Merge branch 'develop' of https://bdgit.educoder.net/Hjqreturn/pgfqe6ch8 into develop

app/controllers/application_controller.rb

@@ -76,48 +76,59 @@ class ApplicationController < ActionController::Base
   # 包月+按license	9200109002
 
   # 云启训练场（EduCoder））院校版	产品编码（appId）	9200109
-  def ecloud_auth subject_id
-    # euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
-    # if euser.present?  # 开通过业务
-    #   # 获取用户的套餐信息
-    #   e_service = euser.ecloud_services.where("opttype != 1")
-    #   # 如果用户开通过服务
-    #   if e_service.present?
-    #     if e_service.count >1 # 说明有重复开通过业务
-    #     else
-    #       code = e_service.first.try(:code)
-    #
-    #     end
-    #   end
-    #   else
-    #     false # 没开通过服务，或者服务被禁用则不允许访问
-    #   end
-    #
-    #
-    #
-    #
-    #   if e_service.count > 1  # 说明有重复订购过套餐
-    #   else
-    #     code = e_service.try(:code)
-    #   end
-    #   service_count = euser.ecloud_services.where("opttype != 1").try(:code)
-    #
-    # end
+
   # 如果不是Ecloud过来的用户，则不改变用户的使用状态及权限，按现有模式即可
+  def ecloud_auth
+    euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
+
+    if euser.present?  # 开通过业务
+      # 获取用户的套餐信息
+      e_services = euser.ecloud_services.where("opttype != 1").order("ecloud_services.code desc")
+      # 如果用户开通过服务
+      if e_services.present?
+        if e_services.count > 1 # 说明有重复开通过业务
+          # 开通多业务的话，以最大的套餐排序，如果最大套餐还可以用，则直接返回true，如果最大套餐不能用，则轮询返回，直到找到可用的套餐
+          e_services.each do |e_service|
+            # 使用期限内套餐才有效
+            ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
+          end
+        else
+          # 先看套餐，再看时间区间
+          e_service = e_services.first
+          ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
+        end
+      else
+        false # 没开通过服务，或者服务被禁用则不允许访问
+      end
+    end
   end
 
   # 根据业务确定权限
-  def ecloud_services_auth code, subject_id
-    subject = Subject.find(subject_id)
-    subject_level = subject.subject_level_system.try(:level)
-    # case code
-    #   when "9200108001"
-    #      subject_level.to_i == 1 ? true : false
-    #   when "9200108002"
-    #
-    #   end
-    # end
-
+  def ecloud_services_auth code, begintime, endtime
+    # 如果当前实训不在实训课堂等级体系中，则不允许访问
+    subject_id = @shixun.stage_shixuns.map(&:subject_id)
+    if subject_id.blank?
+      render_403
+    end
+    subject_level = Subject.find(subject_id).subject_level_system.try(:level)
+    # 当前时间转毫秒
+    current_time = DateTime.now.strftime('%Q').to_i
+    if current_time - begintime > 0 && endtime - current_time > 0
+      case code
+        when "9200108001"
+          subject_level.to_i == 1 ? true : false
+        when "9200108002"
+          subject_level.to_i == 2 ? true : false
+        when "9200108003"
+          subject_level.to_i == 3 ? true : false
+        when "9200109001" # 企业用户
+          subject_level.to_i < 3 ? true : false
+        when "9200109002" # 企业用户
+          subject_level.to_i <= 3 ? true : false
+      end
+    else
+      false
+    end
   end
 
 

app/controllers/challenges_controller.rb

@@ -13,7 +13,7 @@ class ChallengesController < ApplicationController
   skip_before_filter :verify_authenticity_token, :only => [:create_choose_question, :update_choose_question]
   #before_filter :find_shixun_language, :only => [:show, :new, :edit]
   before_filter :base_index, :only => [:index, :index_down, :index_up, :destroy]
-  before_filter :view_allow, :only => [:index, :show]
+  before_filter :view_allow, :only => [:show]
 
