From 6b6fd2906fa479ee3bb4fbdbb4c25cb882b933f4 Mon Sep 17 00:00:00 2001 From: z9hang Date: Mon, 14 Jul 2014 09:18:31 +0800 Subject: [PATCH 1/4] =?UTF-8?q?=E7=AB=9E=E8=B5=9B=E5=88=97=E8=A1=A8?= =?UTF-8?q?=E3=80=82=E8=B4=B4=E5=90=A7=E5=88=97=E8=A1=A8=E7=9A=84=E9=9D=9E?= =?UTF-8?q?=E7=A9=BA=E5=88=A4=E6=96=AD=20=E6=95=B0=E6=8D=AE=E8=BF=81?= =?UTF-8?q?=E7=A7=BB=E6=8A=A5=E9=94=99=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/first_page.rb | 3 ++- app/views/contests/_contest_list.html.erb | 12 ++++++++++-- app/views/forums/_forum_list.html.erb | 6 +++++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/app/models/first_page.rb b/app/models/first_page.rb index 8d8bbcff6..fcb76972c 100644 --- a/app/models/first_page.rb +++ b/app/models/first_page.rb @@ -1,3 +1,4 @@ class FirstPage < ActiveRecord::Base - attr_accessible :description, :title, :web_title + attr_accessible :description, :title, :web_title,:page_type end + l \ No newline at end of file diff --git a/app/views/contests/_contest_list.html.erb b/app/views/contests/_contest_list.html.erb index 8b5e34975..61dd6192c 100644 --- a/app/views/contests/_contest_list.html.erb +++ b/app/views/contests/_contest_list.html.erb @@ -2,11 +2,19 @@ <% contests.each do |contest|%> - +
<%= link_to(image_tag(url_to_avatar(contest.author), :class => 'avatar'), user_path(contest.author), :class => "avatar") %> + <% unless contest.author.nil? %> + <%= link_to(image_tag(url_to_avatar(contest.author), :class => 'avatar'), user_path(contest.author), :class => "avatar") %> + <% end %> + - +
<%= link_to(contest.author, user_path(contest.author), :class => 'bid_user') %>:  <%= link_to(contest.name, show_contest_contest_path(contest), :class => 'bid_path', :target => "_blank") %> + <% unless contest.author.nil? %> + <%= link_to(contest.author, user_path(contest.author), :class => 'bid_user') %>: + <% end %> +  <%= link_to(contest.name, show_contest_contest_path(contest), :class => 'bid_path', :target => "_blank") %>
diff --git a/app/views/forums/_forum_list.html.erb b/app/views/forums/_forum_list.html.erb index 0bbb0ddd4..2b8f98494 100644 --- a/app/views/forums/_forum_list.html.erb +++ b/app/views/forums/_forum_list.html.erb @@ -3,7 +3,11 @@ <% if forums.any? %> <% forums.each do |forum| %>
-
<%= link_to image_tag(url_to_avatar(forum.creator), :class => "avatar"), user_path(forum.creator) %>
+
+ <% unless forum.creator.nil? %> + <%= link_to image_tag(url_to_avatar(forum.creator), :class => "avatar"), user_path(forum.creator) %> + <% end %> +

