# Redmine - project management software # Copyright (C) 2006-2013 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # Time 2015-01-28 16:34:21 # Author lizanle # Description 封装代码,简化代码,格式化代码, class ProjectsController < ApplicationController layout :select_project_layout before_filter :authorize1, :only => [:show] menu_item :overview, :only => :show menu_item :roadmap, :only => :roadmap menu_item :settings, :only => :settings menu_item :homework, :only => [:homework, :new_homework] menu_item :feedback, :only => :feedback menu_item :share, :only => :share before_filter :find_project, :except => [ :index, :search,:list, :new, :create, :copy, :statistics, :new_join, :course, :enterprise_course, :course_enterprise,:view_homework_attaches,:join_project] before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course] before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches] before_filter :require_admin, :only => [ :copy, :unarchive, :destroy, :calendar] before_filter :file, :statistics #:watcherlist # 除非项目内人员,不可查看成员, TODO: 完了写报表里去 # before_filter :memberAccess, only: :member # accept_rss_auth :index accept_api_auth :index, :show, :create, :update, :destroy after_filter :only => [:create, :edit, :update, :archive, :unarchive, :destroy] do |controller| if controller.request.post? controller.send :expire_action, :controller => 'welcome', :action => 'robots' end end helper :bids include BidsHelper helper :contests include ContestsHelper helper :sort include SortHelper helper :custom_fields include CustomFieldsHelper helper :issues helper :queries include QueriesHelper helper :repositories include RepositoriesHelper include ProjectsHelper helper :members helper :activities helper :documents helper :watchers # helper :watcherlist helper :words helper :project_score helper :user_score include UsersHelper ### added by william include ActsAsTaggableOn::TagsHelper #查找组织 def search_public_orgs_not_in_project condition = '%%' if !params[:name].nil? condition = "%#{params[:name].strip}%".gsub(" ","") end limit = 15 project_org_ids = OrgProject.find_by_sql("select distinct organization_id from org_projects where project_id = #{params[:id]}").map(&:organization_id) << 0 @orgs_not_in_project = User.current.organizations.where("organizations.id not in (#{project_org_ids.join(',')}) and organizations.name like ?", condition).page(params[:page].to_i || 1).per(limit) @org_count = User.current.organizations.where("organizations.id not in (#{project_org_ids.join(',')}) and organizations.name like '#{condition}'").count # if project_org_ids.empty? # @orgs_not_in_project = Organization.where("(is_public or creator_id =?) = 1 and name like ?",User.current.id, condition).page((params[:page].to_i || 1)).per(limit) # @org_count = Organization.where("is_public = 1 or creator_id =?", User.current.id).where("name like ?", condition).count # else # project_org_ids = "(" + project_org_ids.join(',') + ")" # @orgs_not_in_project = Organization.where("id not in #{project_org_ids} and (is_public = 1 or creator_id =?) and name like ?", User.current.id, condition).page((params[:page].to_i || 1)).per(limit) # @org_count = Organization.where("id not in #{project_org_ids} and (is_public = 1 or creator_id =?)", User.current.id).where("name like ?", condition).count # end @orgs_page = Paginator.new @org_count, limit,params[:page] @no_roll_hint = params[:hint_flag] #render :json => {:orgs => @orgs_not_in_project, :count => @org_count}.to_json respond_to do |format| format.js end end def index render_404 end def courserender_404 end # Time 2015-01-29 11:19:11 # Author lizanle # Description 项目搜索方法 def search # 如果有名字,就按名字搜索,如果没有,就展示所有,用Karminari分页 if params[:name].present? @project_pages = Project.project_entities.visible.like(params[:name]).page(params[:page]).per(10) else @project_pages = Project.project_entities.visible.page(params[:page] ).per(10) end @projects = @project_pages.order("created_on desc") @limit = 10#per_page_option @project_count = Project.project_entities.visible.like(params[:name]).page(params[:page]).count @project_pages = Paginator.new @project_count, @limit, params['page'] @name = params[:name] @type = 'projects' respond_to do |format| format.html { render :layout => 'base' scope = Project unless params[:closed] scope = scope.active end } # 需要到处atom使用的格式 (redmine自带) format.atom { projects = Project.visible.order('created_on DESC').limit(Setting.feeds_limit.to_i).all render_feed(projects, :title => "#{Setting.app_title}: #{l(:label_project_latest)}") } end end # Time 2015-01-29 16:13:20 # Author lizanle # Description 项目首页中用户反馈 方法 def feedback @page = params[:page].to_i # Find the page of the requested reply @jours = @project.journals_for_messages.where('m_parent_id IS NULL').order('created_on DESC') limit = 10 offset = @jours.count(:conditions => ["#{JournalsForMessage.table_name}.id > ?", params[:r].to_i]) page = 1 + offset / limit if params[:r] && @page.nil? @page = @page < 0 ? 1 : @page end @page = @page > page ? page : @page @jour = paginateHelper @jours,10 @state = false respond_to do |format| format.html format.api end end def project_respond project_id = request.headers["Referer"].match((%r|/([0-9]{1,})/|))[1] parent_id = params[:reference_id] author_id = User.current.id reply_user_id = params[:reference_user_id] reply_id = params[:reference_message_id] content = params[:project_respond] options = {:user_id => author_id, :m_parent_id => parent_id, :m_reply_id => reply_id, :reply_id => reply_user_id, :notes => content, :is_readed => false} @jfm = Project.add_new_jour(nil, nil, project_id, options) @save_succ = @jfm.errors.empty? respond_to do |format| format.js end end def new if User.current.login? @issue_custom_fields = IssueCustomField.sorted.all @trackers = Tracker.sorted.all @project = Project.new @project.safe_attributes = params[:project] render :layout => 'new_base' else redirect_to signin_url end end def share @shares = @project.shares.reverse @base_courses_tag = @project.project_type respond_to do |format| format.html{render :layout => 'base_courses' if @base_courses_tag==1} format.api end end # 注意:修改该方法的时候注意同步修改forked方法 # forked方法也会创建项目 def create unless User.current.login? redirect_to signin_url return end @issue_custom_fields = IssueCustomField.sorted.all @trackers = Tracker.sorted.all @project = Project.new @project.safe_attributes = params[:project] @project.organization_id = params[:organization_id] @project.user_id = User.current.id @project.project_new_type = params[:project_new_type] params[:project][:is_public] ? @project.is_public = 1 : @project.is_public = 0 if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') # Add current user as a project member if he is not admin #unless User.current.admin? r = Role.givable.find_by_id(Setting.new_project_user_role_id.to_i) || Role.givable.first m = Member.new(:user => User.current, :roles => [r]) # project's score if ProjectScore.where("project_id=?", @project.id).first.nil? ProjectScore.create(:project_id => @project.id, :score => false) end # end project_info = ProjectInfo.new(:user_id => User.current.id, :project_id => @project.id) user_grades = UserGrade.create(:user_id => User.current.id, :project_id => @project.id) Rails.logger.debug "UserGrade created: #{user_grades.to_json}" #if params[:project][:is_public] == '1' project_status = ProjectStatus.create(:project_id => @project.id, :watchers_count => 0, :changesets_count => 0, :project_type => @project.project_type,:grade => 0) Rails.logger.debug "ProjectStatus created: #{project_status.to_json}" #end @project.members << m @project.project_infos << project_info p = Project.find("#{@project.id}") ps = ProjectsService.new ps.send_wechat_create_project_notice User.current,p #end respond_to do |format| format.html { flash[:notice] = l(:notice_successful_create) if params[:continue] attrs = {:parent_id => @project.parent_id}.reject {|k,v| v.nil?} redirect_to new_project_url(attrs, :course => '0') else redirect_to settings_project_url(@project) end } format.api { render :action => 'show', :status => :created, :location => url_for(:controller => 'projects', :action => 'show', :id => @project.id) } format.js end else respond_to do |format| format.html { render :action => 'new', :layout => 'new_base'}#Added by young format.api { render_validation_errors(@project) } end end end def copy @issue_custom_fields = IssueCustomField.sorted.all @trackers = Tracker.sorted.all @source_project = Project.find(params[:id]) if request.get? @project = Project.copy_from(@source_project) @project.identifier = Project.next_identifier if Setting.sequential_project_identifiers? else Mailer.with_deliveries(params[:notifications] == '1') do @project = Project.new @project.safe_attributes = params[:project] if validate_parent_id && @project.copy(@source_project, :only => params[:only]) @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') flash[:notice] = l(:notice_successful_create) redirect_to settings_project_url(@project) elsif !