Merge branch 'develop' of https://bdgit.educoder.net/Hjqreturn/pgfqe6ch8 into develop

6 years ago · 44bd6bfd8a
parent cb212407fc 3b4714af23
commit 44bd6bfd8a
6 changed files with 64 additions and 53 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -76,48 +76,59 @@ class ApplicationController < ActionController::Base
  # 包月+按license	9200109002

  # 云启训练场（EduCoder））院校版	产品编码（appId）	9200109
-  def ecloud_auth subject_id
-    # euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
-    # if euser.present?  # 开通过业务
-    #   # 获取用户的套餐信息
-    #   e_service = euser.ecloud_services.where("opttype != 1")
-    #   # 如果用户开通过服务
-    #   if e_service.present?
-    #     if e_service.count >1 # 说明有重复开通过业务
-    #     else
-    #       code = e_service.first.try(:code)
-    #
-    #     end
-    #   end
-    #   else
-    #     false # 没开通过服务，或者服务被禁用则不允许访问
-    #   end
-    #
-    #
-    #
-    #
-    #   if e_service.count > 1  # 说明有重复订购过套餐
-    #   else
-    #     code = e_service.try(:code)
-    #   end
-    #   service_count = euser.ecloud_services.where("opttype != 1").try(:code)
-    #
-    # end
+
  # 如果不是Ecloud过来的用户，则不改变用户的使用状态及权限，按现有模式即可
+  def ecloud_auth
+    euser = EcloudUser.where("userid =? and opttype not in(3, 5)", User.current.id).first
+
+    if euser.present?  # 开通过业务
+      # 获取用户的套餐信息
+      e_services = euser.ecloud_services.where("opttype != 1").order("ecloud_services.code desc")
+      # 如果用户开通过服务
+      if e_services.present?
+        if e_services.count > 1 # 说明有重复开通过业务
+          # 开通多业务的话，以最大的套餐排序，如果最大套餐还可以用，则直接返回true，如果最大套餐不能用，则轮询返回，直到找到可用的套餐
+          e_services.each do |e_service|
+            # 使用期限内套餐才有效
+            ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
+          end
+        else
+          # 先看套餐，再看时间区间
+          e_service = e_services.first
+          ecloud_services_auth(e_service.code, e_service.begintime, e_service.endtime)
+        end
+      else
+        false # 没开通过服务，或者服务被禁用则不允许访问
+      end
+    end
  end

  # 根据业务确定权限
-  def ecloud_services_auth code, subject_id
-    subject = Subject.find(subject_id)
-    subject_level = subject.subject_level_system.try(:level)
-    # case code
-    #   when "9200108001"
-    #      subject_level.to_i == 1 ? true : false
-    #   when "9200108002"
-    #
-    #   end
-    # end
-
+  def ecloud_services_auth code, begintime, endtime
+    # 如果当前实训不在实训课堂等级体系中，则不允许访问
+    subject_id = @shixun.stage_shixuns.map(&:subject_id)
+    if subject_id.blank?
+      render_403
+    end
+    subject_level = Subject.find(subject_id).subject_level_system.try(:level)
+    # 当前时间转毫秒
+    current_time = DateTime.now.strftime('%Q').to_i
+    if current_time - begintime > 0 && endtime - current_time > 0
+      case code
+        when "9200108001"
+          subject_level.to_i == 1 ? true : false
+        when "9200108002"
+          subject_level.to_i == 2 ? true : false
+        when "9200108003"
+          subject_level.to_i == 3 ? true : false
+        when "9200109001" # 企业用户
+          subject_level.to_i < 3 ? true : false
+        when "9200109002" # 企业用户
+          subject_level.to_i <= 3 ? true : false
+      end
+    else
+      false
+    end
  end


--- a/app/controllers/challenges_controller.rb
+++ b/app/controllers/challenges_controller.rb
@ -13,7 +13,7 @@ class ChallengesController < ApplicationController
  skip_before_filter :verify_authenticity_token, :only => [:create_choose_question, :update_choose_question]
  #before_filter :find_shixun_language, :only => [:show, :new, :edit]
  before_filter :base_index, :only => [:index, :index_down, :index_up, :destroy]
-  before_filter :view_allow, :only => [:index, :show]
+  before_filter :view_allow, :only => [:show]

  include ApplicationHelper

--- a/app/controllers/shixuns_controller.rb
+++ b/app/controllers/shixuns_controller.rb
@ -2,13 +2,16 @@
 # REDO: 创建版本库权限控制
 class ShixunsController < ApplicationController
  layout 'base_shixun'
-  before_filter :require_login, :except => [:ghook, :download_file]
-  before_filter :check_authentication, :except => [:ghook, :download_file]
+  before_filter :require_login, :except => [:ghook, :download_file, :show, :index]
+  before_filter :check_authentication, :except => [:ghook, :download_file, :show, :index]
  before_filter :find_shixun, :except => [ :index, :new, :create, :index, :search, :shixun_courses, :new_disscuss, :shixun_migrate, :qrcode, :download_file, :departments, :get_mirror_script, :send_message_to_administrator]
+
  skip_before_filter :verify_authenticity_token, :only => [:ghook, :download_file]
-  before_filter :view_allow, :only => [:show, :collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
+  before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
  before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy]
  before_filter :validation_email, :only => [:new]
+  # 移动云ToC模式权限控制
+  # before_filter :ecloud_auth, :except => [:show, :index]

  include ApplicationHelper
  include ShixunsHelper
--- a/app/controllers/subjects_controller.rb
+++ b/app/controllers/subjects_controller.rb
@ -1,8 +1,8 @@
 # encoding: utf-8
 class SubjectsController < ApplicationController
  layout 'base_subject'
-  before_filter :require_login, :except => [:show]
-  before_filter :check_authentication, :except => [:show]
+  before_filter :require_login, :except => [:show, :index]
+  before_filter :check_authentication, :except => [:show, :index]
  before_filter :find_subject, :except => [:index, :new, :create, :create_subject, :new_subject, :append_to_stage, :send_to_course]

  include ApplicationHelper
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -340,9 +340,6 @@ module ApplicationHelper
  # TPM查看权限
  # result一般为页面权限
  def shixun_view_allow shixun, result = nil
-    if params[:openi].to_i == 1
-      result ? false : true
-    else
    if User.current.manager_of_shixun?(shixun)
      result ? false : true
    else
@ -351,7 +348,6 @@ module ApplicationHelper
      end
    end
  end
-  end

  # 判断TPM的代码是否被修改了
  # 判断依据是看tpm的最新提交记录和tpi数据库中存储的commit_id是否一致
@ -619,7 +615,7 @@ module ApplicationHelper
      redirect_to user_info_path()
      Rails.logger.info("check_authentication end")
      return
-    elsif User.current.certification != 1
+    elsif User.current.certification != 1  # 系统没有授权
      day_cer = UserDayCertification.where(:user_id => User.current.id).last
      unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
        redirect_to my_account_path()
--- a/app/models/ecloud_serviece_servicepara.rb
+++ b/app/models/ecloud_serviece_servicepara.rb
@ -1,3 +1,4 @@
+# ket值，license表示人数，对应企业版；duration表示月数，对应个人版；
 class EcloudServieceServicepara < ActiveRecord::Base
  attr_accessible :key, :value, :ecloud_service_id
  belongs_to :ecloud_service