   include ApplicationHelper
 

app/controllers/managements_controller.rb

@@ -4060,28 +4060,30 @@ end
   def shixun_feedback_xls shixun_ids
     xls_report = StringIO.new
     book = Spreadsheet::Workbook.new
-    sheet1 = book.create_worksheet :name => "报名列表"
+    sheet1 = book.create_worksheet :name => "实训反馈"
     blue = Spreadsheet::Format.new :color => :blue, :weight => :bold, :size => 10
     sheet1.row(0).default_format = blue
     count_row = 1
     shixuns = Shixun.where(:id => shixun_ids).includes(discusses: [:user])
-    sheet1.row(0).concat(["序号", "实训ID", "实训名称","评论数", "评论内容", "关卡", "评论者", "评论者职业",
+    sheet1.row(0).concat(["序号", "实训ID", "实训名称", "实训作者", "作者单位", "评论数", "评论内容", "关卡", "评论者", "评论者职业",
                           "评论者单位", "评论时间", "社区导师是否已回复"])
     shixuns.each_with_index do |shixun, i|
       discusses = shixun.discusses.where("user_id != ?", 1)
       sheet1[count_row, 0] = i + 1
       sheet1[count_row, 1] = shixun.identifier
       sheet1[count_row, 2] = shixun.name
-      sheet1[count_row, 3] = discusses.count
+      sheet1[count_row, 3] = shixun.owner.show_real_name
+      sheet1[count_row, 4] = shixun.owner.school_name
+      sheet1[count_row, 5] = discusses.count
       discusses.each_with_index do |discuss, j|
         user = discuss.user
-        sheet1[count_row, 4] = discuss.content.gsub(/<img.*\/>/, "【图片评论】").gsub(/!\[\].+\)/, "【图片评论】")
-        sheet1[count_row, 5] = "第#{discuss.position}关"
-        sheet1[count_row, 6] = user.show_real_name
-        sheet1[count_row, 7] = user.identity
-        sheet1[count_row, 8] = user.school_name
-        sheet1[count_row, 9] = format_time discuss.created_at
-        sheet1[count_row, 10] = discuss.children.pluck(:user_id).include?(1) ? "是" : "否"
+        sheet1[count_row, 6] = discuss.content.gsub(/<img.*\/>/, "【图片评论】").gsub(/!\[\].+\)/, "【图片评论】")
+        sheet1[count_row, 7] = "第#{discuss.position}关"
+        sheet1[count_row, 8] = user.show_real_name
+        sheet1[count_row, 9] = user.identity
+        sheet1[count_row, 10] = user.school_name
+        sheet1[count_row, 11] = format_time discuss.created_at
+        sheet1[count_row, 12] = discuss.children.pluck(:user_id).include?(1) ? "是" : "否"
         count_row += 1
       end
       #count_row += 1

app/controllers/shixuns_controller.rb

@@ -2,13 +2,16 @@
 # REDO: 创建版本库权限控制
 class ShixunsController < ApplicationController
   layout 'base_shixun'
-  before_filter :require_login, :except => [:ghook, :download_file]
-  before_filter :check_authentication, :except => [:ghook, :download_file]
+  before_filter :require_login, :except => [:ghook, :download_file, :show, :index]
+  before_filter :check_authentication, :except => [:ghook, :download_file, :show, :index]
   before_filter :find_shixun, :except => [ :index, :new, :create, :index, :search, :shixun_courses, :new_disscuss, :shixun_migrate, :qrcode, :download_file, :departments, :get_mirror_script, :send_message_to_administrator]
+
   skip_before_filter :verify_authenticity_token, :only => [:ghook, :download_file]
-  before_filter :view_allow, :only => [:show, :collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
+  before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
   before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy]
   before_filter :validation_email, :only => [:new]
+  # 移动云ToC模式权限控制
+  # before_filter :ecloud_auth, :except => [:show, :index]
 
   include ApplicationHelper
   include ShixunsHelper

app/controllers/subjects_controller.rb

@@ -1,8 +1,8 @@
 # encoding: utf-8
 class SubjectsController < ApplicationController
   layout 'base_subject'
-  before_filter :require_login, :except => [:show]
-  before_filter :check_authentication, :except => [:show]
+  before_filter :require_login, :except => [:show, :index]
+  before_filter :check_authentication, :except => [:show, :index]
   before_filter :find_subject, :except => [:index, :new, :create, :create_subject, :new_subject, :append_to_stage, :send_to_course]
 
   include ApplicationHelper

app/helpers/application_helper.rb

@@ -340,9 +340,6 @@ module ApplicationHelper
   # TPM查看权限
   # result一般为页面权限
   def shixun_view_allow shixun, result = nil
-    if params[:openi].to_i == 1
-      result ? false : true
-    else
     if User.current.manager_of_shixun?(shixun)
       result ? false : true
     else
@@ -351,7 +348,6 @@ module ApplicationHelper
       end
     end
   end
-  end
 
   # 判断TPM的代码是否被修改了
   # 判断依据是看tpm的最新提交记录和tpi数据库中存储的commit_id是否一致
@@ -619,7 +615,7 @@ module ApplicationHelper
       redirect_to user_info_path()
       Rails.logger.info("check_authentication end")
       return
-    elsif User.current.certification != 1
+    elsif User.current.certification != 1  # 系统没有授权
       day_cer = UserDayCertification.where(:user_id => User.current.id).last
       unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
         redirect_to my_account_path()

app/models/ecloud_serviece_servicepara.rb

@@ -1,3 +1,4 @@
+# ket值，license表示人数，对应企业版；duration表示月数，对应个人版；
 class EcloudServieceServicepara < ActiveRecord::Base
   attr_accessible :key, :value, :ecloud_service_id
   belongs_to :ecloud_service

app/views/managements/shixun_feedback_message.html.erb

@@ -13,3 +13,8 @@
     <%= render :partial => "shixun_feedback_list" %>
   </div>
 </div>
+<script>
+    function clearSearchCondition(){
+        $("#shixun_Look_name").val('')
+    }
+</script>