@project.new_record? # Project was created # But some objects were not copied due to validation failures # (eg. issues from disabled trackers) # TODO: inform about that redirect_to settings_project_url(@project) end end end rescue ActiveRecord::RecordNotFound # source_project not found render_404 end # Time 2015-01-29 10:42:00 # Author lizanle # Description 项目动态展示方法,删除了不必要的代码 def show # 更新消息为已读 update_message_status(User.current, @project) # over if params[:jump] && redirect_to_project_menu_item(@project, params[:jump]) return end @author = params[:user_id].blank? ? nil : User.active.find(params[:user_id]) @page = params[:page] ? params[:page].to_i + 1 : 0 # 根据私密性,取出符合条件的所有数据 if User.current.member_of?(@project) || User.current.admin? case params[:type] when nil @events_pages = ForgeActivity.where("project_id = ? and forge_act_type in ('Issue', 'Message','News', 'Project', 'Attachment','Commit')", @project).includes(:forge_act).order("updated_at desc").limit(10).offset(@page * 10) when 'issue' @events_pages = ForgeActivity.where("project_id = ? and forge_act_type = 'Issue'", @project).includes(:forge_act).order("updated_at desc").limit(10).offset(@page * 10) when 'news' @events_pages = ForgeActivity.where("project_id = ? and forge_act_type = 'News'", @project).includes(:forge_act).order("updated_at desc").limit(10).offset(@page * 10) when 'message' @events_pages = ForgeActivity.where("project_id = ? and forge_act_type = 'Message'", @project).includes(:forge_act).order("updated_at desc").limit(10).offset(@page * 10) when 'attachment' @events_pages = ForgeActivity.where("project_id = ? and forge_act_type = 'Attachment'", @project).includes(:forge_act).order("updated_at desc").limit(10).offset(@page * 10) end else @events_pages = ForgeActivity.includes(:project).where("forge_activities.project_id = ? and projects.is_public = ? and forge_act_type != ? ",@project,1, "Document").order("created_at desc").page(params['page'|| 1]).per(10); end # 版本库统计图 # unless @project.gpid.nil? || @project.project_score.changeset_num == 0 # # rep_statics_commit = @project.rep_statics.order("commits_num desc") # rep_statics_commit = RepStatics.find_by_sql("SELECT * FROM `rep_statics` where project_id = #{@project.id} order by commits_num desc limit 10") # rep_statics_code = RepStatics.find_by_sql("SELECT * FROM `rep_statics` where project_id = #{@project.id} order by changeset desc limit 10") # # rep_statics_code = @project.rep_statics.sort_by {|u| u.changeset}.reverse # @a_uname = rep_statics_commit.map {|s| s.uname } # @a_uname_code = rep_statics_code.map {|s| s.uname } # @a_commits_num = rep_statics_commit.map {|s| s.commits_num.to_i } # @a_commits_add = rep_statics_code.map {|s| s.add.to_i } # @a_commits_del = rep_statics_code.map {|s| s.del.to_i } # @a_commits_changeset = rep_statics_code.map {|s| s.changeset.to_i } # g = Gitlab.client # begin # gid = @project.gpid # g_project = g.project(gid) # g_branch = g_project.default_branch.to_s # rescue =>e # logger.error("get default branch failed: " + e) # end # @rev = g_branch.nil? ? "master" : g_branch # end # 根据对应的请求,返回对应的数据 respond_to do |format| format.html format.api format.js end end def settings # 修改查看消息状态 applied_messages = ForgeMessage.where("user_id =? and project_id =? and forge_message_type =? and viewed =?", User.current.id, @project, "AppliedProject", 0) applied_messages.each do |applied_message| applied_message.update_attributes(:viewed => true) end # end @issue_custom_fields = IssueCustomField.sorted.all @issue_category ||= IssueCategory.new @member ||= @project.members.new @trackers = Tracker.sorted.all @wiki ||= @project.wiki @select_tab = params[:tab] #找出所有不属于项目的公共组织 project_org_ids = OrgProject.find_by_sql("select distinct organization_id from org_projects where project_id = #{@project.id}") if project_org_ids.empty? @orgs_not_in_project = Organization.where("is_public = 1") else project_org_ids = "(" + project_org_ids.join(',') + ")" @orgs_not_in_project = Organization.where("id not in #{project_org_ids} and is_public = 1") end # 处理从新建版本库返回来的错误信息 if !params[:repository_error_message].to_s.blank? html = "" errors = params[:repository_error_message].flatten errors.each do |error| # 版本库路径为空的错误信息不予提示 if(error!