0 表示给学生发,status = 1表示给老师发 course_join = CourseMessage.new(:user_id =>user_id, :course_message_id=>User.current.id,:course_id => @course.id,:course_message_type=>"JoinCourse", :content => role, :viewed => false, :status => 0) course_join.save CourseMessage.create(:user_id => User.current.id, :course_message_id => user_id, :course_id => @course.id, :course_message_type => "JoinCourse",:content => role, :viewed => false, :status => 1) members << member #user_grades << UserGrade.new(:user_id => user_id, :course_id => @course.id) if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) course_info << CourseInfo.new(:user_id => user_id, :course_id => @course.id) if role.allowed_to?(:is_manager) end end else members << Member.new(:role_ids => params[:membership][:role_ids], :user_id => params[:membership][:user_id]) if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) course_info << CourseInfo.new(:course_id => @course.id, :user_id => params[:membership][:user_id]) if role.allowed_to?(:is_manager) end end @course.members << members @course.course_infos << course_info @roles = Role.givable.all[3..5] members = @course.member_principals.includes(:roles, :principal).all.sort else @create_member_error_messages = l(:label_user_role_null) end respond_to do |format| format.html { redirect_to_settings_in_courses } format.js { @members = members; @applied_members = applied_members; } format.api { @member = members.first if @member.valid? render :action => 'show', :status => :created, :location => membership_url(@member) else render_validation_errors(@member) end } end end # end of if @project end # end of params[:refusal_button] end def update #modify by nwb #增加对课程成员修改的支持 if @project if params[:membership] ActiveRecord::Base.transaction do begin @member.role_ids = params[:membership][:role_ids] if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) if role.allowed_to?(:is_manager) @projectInfo = ProjectInfo.new(:user_id => @member.user_id, :project_id => @project.id) @projectInfo.save else user_admin = ProjectInfo.where("user_id = ? and project_id = ?", @member.user_id, @project.id) if user_admin.size > 0 user_admin.each do |user| user.destroy end end end end @member.save! rescue Exception => e puts e end end end respond_to do |format| format.html { redirect_to_settings_in_projects } format.js format.api { if saved render_api_ok else render_validation_errors(@member) end } end elsif @course if params[:membership] @member.role_ids = params[:membership][:role_ids] if (params[:membership][:role_ids]) role = Role.find(params[:membership][:role_ids][0]) # 这里的判断只能通过角色名,可以弄成常量 attrs = params[:membership].dup role_ids = attrs.delete(:role_ids) if role_ids && role_ids.include?("10") StudentsForCourse.create(:student_id => @member.user_id, :course_id =>@course.id) else joined = StudentsForCourse.where('student_id = ? and course_id = ?', @member.user_id,@course.id) joined.each do |join| join.destroy end @member.course_group_id = 0 end if role.allowed_to?(:is_manager) @courseInfo = CourseInfos.new(:user_id => @member.user_id, :course_id => @course.id) @courseInfo.save else user_admin = CourseInfos.where("user_id = ? and course_id = ?", @member.user_id, @course.id) if user_admin.size > 0 user_admin.each do |user| user.destroy end end end end @roles = Role.givable.all[3..5] @members = @course.member_principals.includes(:roles, :principal).all.sort @member = @course.members.new end saved = @member.save respond_to do |format| format.html { redirect_to_settings_in_courses } format.js format.api { if saved render_api_ok else render_validation_errors(@member) end } end end end def destroy #modify by nwb #课程成员删除修改 if @project if request.delete? && @member.deletable? ActiveRecord::Base.transaction do begin @member.destroy # end user_admin = ProjectInfo.where("user_id = ? and project_id = ?", @member.user_id, @project.id) if user_admin.size > 0 user_admin.each do |user| user.destroy end end user_grade = UserGrade.where("user_id = ? and project_id = ?", @member.user_id, @project.id) if user_grade.size > 0 user_grade.each do |grade| grade.destroy end end # 移出的时候删除申请消息,不需要删除消息,所以不必要关联删除 applied_projects = AppliedProject.where(:project_id => @project.id, :user_id => @member.user_id).first unless applied_projects.nil? applied_projects.delete end #移出项目发送消息 ForgeMessage.create(:user_id => @member.user_id, :project_id => @project.id, :forge_message_type => "RemoveFromProject", :viewed => false, :forge_message_id => User.current.id) rescue Exception => e puts e end end end respond_to do |format| format.html { redirect_to_settings_in_projects } format.js format.api { if @member.destroyed? render_api_ok else head :unprocessable_entity end } end elsif @course if request.delete? && @member.deletable? @member.destroy user_admin = CourseInfos.where("user_id = ? and course_id = ?", @member.user_id, @course.id) if user_admin.size > 0 user_admin.each do |user| user.destroy end end joined = StudentsForCourse.where('student_id = ? and course_id = ?', @member.user_id,@course.id) joined.each do |join| join.destroy end @roles = Role.givable.all[3..5] @members = @course.member_principals.includes(:roles, :principal).all.sort #移出课程发送消息 CourseMessage.create(:user_id => @member.user_id, :course_id => @course.id, :course_message_type => "RemoveFromCourse", :viewed => false, :course_message_id => User.current.id) end respond_to do |format| format.html { redirect_to_settings_in_courses } format.js format.api { if @member.destroyed? render_api_ok else head :unprocessable_entity end } end end end def autocomplete @flag = params[:flag] || false respond_to do |format| format.js end end private def redirect_to_settings_in_projects redirect_to settings_project_url(@project, :tab => 'members') end def redirect_to_settings_in_courses redirect_to settings_course_url(@course, :tab => 'members') end end