dev_haigong
daiao 6 years ago
commit 44bd6bfd8a

@ -76,48 +76,59 @@ class ApplicationController < ActionController::Base
# 包月+按license 9200109002 # 包月+按license 9200109002
# 云启训练场EduCoder院校版 产品编码appId 9200109 # 云启训练场EduCoder院校版 产品编码appId 9200109
def ecloud_auth subject_id
# euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
# if euser.present? # 开通过业务
# # 获取用户的套餐信息
# e_service = euser.ecloud_services.where("opttype != 1")
# # 如果用户开通过服务
# if e_service.present?
# if e_service.count >1 # 说明有重复开通过业务
# else
# code = e_service.first.try(:code)
#
# end
# end
# else
# false # 没开通过服务,或者服务被禁用则不允许访问
# end
#
#
#
#
# if e_service.count > 1 # 说明有重复订购过套餐
# else
# code = e_service.try(:code)
# end
# service_count = euser.ecloud_services.where("opttype != 1").try(:code)
#
# end
# 如果不是Ecloud过来的用户则不改变用户的使用状态及权限按现有模式即可 # 如果不是Ecloud过来的用户则不改变用户的使用状态及权限按现有模式即可
def ecloud_auth
euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
if euser.present? # 开通过业务
# 获取用户的套餐信息
e_services = euser.ecloud_services.where("opttype != 1").order("ecloud_services.code desc")
# 如果用户开通过服务
if e_services.present?
if e_services.count > 1 # 说明有重复开通过业务
# 开通多业务的话以最大的套餐排序如果最大套餐还可以用则直接返回true如果最大套餐不能用则轮询返回直到找到可用的套餐
e_services.each do |e_service|
# 使用期限内套餐才有效
ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
end
else
# 先看套餐,再看时间区间
e_service = e_services.first
ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
end
else
false # 没开通过服务,或者服务被禁用则不允许访问
end
end
end end
# 根据业务确定权限 # 根据业务确定权限
def ecloud_services_auth code, subject_id def ecloud_services_auth code, begintime, endtime
subject = Subject.find(subject_id) # 如果当前实训不在实训课堂等级体系中,则不允许访问
subject_level = subject.subject_level_system.try(:level) subject_id = @shixun.stage_shixuns.map(&:subject_id)
# case code if subject_id.blank?
# when "9200108001" render_403
# subject_level.to_i == 1 ? true : false end
# when "9200108002" subject_level = Subject.find(subject_id).subject_level_system.try(:level)
# # 当前时间转毫秒
# end current_time = DateTime.now.strftime('%Q').to_i
# end if current_time - begintime > 0 && endtime - current_time > 0
case code
when "9200108001"
subject_level.to_i == 1 ? true : false
when "9200108002"
subject_level.to_i == 2 ? true : false
when "9200108003"
subject_level.to_i == 3 ? true : false
when "9200109001" # 企业用户
subject_level.to_i < 3 ? true : false
when "9200109002" # 企业用户
subject_level.to_i <= 3 ? true : false
end
else
false
end
end end

@ -13,7 +13,7 @@ class ChallengesController < ApplicationController
skip_before_filter :verify_authenticity_token, :only => [:create_choose_question, :update_choose_question] skip_before_filter :verify_authenticity_token, :only => [:create_choose_question, :update_choose_question]
#before_filter :find_shixun_language, :only => [:show, :new, :edit] #before_filter :find_shixun_language, :only => [:show, :new, :edit]
before_filter :base_index, :only => [:index, :index_down, :index_up, :destroy] before_filter :base_index, :only => [:index, :index_down, :index_up, :destroy]
before_filter :view_allow, :only => [:index, :show] before_filter :view_allow, :only => [:show]
include ApplicationHelper include ApplicationHelper