=l(:label_repository_path_not_null)) html << error << ";" end end if params[:repository] == "pswd_is_null" html << l(:label_password_not_null) end flash.now[:error] = html if !html.to_s.blank? end # for:设置默认分支 scm = params[:repository_scm] || (Redmine::Scm::Base.all & Setting.enabled_scm).first @repository = Repository.factory(scm) @repository.is_default = @project.repository.nil? @repository.project = @project unless @project.gpid.nil? g = Gitlab.client @gitlab_branches = g.branches(@project.gpid) @branch_names = @gitlab_branches.map{|b| b.name} @gitlab_default_branch = g.project(@project.gpid).default_branch end end # 项目邀请用户加入实现过程 # 两种情况:1、系统外用户;2、系统内用户 (通过邮件判定) def send_mail_to_member # 该邮箱未注册过 if !params[:mail].blank? && User.find_by_mail(params[:mail].to_s).nil? if !User.where("login =?", params[:mail]).first.nil? # 用户名唯一,用户修改邮箱,未修改用户名,用户名等同邮箱的情况,默认改用户已经注册 user = User.find_by_login(params[:mail].to_s) if !user.member_of?(@project) # 如果已经邀请过该用户,则不重复发送 if InviteList.where("project_id =? and mail =?", @project.id, params[:mail].to_s).first.nil? email = params[:mail] Mailer.request_member_to_project(email, @project, User.current).deliver flash[:notice] = l(:notice_email_sent, :value => email) else flash[:error] = l(:notice_email_invited) end else flash[:error] = l(:label_member_of_project, :value => email) end else email = params[:mail] first_name = params[:first_name] last_name = params[:last_name] gender = params[:gender] Mailer.send_invite_in_project(email, @project, User.current, first_name, last_name, gender).deliver @is_zhuce = false flash[:notice] = l(:notice_email_sent, :value => email) end # 邮箱地址已被注册 elsif !User.find_by_mail(params[:mail].to_s).nil? user = User.find_by_mail(params[:mail].to_s) if !user.member_of?(@project) # 如果已经邀请过该用户,则不重复发送 invite_list = InviteList.where("project_id =? and mail =?", @project.id, params[:mail].to_s).first if invite_list.nil? email = params[:mail] Mailer.request_member_to_project(email, @project, User.current).deliver flash[:notice] = l(:notice_email_sent, :value => email) else # 已经发送过了,则隔3小时才能再次发送 if Time.now - invite_list.created_at > 10800 email = params[:mail] Mailer.request_member_to_project(email, @project, User.current).deliver flash[:notice] = l(:notice_email_sent, :value => email) else flash[:error] = l(:notice_email_invited) end end else flash[:error] = l(:label_member_of_project, :value => email) end else @is_zhuce = true end respond_to do |format| format.html{redirect_to invite_members_by_mail_project_url(@project)} end end # 发送邮件邀请新用户页面对应方法 def invite_members_by_mail if User.current.member_of?(@project) || User.current.admin? @inviter_lists = InviteList.where(project_id:@project.id).order("created_at desc") # @inviters = [] # @waiters = [] # unless @inviter_lists.blank? # @inviter_lists.each do|inviter_list| # unless inviter_list.user.nil? # if inviter_list.user.member_of?(@project) # @inviters << inviter_list.user # @inviters_count = @inviters.size # else # @waiters << inviter_list.user # @waiters_count = @waiters.size # end # end # end # end @is_zhuce = false respond_to do |format| format.html format.js end else render_403 end end # 邀请Trustie注册用户 # def invite_members # if User.current.member_of?(@project) || User.current.admin? # @member ||= @project.members.new # respond_to do |format| # format.html # end # else # render_403 # end # end def edit end def set_public_or_private @project = Project.find(params[:id]) if @project.is_public? @project.update_attribute(:is_public, 0) else @project.update_attribute(:is_public, 1) end end # by young # include CoursesHelper def member # 消息"同意加入项目" if params[:message_id] message_invite(params[:message_id], params[:key]) end update_message_status(User.current, @project) # params[:login]为邮箱邀请用户加入,主要功能: # 1、自动注册 # 2、加入项目、创建角色 # 3、用户得分 if params[:mail] userid = Token.find_by_value(params[:token]).user_id user = User.find(userid) user.activate! Member.create(:role_ids => [4], :user_id => userid, :project_id => params[:id]) UserGrade.create(:user_id => userid, :project_id => params[:id]) token = Token.get_token_from_user(user, 'autologin') #user = User.try_to_autologin(token.value) if user start_user_session(user) user.save redirect_to project_member_path(params[:id]) return # account_ project_member_path(params[:id]) flash[:notice] = l(:label_mail_invite_success) end end # 私有项目非项目成员无法访问成员列表 unless @project.is_public? return render_403 unless User.current.member_of?