From 6137bcc77023d3fbe31e67477608b3c583172677 Mon Sep 17 00:00:00 2001 From: huang Date: Wed, 20 Mar 2019 12:21:27 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=AE=9E=E8=AE=AD=E6=9D=83=E9=99=90?= =?UTF-8?q?=E7=9A=84=E4=B8=80=E4=BA=9B=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/application_controller.rb | 89 +++++++++++++---------- app/controllers/challenges_controller.rb | 2 +- app/controllers/shixuns_controller.rb | 9 ++- app/controllers/subjects_controller.rb | 4 +- app/helpers/application_helper.rb | 12 +-- app/models/ecloud_serviece_servicepara.rb | 1 + 6 files changed, 64 insertions(+), 53 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 8bb217cc..3d2960e7 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -76,48 +76,59 @@ class ApplicationController < ActionController::Base # 包月+按license 9200109002 # 云启训练场(EduCoder))院校版 产品编码(appId) 9200109 - def ecloud_auth subject_id - # euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first - # if euser.present? # 开通过业务 - # # 获取用户的套餐信息 - # e_service = euser.ecloud_services.where("opttype != 1") - # # 如果用户开通过服务 - # if e_service.present? - # if e_service.count >1 # 说明有重复开通过业务 - # else - # code = e_service.first.try(:code) - # - # end - # end - # else - # false # 没开通过服务,或者服务被禁用则不允许访问 - # end - # - # - # - # - # if e_service.count > 1 # 说明有重复订购过套餐 - # else - # code = e_service.try(:code) - # end - # service_count = euser.ecloud_services.where("opttype != 1").try(:code) - # - # end - # 如果不是Ecloud过来的用户,则不改变用户的使用状态及权限,按现有模式即可 + + # 如果不是Ecloud过来的用户,则不改变用户的使用状态及权限,按现有模式即可 + def ecloud_auth + euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first + + if euser.present? # 开通过业务 + # 获取用户的套餐信息 + e_services = euser.ecloud_services.where("opttype != 1").order("ecloud_services.code desc") + # 如果用户开通过服务 + if e_services.present? + if e_services.count > 1 # 说明有重复开通过业务 + # 开通多业务的话,以最大的套餐排序,如果最大套餐还可以用,则直接返回true,如果最大套餐不能用,则轮询返回,直到找到可用的套餐 + e_services.each do |e_service| + # 使用期限内套餐才有效 + ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime) + end + else + # 先看套餐,再看时间区间 + e_service = e_services.first + ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime) + end + else + false # 没开通过服务,或者服务被禁用则不允许访问 + end + end end # 根据业务确定权限 - def ecloud_services_auth code, subject_id - subject = Subject.find(subject_id) - subject_level = subject.subject_level_system.try(:level) - # case code - # when "9200108001" - # subject_level.to_i == 1 ? true : false - # when "9200108002" - # - # end - # end - + def ecloud_services_auth code, begintime, endtime + # 如果当前实训不在实训课堂等级体系中,则不允许访问 + subject_id = @shixun.stage_shixuns.map(&:subject_id) + if subject_id.blank? + render_403 + end + subject_level = Subject.find(subject_id).subject_level_system.try(:level) + # 当前时间转毫秒 + current_time = DateTime.now.strftime('%Q').to_i + if current_time - begintime > 0 && endtime - current_time > 0 + case code + when "9200108001" + subject_level.to_i == 1 ? true : false + when "9200108002" + subject_level.to_i == 2 ? true : false + when "9200108003" + subject_level.to_i == 3 ? true : false + when "9200109001" # 企业用户 + subject_level.to_i < 3 ? true : false + when "9200109002" # 企业用户 + subject_level.to_i <= 3 ? true : false + end + else + false + end end diff --git a/app/controllers/challenges_controller.rb b/app/controllers/challenges_controller.rb index 0c37a3ab..54f545e5 100644 --- a/app/controllers/challenges_controller.rb +++ b/app/controllers/challenges_controller.rb @@ -13,7 +13,7 @@ class ChallengesController < ApplicationController skip_before_filter :verify_authenticity_token, :only => [:create_choose_question, :update_choose_question] #before_filter :find_shixun_language, :only => [:show, :new, :edit] before_filter :base_index, :only => [:index, :index_down, :index_up, :destroy] - before_filter :view_allow, :only => [:index, :show] + before_filter :view_allow, :only => [:show] include ApplicationHelper diff --git a/app/controllers/shixuns_controller.rb b/app/controllers/shixuns_controller.rb index e50827e3..38cbda23 100644 --- a/app/controllers/shixuns_controller.rb +++ b/app/controllers/shixuns_controller.rb @@ -2,13 +2,16 @@ # REDO: 创建版本库权限控制 class ShixunsController < ApplicationController layout 'base_shixun' - before_filter :require_login, :except => [:ghook, :download_file] - before_filter :check_authentication, :except => [:ghook, :download_file] + before_filter :require_login, :except => [:ghook, :download_file, :show, :index] + before_filter :check_authentication, :except => [:ghook, :download_file, :show, :index] before_filter :find_shixun, :except => [ :index, :new, :create, :index, :search, :shixun_courses, :new_disscuss, :shixun_migrate, :qrcode, :download_file, :departments, :get_mirror_script, :send_message_to_administrator] + skip_before_filter :verify_authenticity_token, :only => [:ghook, :download_file] - before_filter :view_allow, :only => [:show, :collaborators, :propaedeutics, :shixun_discuss, :ranking_list] + before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list] before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy] before_filter :validation_email, :only => [:new] + # 移动云ToC模式权限控制 + before_filter :ecloud_auth, :except => [:show, :index] include ApplicationHelper include ShixunsHelper diff --git a/app/controllers/subjects_controller.rb b/app/controllers/subjects_controller.rb index 3191899c..e526d468 100644 --- a/app/controllers/subjects_controller.rb +++ b/app/controllers/subjects_controller.rb @@ -1,8 +1,8 @@ # encoding: utf-8 class SubjectsController < ApplicationController layout 'base_subject' - before_filter :require_login, :except => [:show] - before_filter :check_authentication, :except => [:show] + before_filter :require_login, :except => [:show, :index] + before_filter :check_authentication, :except => [:show, :index] before_filter :find_subject, :except => [:index, :new, :create, :create_subject, :new_subject, :append_to_stage, :send_to_course] include ApplicationHelper diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 19c82857..ce37bf79 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -340,15 +340,11 @@ module ApplicationHelper # TPM查看权限 # result一般为页面权限 def shixun_view_allow shixun, result = nil - if params[:openi].to_i == 1 + if User.current.manager_of_shixun?(shixun) result ? false : true else - if User.current.manager_of_shixun?(shixun) - result ? false : true - else - if shixun.status == 0 || (shixun.use_scope == 1 && !shixun.schools.map(&:name).include?(User.current.school_name)) - result ? true : (render_403) - end + if shixun.status == 0 || (shixun.use_scope == 1 && !shixun.schools.map(&:name).include?(User.current.school_name)) + result ? true : (render_403) end end end @@ -619,7 +615,7 @@ module ApplicationHelper redirect_to user_info_path() Rails.logger.info("check_authentication end") return - elsif User.current.certification != 1 + elsif User.current.certification != 1 # 系统没有授权 day_cer = UserDayCertification.where(:user_id => User.current.id).last unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 redirect_to my_account_path() diff --git a/app/models/ecloud_serviece_servicepara.rb b/app/models/ecloud_serviece_servicepara.rb index 91bb0a0d..5dbff71f 100644 --- a/app/models/ecloud_serviece_servicepara.rb +++ b/app/models/ecloud_serviece_servicepara.rb @@ -1,3 +1,4 @@ +# ket值,license表示人数,对应企业版;duration表示月数,对应个人版; class EcloudServieceServicepara < ActiveRecord::Base attr_accessible :key, :value, :ecloud_service_id belongs_to :ecloud_service From f60d8611eddf38a640d8e33922bf98a4657d86ac Mon Sep 17 00:00:00 2001 From: huang Date: Thu, 21 Mar 2019 16:36:52 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E5=AE=9E=E8=AE=AD=E6=9D=83=E9=99=90?= =?UTF-8?q?=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/shixuns_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/shixuns_controller.rb b/app/controllers/shixuns_controller.rb index 38cbda23..18107cae 100644 --- a/app/controllers/shixuns_controller.rb +++ b/app/controllers/shixuns_controller.rb @@ -11,7 +11,7 @@ class ShixunsController < ApplicationController before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy] before_filter :validation_email, :only => [:new] # 移动云ToC模式权限控制 - before_filter :ecloud_auth, :except => [:show, :index] + # before_filter :ecloud_auth, :except => [:show, :index] include ApplicationHelper include ShixunsHelper