# Redmine - project management software # Copyright (C) 2006-2013 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class UsersController < ApplicationController layout :setting_layout #Added by young before_filter :auth_login1, :only => [:show, :user_activities, :user_newfeedback] before_filter :logged_user_by_apptoken, :only => [:show,:user_newfeedback] menu_item :activity menu_item :user_information, :only => :info menu_item :user_course, :only => :user_courses menu_item :user_homework, :only => :user_homeworks menu_item :user_project, :only => [:user_projects, :watch_projects] menu_item :requirement_focus, :only => :watch_bids menu_item :requirement_focus, :only => :watch_contests menu_item :user_newfeedback, :only => :user_newfeedback #Ended by young # edit # before_filter :can_show_course, :only => [:user_courses,:user_homeworks] before_filter :require_admin, :except => [:show, :index, :search, :tag_save, :tag_saveEx,:user_projects, :user_newfeedback, :user_comments, :watch_bids, :watch_contests, :info, :user_watchlist, :user_fanslist,:update, :user_courses, :user_homeworks, :watch_projects, :show_score, :topic_score_index, :project_score_index, :activity_score_index, :influence_score_index, :score_index,:show_new_score, :topic_new_score_index, :project_new_score_index, :activity_new_score_index, :influence_new_score_index, :score_new_index,:update_score,:user_activities,:user_projects_index] #edit has been deleted by huang, 2013-9-23 before_filter :find_user, :only => [:user_fanslist, :user_watchlist, :show, :edit, :update, :destroy, :edit_membership, :user_courses, :user_homeworks, :destroy_membership, :user_activities, :user_projects, :user_newfeedback, :user_comments, :watch_bids, :watch_contests, :info, :watch_projects, :show_score, :topic_score_index, :project_score_index, :activity_score_index, :influence_score_index, :score_index,:show_new_score, :topic_new_score_index, :project_new_score_index, :activity_new_score_index, :influence_new_score_index, :score_new_index,:user_projects_index] before_filter :auth_user_extension, only: :show #before_filter :rest_user_score, only: :show #before_filter :select_entry, only: :user_projects accept_api_auth :index, :show, :create, :update, :destroy,:tag_save , :tag_saveEx #william before_filter :require_login, :only => [:tag_save,:tag_saveEx] #before_filter :refresh_changests, :only =>[:user_activities,:user_courses,:user_projects,:user_newfeedback] helper :sort include SortHelper helper :custom_fields include CustomFieldsHelper include AvatarHelper include WordsHelper include GitlabHelper include UserScoreHelper helper :user_score # added by liuping 关注 helper :watchers helper :activities ### added by william include ActsAsTaggableOn::TagsHelper # fq helper :words def refresh_changests if !(@user.nil?) && !(@user.memberships.nil?) @user.memberships.each do |member| unless member.project.nil? member.project.repository.fetch_changesets if Setting.autofetch_changesets? end end end end def user_projects_index if User.current.admin? memberships = @user.memberships.all(conditions: "projects.project_type = #{Project::ProjectType_project}").first else cond = Project.visible_condition(User.current) + " AND projects.project_type <> 1" memberships = @user.memberships.all(:conditions => cond).first end watch_projects = Project.joins(:watchers).where("project_type <>? and watchable_type = ? and `watchers`.user_id = ?", '1','Project', @user.id).first if memberships.nil? && watch_projects redirect_to(:watch_projects_user) and return else redirect_to(:user_projects_user) and return end end #added by young def user_projects if User.current.admin? @memberships = @user.memberships.all(conditions: "projects.project_type = #{Project::ProjectType_project}") else cond = Project.visible_condition(User.current) + " AND projects.project_type <> 1" @memberships = @user.memberships.all(:conditions => cond) end #events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 20) #@events_by_day = events.group_by(&:event_date) @state = 0 #add by huang unless User.current.admin? if !