@ -2,13 +2,16 @@
# REDO: 创建版本库权限控制 # REDO: 创建版本库权限控制
class ShixunsController < ApplicationController class ShixunsController < ApplicationController
layout 'base_shixun' layout 'base_shixun'
before_filter :require_login, :except => [:ghook, :download_file] before_filter :require_login, :except => [:ghook, :download_file, :show, :index]
before_filter :check_authentication, :except => [:ghook, :download_file] before_filter :check_authentication, :except => [:ghook, :download_file, :show, :index]
before_filter :find_shixun, :except => [ :index, :new, :create, :index, :search, :shixun_courses, :new_disscuss, :shixun_migrate, :qrcode, :download_file, :departments, :get_mirror_script, :send_message_to_administrator] before_filter :find_shixun, :except => [ :index, :new, :create, :index, :search, :shixun_courses, :new_disscuss, :shixun_migrate, :qrcode, :download_file, :departments, :get_mirror_script, :send_message_to_administrator]
skip_before_filter :verify_authenticity_token, :only => [:ghook, :download_file] skip_before_filter :verify_authenticity_token, :only => [:ghook, :download_file]
before_filter :view_allow, :only => [:show, :collaborators, :propaedeutics, :shixun_discuss, :ranking_list] before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy] before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy]
before_filter :validation_email, :only => [:new] before_filter :validation_email, :only => [:new]
# 移动云ToC模式权限控制
# before_filter :ecloud_auth, :except => [:show, :index]
include ApplicationHelper include ApplicationHelper
include ShixunsHelper include ShixunsHelper

@ -1,8 +1,8 @@
# encoding: utf-8 # encoding: utf-8
class SubjectsController < ApplicationController class SubjectsController < ApplicationController
layout 'base_subject' layout 'base_subject'
before_filter :require_login, :except => [:show] before_filter :require_login, :except => [:show, :index]
before_filter :check_authentication, :except => [:show] before_filter :check_authentication, :except => [:show, :index]
before_filter :find_subject, :except => [:index, :new, :create, :create_subject, :new_subject, :append_to_stage, :send_to_course] before_filter :find_subject, :except => [:index, :new, :create, :create_subject, :new_subject, :append_to_stage, :send_to_course]
include ApplicationHelper include ApplicationHelper

@ -340,9 +340,6 @@ module ApplicationHelper
# TPM查看权限 # TPM查看权限
# result一般为页面权限 # result一般为页面权限
def shixun_view_allow shixun, result = nil def shixun_view_allow shixun, result = nil
if params[:openi].to_i == 1
result ? false : true
else
if User.current.manager_of_shixun?(shixun) if User.current.manager_of_shixun?(shixun)
result ? false : true result ? false : true
else else
@ -351,7 +348,6 @@ module ApplicationHelper
end end
end end
end end
end
# 判断TPM的代码是否被修改了 # 判断TPM的代码是否被修改了
# 判断依据是看tpm的最新提交记录和tpi数据库中存储的commit_id是否一致 # 判断依据是看tpm的最新提交记录和tpi数据库中存储的commit_id是否一致
@ -619,7 +615,7 @@ module ApplicationHelper
redirect_to user_info_path() redirect_to user_info_path()
Rails.logger.info("check_authentication end") Rails.logger.info("check_authentication end")
return return
elsif User.current.certification != 1 elsif User.current.certification != 1 # 系统没有授权
day_cer = UserDayCertification.where(:user_id => User.current.id).last day_cer = UserDayCertification.where(:user_id => User.current.id).last
unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
redirect_to my_account_path() redirect_to my_account_path()

@ -1,3 +1,4 @@
# ket值license表示人数对应企业版duration表示月数对应个人版
class EcloudServieceServicepara < ActiveRecord::Base class EcloudServieceServicepara < ActiveRecord::Base
attr_accessible :key, :value, :ecloud_service_id attr_accessible :key, :value, :ecloud_service_id
belongs_to :ecloud_service belongs_to :ecloud_service

Loading…
Cancel
Save