(@project) end ## 有角色参数的才是课程,没有的就是项目 @render_file = 'project_member_list' # 判断是否课程 if @project.project_type == Project::ProjectType_course @teachers= searchTeacherAndAssistant(@project) @canShowCode = isCourseTeacher(User.current.id) case params[:role] when '1' @subPage_title = l :label_teacher_list @members = searchTeacherAndAssistant(@project) when '2' @subPage_title = l :label_student_list @members = searchStudent(@project) else @subPage_title = '' @members = @project.member_principals.includes(:roles, :principal).all.sort end else if !@project.is_public? && !User.current.member_of?(@project) && !User.current.admin? render_403 else roles = Role.find_all_givable @subPage_title = l :label_member_list @members = @project.member_principals.includes(:roles, :principal).joins("LEFT JOIN #{OptionNumber.table_name} ON #{OptionNumber.table_name}.user_id = #{Member.table_name}.user_id and #{OptionNumber.table_name}.score_type = 2 AND #{Member.table_name}.project_id = #{OptionNumber.table_name}.project_id").order("#{OptionNumber.table_name}.total_score DESC").all @applied_members = appied_project_members(@project, @members) end end @members = paginateHelper @members end def update_message_status(user, project) # 更新加入项目消息 project__messages = ForgeMessage.where("forge_message_type in ('ProjectInvite', 'JoinProject', 'RemoveFromProject') and user_id =? and project_id =? ", user, project) project__messages.update_all(:viewed => true) unless project__messages.blank? end def message_invite(message_id, key) forge_message = ForgeMessage.find(message_id) if key == forge_message.secret_key # 情况:用户收到邀请邮件还没看,但是管理员已经把该用户添加进项目 if Member.where("user_id =? and project_id =?",forge_message.user_id, forge_message.project_id).first.nil? Member.create(:role_ids => [4], :user_id => forge_message.user_id, :project_id => forge_message.project_id) UserGrade.create(:user_id => forge_message.user_id, :project_id => forge_message.project_id) end end end #判断指定用户是否为课程教师 def isCourseTeacher(id) result = false if @teachers.find_by_user_id(id) != nil result = true end result end def sort_project_members project, members #userGrade = UserGrade.where(:project_id => project.id) users = UserGrade.where(:project_id => project.id). order('grade DESC'). joins("LEFT JOIN users ON users.id = user_grades.id"). select("DISTINCT user_grades.user_id") memberlist = [] users.each do |user| members.each do |member| if member[:user_id] == user[:user_id] memberlist << member end end end memberlist end def appied_project_members (project, members) users = AppliedProject.where(:project_id => project.id) memberlist = [] users.each do |user| members.each do |member| if member[:user_id] == user[:user_id] memberlist << member end end end memberlist end def file end def statistics end #end def update @project.safe_attributes = params[:project] @project.organization_id = params[:organization_id] params[:project][:is_public] == "on" ? @project.is_public = 1 : @project.is_public = 0 params[:project][:hidden_repo] == "on" ? @project.hidden_repo = 1 : @project.hidden_repo = 0 # 更新公开私有时同步gitlab公开私有 if !@project.gpid.nil? && @project.is_public != (params[:project][:is_public] == "on" ? 1 : 0) g = Gitlab.client params[:project][:is_public] == "on" ? g.edit_project(@project.gpid, 20, params[:branch]) : g.edit_project(@project.gpid, 0, params[:branch]) end # end if validate_parent_id && @project.save @project.set_allowed_parent!(params[:project]['parent_id']) if params[:project].has_key?