hushasha
/
trustieforge
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

作业增加成员、删除成员增加权限控制

Browse Source
president
sw 11 years ago
parent 43736ba8d6
commit 19fc84afee
1 changed files with 35 additions and 28 deletions
Show Stats Download Patch File Download Diff File

63
app/controllers/homework_attach_controller.rb
Unescape View File

@ -2,7 +2,7 @@ class HomeworkAttachController < ApplicationController
############################### ###############################
#判断当前角色权限时需先找到当前操作的project #判断当前角色权限时需先找到当前操作的project
before_filter :find_project_by_bid_id, :only => [:new] before_filter :find_project_by_bid_id, :only => [:new]
before_filter :find_project_by_hoemwork_id, :only => [:edit,:update,:destroy] before_filter :find_project_by_hoemwork_id, :only => [:edit,:update,:destroy,:show,:add_homework_users,:destory_homework_users]
#判断当前角色是否有操作权限 #判断当前角色是否有操作权限
#勿删 before_filter :authorize, :only => [:new,:edit,:update,:destroy] #勿删 before_filter :authorize, :only => [:new,:edit,:update,:destroy]
@ -28,36 +28,43 @@ class HomeworkAttachController < ApplicationController
#作业添加成员(参与人员) #作业添加成员(参与人员)
def add_homework_users def add_homework_users
@homework = HomeworkAttach.find(params[:id]) if User.current.admin? || User.current == @homework.user
#@homework = HomeworkAttach.find(params[:id])
if params[:membership] if params[:membership]
if params[:membership][:user_ids] if params[:membership][:user_ids]
attrs = params[:membership].dup attrs = params[:membership].dup
user_ids = attrs.delete(:user_ids) user_ids = attrs.delete(:user_ids)
user_ids.each do |user_id| user_ids.each do |user_id|
@homework.homework_users.build(:user_id => user_id) @homework.homework_users.build(:user_id => user_id)
end
end end
end end
end @homework.save
@homework.save @hoemwork_users = users_for_homework(@homework)
@hoemwork_users = users_for_homework(@homework) @members = members_for_homework(@homework,@hoemwork_users,params[:q])
@members = members_for_homework(@homework,@hoemwork_users,params[:q]) @members = paginateHelper @members,10
@members = paginateHelper @members,10 respond_to do |format|
respond_to do |format| format.js
format.js end
else
render_403 :message => :notice_not_authorized
end end
end end
#作业删除成员(参与人员) #作业删除成员(参与人员)
def destory_homework_users def destory_homework_users
@homework = HomeworkAttach.find(params[:id]) #@homework = HomeworkAttach.find(params[:id])
homework_user = @homework.homework_users.where("user_id = #{params[:user_id]}").first if User.current.admin? || User.current == @homework.user
homework_user.destroy homework_user = @homework.homework_users.where("user_id = #{params[:user_id]}").first
@hoemwork_users = users_for_homework(@homework) homework_user.destroy
@members = members_for_homework(@homework,@hoemwork_users,params[:q]) @hoemwork_users = users_for_homework(@homework)
@members = paginateHelper @members,10 @members = members_for_homework(@homework,@hoemwork_users,params[:q])
respond_to do |format| @members = paginateHelper @members,10
format.js respond_to do |format|
format.js
end
else
render_403 :message => :notice_not_authorized
end end
end end
@ -155,7 +162,7 @@ class HomeworkAttachController < ApplicationController
end end
def edit def edit
@homework = HomeworkAttach.find(params[:id]) #@homework = HomeworkAttach.find(params[:id])
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first) if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
#@members = @homework.bid.courses.first.members.joins(:member_roles).where("member_roles.role_id IN (:role_id)", {:role_id => [5, 10]}) #@members = @homework.bid.courses.first.members.joins(:member_roles).where("member_roles.role_id IN (:role_id)", {:role_id => [5, 10]})
@hoemwork_users = users_for_homework(@homework) @hoemwork_users = users_for_homework(@homework)
@ -167,7 +174,7 @@ class HomeworkAttachController < ApplicationController
end end
def update def update
@homework = HomeworkAttach.find(params[:id]) #@homework = HomeworkAttach.find(params[:id])
course = @homework.bid.courses.first course = @homework.bid.courses.first
if User.current.admin? || User.current.member_of?(course) if User.current.admin? || User.current.member_of?(course)
name = params[:homework_name] name = params[:homework_name]
@ -190,7 +197,7 @@ class HomeworkAttachController < ApplicationController
end end
def destroy def destroy
@homework = HomeworkAttach.find(params[:id]) #@homework = HomeworkAttach.find(params[:id])
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first) if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
if @homework.destroy if @homework.destroy
respond_to do |format| respond_to do |format|
@ -206,7 +213,7 @@ class HomeworkAttachController < ApplicationController
#显示作业信息 #显示作业信息
def show def show
@homework = HomeworkAttach.find(params[:id]) #@homework = HomeworkAttach.find(params[:id])
if User.current.admin? || User.current.member_of?(@homework.bid.courses.first) if User.current.admin? || User.current.member_of?(@homework.bid.courses.first)
# 打分统计 # 打分统计
stars_reates = @homework. stars_reates = @homework.

Write Preview
Loading…
Cancel
Save