权限调整

app/controllers/colleges_controller.rb

@@ -254,7 +254,10 @@ class CollegesController < ApplicationController
 
   def manager_auth
     # unless (User.current.admin? || DepartmentMember.where(:user_id => User.current.id, :department_id => @department.id).first.present?)
-    unless (User.current.admin? || DepartmentMember.where(:user_id => User.current.id, :department_id => @department.id).first.present? || (User.current.user_extensions.try(:school_id) == @department.school_id && User.current.user_extensions.try(:identity) == 0))
+    unless (User.current.admin? ||
+        DepartmentMember.where(:user_id => User.current.id, :department_id => @department.id).first.present? ||
+        (User.current.user_extensions.try(:school_id) == @department.school_id && User.current.user_extensions.try(:identity) == 0) ||
+        @department.school.try(:partner_id) == User.current.partner_id)
       render_403
     end
   end