运营人员权限

app/controllers/application_controller.rb

@@ -362,6 +362,13 @@ class ApplicationController < ActionController::Base
     true
   end
 
+  # 运营人员
+  def require_business
+    unless (User.current.business? || User.current.admin?)
+      render_403
+    end
+  end
+
   def deny_access
     User.current.logged? ? render_403 : require_login
   end

app/controllers/courses_controller.rb

@@ -1635,7 +1635,7 @@ class CoursesController < ApplicationController
 
     @course_modules = @course.course_modules.where(:hidden => 0)
     course_module_type = @course_modules.map(&:module_type)
-    @is_teacher = User.current.allowed_to?(:as_teacher,@course) || User.current.admin?
+    @is_teacher = User.current.allowed_to?(:as_teacher,@course) || User.current.admin? || User.current.business?
     if User.current.member_of_course?(@course) && !@is_teacher
       member = @course.members.where(:user_id => User.current.id).first
       if member.try(:course_group_id).to_i == 0

app/controllers/managements_controller.rb

@@ -1,6 +1,6 @@
 # encoding: utf-8
 class ManagementsController < ApplicationController
-  before_filter :require_admin
+  before_filter :require_business
   layout 'base_management'
   include ManagementsHelper
   include SortHelper
@@ -63,7 +63,6 @@ class ManagementsController < ApplicationController
   # 工程认证视频导入模板
   def ec_template
     @template = EcTemplate.where(nil)
-
   end
 
   def add_template

app/controllers/shixuns_controller.rb

@@ -10,6 +10,7 @@ class ShixunsController < ApplicationController
   before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
   before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy]
   before_filter :validation_email, :only => [:new]
+  before_filter :require_admin, :only => [:destroy]
   # 移动云ToC模式权限控制
   # before_filter :ecloud_auth, :except => [:show, :index]
 

app/controllers/users_controller.rb

@@ -274,7 +274,7 @@ class UsersController < ApplicationController
 
   # 私信
   def private_messages
-    if User.current == @user || User.current.admin?
+    if User.current == @user || User.current.admin? || User.current.business?
       @onclick_time = User.current.onclick_time.onclick_time
       User.current.onclick_time.update_attribute(:onclick_time, Time.now)
       @messages = PrivateMessage.find_by_sql("SELECT ui.* FROM (SELECT * FROM private_messages WHERE STATUS != 2 AND user_id = #{@user.id} ORDER BY id DESC) ui GROUP BY ui.target_id ORDER BY ui.send_time DESC")

app/models/open_source_project.rb

@@ -121,13 +121,6 @@ class OpenSourceProject < ActiveRecord::Base
     ApplyProjectMaster.delete_all "apply_type = '#{self.class}' AND apply_id = #{self.id} AND user_id = #{user.id}"
   end
 
-  def admin?(user)
-    if user.admin? or ApplyProjectMaster.find(:all, :conditions => ["user_id = ? and apply_type = 'OpenSourceProject' and apply_id = ? and status = ?", user.id, self.id, 2]).present?
-    return true
-    else
-    return false
-    end
-  end
 
   def reset_counters!
     self.class.reset_counters!(id)

app/services/games_service.rb

@@ -17,7 +17,7 @@ class GamesService
 
     myshixun = Myshixun.min.find(game.myshixun_id)
     shixun = Shixun.min.find(myshixun.shixun_id)
-    unless (myshixun.user_id == current_user.id || current_user.admin? || current_user.id == shixun.try(:user_id) || current_user.is_certification_teacher)
+    unless (myshixun.user_id == current_user.id || current_user.admin? || current_user.business? || current_user.id == shixun.try(:user_id) || current_user.is_certification_teacher)
       return{:status => 403}
     end
     game_challenge = Challenge.min.find(game.challenge_id)

db/migrate/20190426020414_add_business_to_user.rb

@@ -0,0 +1,5 @@
+class AddBusinessToUser < ActiveRecord::Migration
+  def change
+    add_column :users, :business, :boolean, :default => false
+  end
+end