('parent_id') if params[:project][:is_public] == '0' project_status = ProjectStatus.find_by_project_id(@project.id) project_status.destroy if project_status elsif params[:project][:is_public] == '1' project_status = ProjectStatus.create(:project_id => @project.id, :watchers_count => @project.watchers.count, :changesets_count => @project.changesets.count,:grade => 0, :project_type => @project.project_type) end respond_to do |format| format.html { flash[:notice] = l(:notice_successful_update) redirect_to settings_project_url(@project,:course => @project.project_type) } format.api { render_api_ok } end else respond_to do |format| format.html { settings render :action => 'settings' } format.api { render_validation_errors(@project) } end end end def modules @project.enabled_module_names = params[:enabled_module_names] flash[:notice] = l(:notice_successful_update) redirect_to settings_project_url(@project, :tab => 'modules') end def archive if request.post? unless @project.archive flash[:error] = l(:error_can_not_archive_project) end end if params[:type] == "project" redirect_to user_path(User.current) else redirect_to admin_projects_url(:status => params[:status]) end end def unarchive @project.unarchive if request.post? && !@project.active? redirect_to admin_projects_url(:status => params[:status]) end def close @project.close redirect_to project_url(@project) end def reopen @project.reopen redirect_to project_url(@project) end # Delete @project def destroy @project_to_destroy = @project @project_to_destroy.destroy respond_to do |format| format.html { redirect_to admin_projects_url } format.api { render_api_ok } end # hide project in layout @project = nil end def show_projects_score respond_to do |format| format.html { render :layout => "base_projects"} format.js end end def issue_score_index respond_to do |format| format.js end end def news_score_index end def file_score_index end def code_submit_score_index end def projects_topic_score_index end # end before_filter :toggleCourse, only: [:finishcourse, :restartcourse] # 最好通过用户与项目的权限解决这种事情。还没写 def finishcourse yesterday = Date.today.prev_day.to_time @course_prefs.endup_time = yesterday @save_flag = @course_prefs.save respond_to do |format| format.js end end def restartcourse day = Time.parse("3000-01-01") @course_prefs.endup_time = day @save_flag = @course_prefs.save respond_to do |format| format.js { render action:'finishcourse' } end end def exit_project @project = Project.find params[:id] if User.current.login? members = Member.where(:user_id => User.current.id, :project_id=>params[:id]).first if members != nil && members.roles.first.to_s != "Manager" members.destroy # 移出的时候删除申请消息,不需要删除消息,所以不必要关联删除 applied_projects = AppliedProject.where(:project_id => @project.id, :user_id => members.user_id).first unless applied_projects.nil? applied_projects.delete end end respond_to do |format| format.js end end end #加入私有项目 def join_project respond_to do |format| format.js end end #朋友圈、科研组、开发组之间的切换 def change_project_type @project.project_new_type = params[:project_type] if @project.save message = @project.project_new_type else message = "0" end render :json => message end private def memberAccess # 如果是私有项目,项目成员不对外公开,公开项目成员列表对外公开。 unless @project.is_public? render_403 unless User.current.member_of?(@project) end end def toggleCourse @course_prefs = Course.find_by_extra(@project.identifier) unless (@course_prefs.teacher == User.current || User.current.admin?) render_403 end end def select_project_layout project = Project.find_by_id(params[:id]) project ||= @project ||= @course ||= params[:course] ||= params[:project_type] (project.try(:project_type) == Project::ProjectType_project) ? 'base_projects' : 'base_courses' end # Validates parent_id param according to user's permissions # TODO: move it to Project model in a validation that depends on User.current def validate_parent_id return true if User.current.admin? parent_id = params[:project] && params[:project][:parent_id] if parent_id || @project.new_record? parent = parent_id.blank? ? nil : Project.find_by_id(parent_id.to_i) unless @project.allowed_parents.include?(parent) @project.errors.add :parent_id, :invalid return false end end true end def watcherlist unless @project.nil? if !@project.is_public? && !User.current.member_of?(@project) && !User.current.admin? render_403 else @users -= watched.watcher_users if @watched end end end #gcm def desc_sort_course_by_avtivity(activity_count,projects) return projects if activity_count.size<2 (activity_count.size-2).downto(0) do |i| (0..i).each do |j| if activity_count[j]