运营人员权限

dev_partners
jingquan huang 6 years ago
parent 2651225563
commit 7104eee0c5

@ -362,6 +362,13 @@ class ApplicationController < ActionController::Base
true
end
# 运营人员
def require_business
unless (User.current.business? || User.current.admin?)
render_403
end
end
def deny_access
User.current.logged? ? render_403 : require_login
end

@ -1635,7 +1635,7 @@ class CoursesController < ApplicationController
@course_modules = @course.course_modules.where(:hidden => 0)
course_module_type = @course_modules.map(&:module_type)
@is_teacher = User.current.allowed_to?(:as_teacher,@course) || User.current.admin?
@is_teacher = User.current.allowed_to?(:as_teacher,@course) || User.current.admin? || User.current.business?
if User.current.member_of_course?(@course) && !@is_teacher
member = @course.members.where(:user_id => User.current.id).first
if member.try(:course_group_id).to_i == 0

@ -1,6 +1,6 @@
# encoding: utf-8
class ManagementsController < ApplicationController
before_filter :require_admin
before_filter :require_business
layout 'base_management'
include ManagementsHelper
include SortHelper
@ -63,7 +63,6 @@ class ManagementsController < ApplicationController
# 工程认证视频导入模板
def ec_template
@template = EcTemplate.where(nil)
end
def add_template

@ -10,6 +10,7 @@ class ShixunsController < ApplicationController
before_filter :view_allow, :only => [:collaborators, :propaedeutics, :shixun_discuss, :ranking_list]
before_filter :require_manager, :only => [ :settings, :add_script, :publish, :collaborators_delete, :shixun_members_added, :add_collaborators, :update, :destroy]
before_filter :validation_email, :only => [:new]
before_filter :require_admin, :only => [:destroy]
# 移动云ToC模式权限控制
# before_filter :ecloud_auth, :except => [:show, :index]

@ -274,7 +274,7 @@ class UsersController < ApplicationController
# 私信
def private_messages
if User.current == @user || User.current.admin?
if User.current == @user || User.current.admin? || User.current.business?
@onclick_time = User.current.onclick_time.onclick_time
User.current.onclick_time.update_attribute(:onclick_time, Time.now)
@messages = PrivateMessage.find_by_sql("SELECT ui.* FROM (SELECT * FROM private_messages WHERE STATUS != 2 AND user_id = #{@user.id} ORDER BY id DESC) ui GROUP BY ui.target_id ORDER BY ui.send_time DESC")

@ -121,13 +121,6 @@ class OpenSourceProject < ActiveRecord::Base
ApplyProjectMaster.delete_all "apply_type = '#{self.class}' AND apply_id = #{self.id} AND user_id = #{user.id}"
end
def admin?(user)
if user.admin? or ApplyProjectMaster.find(:all, :conditions => ["user_id = ? and apply_type = 'OpenSourceProject' and apply_id = ? and status = ?", user.id, self.id, 2]).present?
return true
else
return false
end
end
def reset_counters!
self.class.reset_counters!(id)

@ -17,7 +17,7 @@ class GamesService
myshixun = Myshixun.min.find(game.myshixun_id)
shixun = Shixun.min.find(myshixun.shixun_id)
unless (myshixun.user_id == current_user.id || current_user.admin? || current_user.id == shixun.try(:user_id) || current_user.is_certification_teacher)
unless (myshixun.user_id == current_user.id || current_user.admin? || current_user.business? || current_user.id == shixun.try(:user_id) || current_user.is_certification_teacher)
return{:status => 403}
end
game_challenge = Challenge.min.find(game.challenge_id)

@ -0,0 +1,5 @@
class AddBusinessToUser < ActiveRecord::Migration
def change
add_column :users, :business, :boolean, :default => false
end
end
Loading…
Cancel
Save