@user.active? #|| (@user != User.current && @memberships.empty? && events.empty?) render_404 return end end #end respond_to do |format| format.html format.api end end # added by bai def show_score end def show_new_score render :layout => 'users_base' end # end ##added by fq def watch_bids cond = 'bids.reward_type <> 1' @bids = Bid.watched_by(@user).where('reward_type = ?', 1) # added by huang @offset, @limit = api_offset_and_limit({:limit => 10}) @bid_count = @bids.count @bid_pages = Paginator.new @bid_count, @limit, params['page'] @offset ||= @bid_pages.reverse_offset unless @offset == 0 @bid = @bids.offset(@offset).limit(@limit).all.reverse else limit = @bid_count % @limit @bid = @bids.offset(@offset).limit(limit).all.reverse end respond_to do |format| format.html { render :layout => 'base_users' } format.api end end #new add by linchun def watch_contests @bids = Contest.watched_by(@user) @offset, @limit = api_offset_and_limit({:limit => 10}) @contest_count = @contests.count @contest_pages = Paginator.new @contest_count, @limit, params['page'] @offset ||= @contest_pages.reverse_offset unless @offset == 0 @contest = @contests.offset(@offset).limit(@limit).all.reverse else limit = @bid_count % @limit @contest = @contests.offset(@offset).limit(limit).all.reverse end respond_to do |format| format.html { render :layout => 'base_users' } format.api end end # added by fq def user_activities redirect_to user_url(@user, type: params[:type], page: params[:page]) return # useless abort. @watcher = User.watched_by_id(@user) events = [] for user in @watcher events << Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 30) end @events_by_day = events.group_by(&:event_date) unless User.current.admin? if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) render_404 return end end respond_to do |format| format.html format.api end end # end # added by huang def user_homeworks @membership = @user.memberships.all(:conditions => Project.visible_condition(User.current)) @memberships = [] @membership.each do |membership| if membership.project.project_type == 1 @memberships << membership end end @bid = [] @memberships.each do |membership| @bid += membership.project.homeworks end @bid = @bid.group_by {|bid| bid.courses.first.id} unless User.current.admin? if !@user.active? render_404 return end end end include CoursesHelper def user_courses unless User.current.admin? if !@user.active? #|| (@user != User.current && @memberships.empty? && events.empty?) render_404 return end end #@user.coursememberships.all(:conditions => Course.visible_condition(User.current)) if User.current == @user || User.current.admin? membership = @user.coursememberships.all else membership = @user.coursememberships.all(:conditions => Course.visible_condition(User.current)) end membership.sort! {|older, newer| newer.created_on <=> older.created_on } @memberships = [] membership.collect { |e| @memberships.push(e) } ## 判断课程是否过期 [需封装] @memberships_doing = [] @memberships_done = [] #now_time = Time.now.year @memberships.map { |e| #end_time = e.course.get_time.year isDone = course_endTime_timeout?(e.course) if isDone @memberships_done.push e else @memberships_doing.push e end } # respond_to do |format| # format.html # format.api # end end # modified by fq def user_newfeedback @jours = @user.journals_for_messages.where('m_parent_id IS NULL').order('created_on DESC') @jours.update_all(:is_readed => true, :status => false) @jours.each do |journal| fetch_user_leaveWord_reply(journal).update_all(:is_readed => true, :status => false) end #@limit = 10 #@feedback_count = @jours.count #@feedback_pages = Paginator.new @feedback_count, @limit, params['page'] #@offset ||= @feedback_pages.offset @jour = paginateHelper @jours,10 @state = false end # end def user_comments end #end def index @status = params[:status] || 1 sort_init 'login', 'asc' sort_update %w(login firstname lastname mail admin created_on last_login_on) case params[:format] when 'xml', 'json' @offset, @limit = api_offset_and_limit({:limit => 15}) else @limit = 15 end # retrieve all users # 先内连一下statuses 保证排序之后数量一致 scope = User.visible. joins("INNER JOIN user_statuses ON users.id = user_statuses.user_id") # unknow scope = scope.in_group(params[:group_id]) if params[:group_id].present? # pagination @user_count = scope.count @user_pages = Paginator.new @user_count, @limit, params['page'] # users classify case params[:user_sort_type] when '0' # 创建时间排序 @s_type = 0 @users = scope.reorder('users.created_on DESC') when '1' # 活跃度排序, 就是所谓的得分情况 @s_type = 1 @users = scope. joins("LEFT JOIN option_numbers ON users.id = option_numbers.user_id and option_numbers.score_type = 1"). reorder('option_numbers.total_score DESC') when '2' # 粉丝数排序 @s_type = 2 @users = scope. #joins("INNER JOIN user_statuses ON users.id = user_statuses.user_id"). reorder('user_statuses.watchers_count DESC') else # 默认活跃度排序 @s_type = 1 @users = scope. joins("LEFT JOIN option_numbers ON users.id = option_numbers.user_id and option_numbers.score_type = 1"). reorder('option_numbers.total_score DESC') end # limit and offset @users = @users.limit(@user_pages.per_page).offset(@user_pages.offset) @user_base_tag = params[:id] ? 'base_users':'users_base' respond_to do |format| format.html { @groups = Group.all.sort User.current.admin? ? (render :layout => @user_base_tag) : (render_404) } format.api end end def search sort_init 'login', 'asc' sort_update %w(login firstname lastname mail admin created_on last_login_on) (redirect_to user_url, :notice => l(:label_sumbit_empty);return) if params[:name].blank? case params[:format] when 'xml', 'json' @offset, @limit = api_offset_and_limit({:limit => 15}) else @limit = 15#per_page_option end # #@status = params[:status] || 1 #has = { # "show_changesets" => true #} # scope = User.logged.status(@status) # @search_by = params[:search_by] ? params[:search_by][:id] : 0 # scope = scope.like(params[:name],@search_by) if params[:name].present? us = UsersService.new scope = us.search_user params @user_count = scope.count @user_pages = Paginator.new @user_count, @limit, params['page'] @user_base_tag = params[:id] ? 'base_users':'users_base' @offset ||= @user_pages.reverse_offset unless @offset == 0 @users = scope.offset(@offset).limit(@limit).all.reverse else limit = @user_count % @limit if limit == 0 limit = @limit end @users = scope.offset(@offset).limit(limit).all.reverse end respond_to do |format| format.html { @groups = Group.all.sort render :layout => @user_base_tag } format.api end end def show pre_count = 10 #limit # Time 2015-02-04 11:46:34 # Author lizanle # Description type 1 :所有动态包括我关注的人 type 2:我的动态 type 3:关于我的回复 case params[:type] when "1" if @user == User.current activity = Activity.where('user_id = ?', User.current.id).order('id desc') @activity_count = activity.count @activity_pages = Paginator.new @activity_count, pre_count, params['page'] @activity = activity.offset(@activity_pages.offset).limit(@activity_pages.per_page).all @state = 1 end when "2" message = [] if @user == User.current message = JournalsForMessage.reference_message(@user.id) message += Journal.reference_message(@user.id) end @activity_count = message.size @info_pages = Paginator.new @activity_count, pre_count, params['page'] messages = message.sort {|x,y| y.created_on <=> x.created_on } @message = messages[@info_pages.offset, @info_pages.per_page] @state = 2 else # Time 2015-02-04 10:50:49 # Author lizanle # Description 所有动态 where_condition = nil; # where_condition = "act_type <> 'JournalsForMessage'" if @user == User.current watcher = User.watched_by(@user) watcher.push(User.current) activity = Activity.where(where_condition).where('user_id in (?)', watcher).order('id desc') else activity = Activity.where(where_condition).where('user_id = ?', @user.id).order('id desc') end # activity = activity.reject { |e| # e.act.nil? || # (!User.current.admin? && !e.act.nil? # (((e.act_type == "Issue") && !e.act.project.visible?(User.current)) || # (e.act_type == "Bid" && !e.act.courses.first.nil? && e.act.courses.first.is_public == 0 && !User.current.member_of_course?(e.act.courses.first)) || # (e.act_type == "Journal" && e.act.respond_to?("Project") && !e.act.project.visible?(User.current)) || # (e.act_type == "News" && ((!e.act.project.nil? && !e.act.project.visible?(User.current)) || (!e.act.course.nil? && e.act.course.is_public == 0 && !User.current.member_of_course?(e.act.course)))) || # (e.act_type == "Message" && !e.act.board.nil? && ((!e.act.board.project.nil? && !e.act.board.project.visible?(User.current)) || (!e.act.board.course.nil? && e.act.board.course.is_public == 0 && !User.current.member_of_course?(e.act.board.course)))))) # } @activity_count = activity.count @activity_pages = Paginator.new @activity_count, pre_count, params['page'] @activity = activity.slice(@activity_pages.offset,@activity_pages.per_page) # @activity = @activity.reject { |e| # ((e.act_type=="Issue") && ( !e.act.visible?