|
|
|
@ -256,16 +256,19 @@ class ApplicationController < ActionController::Base
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorize_attachment_download(ctrl = params[:controller], action = params[:action], global = false)
|
|
|
|
|
if @attachment.container_type == "Memo"
|
|
|
|
|
allowed = User.current.allowed_to?(:memos_attachments_download,nil,:global => true)
|
|
|
|
|
elsif @attachment.container_type == "Message" && !@project.nil?
|
|
|
|
|
allowed = User.current.allowed_to?(:projects_attachments_download,@project,:global => false)
|
|
|
|
|
elsif @attachment.container_type == "Message" && !@course.nil?
|
|
|
|
|
allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
|
|
|
|
|
elsif @attachment.container_type == "contest"
|
|
|
|
|
return true
|
|
|
|
|
else
|
|
|
|
|
return true
|
|
|
|
|
case @attachment.container_type
|
|
|
|
|
when "Memo"
|
|
|
|
|
allowed = User.current.allowed_to?(:memos_attachments_download,nil,:global => true)
|
|
|
|
|
when "Message"
|
|
|
|
|
if @project
|
|
|
|
|
allowed = User.current.allowed_to?(:projects_attachments_download,@project,:global => false)
|
|
|
|
|
elsif @course
|
|
|
|
|
allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
|
|
|
|
|
end
|
|
|
|
|
when "contest"
|
|
|
|
|
return true
|
|
|
|
|
else
|
|
|
|
|
return true
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if allowed
|
|
|
|
|