(User.current))) || # ((e.act_type == "Journal") && (!e.act.project.visible?(User.current))) || # ((e.act_type == "Bid") && ((!User.current.member_of_course?(e.act.courses.first) || !User.current.admin?))) # } @state = 0 end if params[:user].present? user_temp = User.find_by_sql("select id from users where concat(lastname,firstname) like '%#{params[:user]}%' or lastname like '%#{params[:user]}%'") if user_temp.size > 1 activity = Activity.where('user_id in (?)', user_temp).where('user_id in (?)', watcher).order('id desc') elsif user_temp.size == 1 activity = Activity.where('user_id = ?', user_temp).where('user_id in (?)', watcher).order('id desc') else activity = Activity.where("1 = 0") end @offset, @limit = api_offset_and_limit({:limit => 10}) @activity_count = activity.count @activity_pages = Paginator.new @activity_count, @limit, params['page'] @offset ||= @activity_pages.offset @activity = activity.offset(@offset).limit(@limit) @state = 0 end #Modified by nie unless User.current.admin? if !@user.active? #|| (@user != User.current && @memberships.empty? && events.empty?) # redirect_to home_path render_404 return end end respond_to do |format| format.html format.api end end ##end fq #### added by fq def info message = [] if @user == User.current message = JournalsForMessage.reference_message(@user.id) message += Journal.reference_message(@user.id) end @offset, @limit = api_offset_and_limit({:limit => 10}) @info_count = message.size @info_pages = Paginator.new @info_count, @limit, params['page'] @offset ||= @info_pages.offset messages = message.sort {|x,y| y.created_on <=> x.created_on } @message = messages[@offset, @limit] unless User.current.admin? if !@user.active? render_404 return end end respond_to do |format| format.html format.api end end #### end def new @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option) @auth_sources = AuthSource.all render :layout => "users_base" end def create @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option) @user.safe_attributes = params[:user] @user.admin = params[:user][:admin] || false @user.login = params[:user][:login] @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id if @user.save @user.pref.attributes = params[:pref] @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') @user.pref.save @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : []) Mailer.account_information(@user, params[:user][:password]).deliver if params[:send_information] respond_to do |format| format.html { flash[:notice] = l(:notice_user_successful_create, :id => view_context.link_to(@user.login, user_path(@user))) if params[:continue] redirect_to new_user_url else redirect_to edit_user_url(@user) end } format.api { render :action => 'show', :status => :created, :location => user_url(@user) } end else @auth_sources = AuthSource.all # Clear password input @user.password = @user.password_confirmation = nil respond_to do |format| format.html { render :action => 'new',:layout => "users_base" } format.api { render_validation_errors(@user) } end end unless @user.id.nil? #后台注册的用户默认权限为男性开发员 ue = UserExtensions.create(:identity => 3, :gender => 0, :user_id => @user.id) ue.save end end def edit @auth_sources = AuthSource.all @membership ||= Member.new end def watch_projects @watch_projects = Project.joins(:watchers).where("project_type <>? and watchable_type = ? and `watchers`.user_id = ?", '1','Project', @user.id) @state = 1 respond_to do |format| format.html { render :layout => 'base_users' } format.api end end def update @user.admin = params[:user][:admin] if params[:user][:admin] @user.login = params[:user][:login] if params[:user][:login] if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] end @user.safe_attributes = params[:user] # Was the account actived ? (do it before User#save clears the change) was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE]) # TODO: Similar to My#account @user.pref.attributes = params[:pref] @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') if @user.save @user.pref.save @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : []) if was_activated Mailer.account_activated(@user).deliver elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil? Mailer.account_information(@user, params[:user][:password]).deliver end respond_to do |format| format.html { flash[:notice] = l(:notice_successful_update) redirect_to_referer_or edit_user_url(@user) } format.api { render_api_ok } end else @auth_sources = AuthSource.all @membership ||= Member.new # Clear password input @user.password = @user.password_confirmation = nil respond_to do |format| format.html { render :action => :edit } format.api { render_validation_errors(@user) } end end end def destroy @user.destroy respond_to do |format| format.html { redirect_back_or_default(admin_users_path) } format.api { render_api_ok } end end def edit_membership @membership = Member.edit_membership(params[:membership_id], params[:membership], @user) @membership.save respond_to do |format| format.html { redirect_to edit_user_url(@user, :tab => 'memberships') } format.js end end def destroy_membership @membership = Member.find(params[:membership_id]) if @membership.deletable? @membership.destroy end respond_to do |format| format.html { redirect_to edit_user_url(@user, :tab => 'memberships') } format.js end end ################# added by william def tag_save @tags = params[:tag_for_save][:name] @obj_id = params[:tag_for_save][:object_id] @obj_flag = params[:tag_for_save][:object_flag] case @obj_flag when '1' then @obj = User.find_by_id(@obj_id) when '2' then @obj = Project.find_by_id(@obj_id) when '3' then @obj = Issue.find_by_id(@obj_id) when '4' then @obj = Bid.find_by_id(@obj_id) when '5' then @obj = Forum.find_by_id(@obj_id) when '6' @obj = Attachment.find_by_id(@obj_id) when '7' then @obj = Contest.find_by_id(@obj_id) when '8' @obj = OpenSourceProject.find_by_id(@obj_id) when '9' @obj = Course.find_by_id(@obj_id) else @obj = nil end unless @obj.nil? @obj.tag_list.add(@tags.split(",")) else return end if @obj.save logger.debug "#{__FILE__}:#{__LINE__} ===> #{@obj.to_json}" else logger.error "#{__FILE__}:#{__LINE__} ===> #{@obj.errors.try(:full_messages)}" end respond_to do |format| format.js format.html end end def tag_saveEx @tags = params[:tag_name] @obj_id = params[:obj_id] @obj_flag = params[:obj_flag] case @obj_flag when '1' then @obj = User.find_by_id(@obj_id) when '2' then @obj = Project.find_by_id(@obj_id) when '3' then @obj = Issue.find_by_id(@obj_id) when '4' then @obj = Bid.find_by_id(@obj_id) when '5' then @obj = Forum.find_by_id(@obj_id) when '6' @obj = Attachment.find_by_id(@obj_id) when '7' then @obj = Contest.find_by_id(@obj_id) when '8' @obj = OpenSourceProject.find_by_id(@obj_id) when '9' @obj = Course.find_by_id(@obj_id) else @obj = nil end unless @obj.nil? @obj.tag_list.add(@tags.split(",")) else return end if @obj.save ## 执行成功的操作。 else #捕获异常 end respond_to do |format| format.js format.html end end ###add by huang def user_watchlist end ###add by huang def user_fanslist end #william def update_extensions(user_extensions) user_extensions = params[:user_extensions] unless user_extensions.nil? user_extensions = UserExtensions.find_by_id(user_extensions.user_id) # user_extensions. end end # added by bai def topic_score_index end def project_score_index end def activity_score_index end def influence_score_index end def score_index end # end def topic_new_score_index end def project_new_score_index end def activity_new_score_index end def influence_new_score_index end def score_new_index end def update_score @user = User.find(params[:id]) end private def find_user if params[:id] == 'current' require_login || return @user = User.current else @user = User.find(params[:id]) end rescue ActiveRecord::RecordNotFound render_404 end def setting_layout(default_base='base_users') User.current.admin? ? default_base : default_base end # 必填自己的工作单位,其实就是学校 def auth_user_extension if @user == User.current && @user.user_extensions.nil? flash[:error] = l(:error_complete_occupation) redirect_to my_account_url end end #重置用户得分 def rest_user_score memo_num(@user) messges_for_issue_num(@user) issues_status_num(@user) replay_for_memo_num(@user) tread_num(@user) praise_num(@user) changeset_num(@user) document_num(@user) attachment_num(@user) issue_done_ratio_num(@user) post_issue_num(@user) end #验证是否显示课程 def can_show_course @first_page = FirstPage.find_by_page_type('project') if @first_page.show_course == 2 render_404 end end end