<%= link_to h(forum.name), forum_path(forum) %>

<%= forum.description%>

From 98ddd6940db34d784060734b70122beddbee3f1a Mon Sep 17 00:00:00 2001 From: z9hang Date: Mon, 14 Jul 2014 09:31:55 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/first_page.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/app/models/first_page.rb b/app/models/first_page.rb index fcb76972c..b284c8fdc 100644 --- a/app/models/first_page.rb +++ b/app/models/first_page.rb @@ -1,4 +1,3 @@ class FirstPage < ActiveRecord::Base attr_accessible :description, :title, :web_title,:page_type end - l \ No newline at end of file From 87b623bc51e9680b60b1c766b6aaec75a5619451 Mon Sep 17 00:00:00 2001 From: nwb Date: Mon, 14 Jul 2014 10:44:07 +0800 Subject: [PATCH 3/4] =?UTF-8?q?1.=E6=96=87=E6=A1=A3=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E5=AF=86=E7=BA=A7=E8=AE=BE=E7=BD=AE=202.=E6=96=B0=E5=BB=BA?= =?UTF-8?q?=E6=96=87=E6=A1=A3=E3=80=81=E4=BF=AE=E6=94=B9=E6=96=87=E6=A1=A3?= =?UTF-8?q?=E8=A7=86=E5=9B=BE=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/models/document.rb | 2 +- app/views/documents/_form.html.erb | 5 ++++- config/locales/en.yml | 1 + config/locales/zh.yml | 1 + ...140714021812_add_is_public_to_documents.rb | 5 +++++ db/schema.rb | 22 +++---------------- 6 files changed, 15 insertions(+), 21 deletions(-) create mode 100644 db/migrate/20140714021812_add_is_public_to_documents.rb diff --git a/app/models/document.rb b/app/models/document.rb index 7c2730682..661949ca9 100644 --- a/app/models/document.rb +++ b/app/models/document.rb @@ -39,7 +39,7 @@ class Document < ActiveRecord::Base includes(:project).where(Project.allowed_to_condition(args.shift || User.current, :view_documents, *args)) } - safe_attributes 'category_id', 'title', 'description' + safe_attributes 'category_id', 'title', 'description','is_public' def visible?(user=User.current) !user.nil? && user.allowed_to?(:view_documents, project) diff --git a/app/views/documents/_form.html.erb b/app/views/documents/_form.html.erb index 53d8fc3bb..72361b9ab 100644 --- a/app/views/documents/_form.html.erb +++ b/app/views/documents/_form.html.erb @@ -1,7 +1,10 @@ <%= error_messages_for @document %>
-

<%= f.select :category_id, DocumentCategory.active.collect {|c| [c.name, c.id]} %>

+

<%= f.select :category_id, DocumentCategory.active.collect {|c| [c.name, c.id]} %>

+

<%= f.check_box :is_public, :style => "margin-left:10px;" %> + <%= l(:label_document_public_info) %> +

<%= f.text_field :title, :required => true, :size => 60 %>

<%= f.text_area :description, :cols => 60, :rows => 15, :class => 'wiki-edit' %>

diff --git a/config/locales/en.yml b/config/locales/en.yml index 6566564c9..db673c69c 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -537,6 +537,7 @@ en: label_document_new: New document label_document_plural: Documents label_document_added: Document added + label_document_public_info: "If you don't choose public, only the project's members can see the document." label_role: Role label_role_plural: Roles label_role_new: New role diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 1be9e7b20..36d89da10 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -533,6 +533,7 @@ zh: label_document_new: 新建文档 label_document_plural: 文档 label_document_added: 文档已添加 + label_document_public_info: (打钩为公开,不打钩则不公开,若不公开,仅项目成员可见该文档。) label_role: 角色 label_role_plural: 角色 label_role_new: 新建角色 diff --git a/db/migrate/20140714021812_add_is_public_to_documents.rb b/db/migrate/20140714021812_add_is_public_to_documents.rb new file mode 100644 index 000000000..2c21c7d03 --- /dev/null +++ b/db/migrate/20140714021812_add_is_public_to_documents.rb @@ -0,0 +1,5 @@ +class AddIsPublicToDocuments < ActiveRecord::Migration + def change + add_column :documents, :is_public, :integer,:default => 1 + end +end diff --git a/db/schema.rb b/db/schema.rb index f63f3cb46..109c1f189 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,11 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -<<<<<<< HEAD -ActiveRecord::Schema.define(:version => 20140710030426) do -======= -ActiveRecord::Schema.define(:version => 20140708023356) do ->>>>>>> 056f86caad29ca95632d9da9e1e616cd00e2349a +ActiveRecord::Schema.define(:version => 20140714021812) do create_table "activities", :force => true do |t| t.integer "act_id", :null => false @@ -383,6 +379,7 @@ ActiveRecord::Schema.define(:version => 20140708023356) do t.text "description" t.datetime "created_on" t.integer "user_id", :default => 0 + t.integer "is_public", :default => 1 end add_index "documents", ["category_id"], :name => "index_documents_on_category_id" @@ -799,7 +796,7 @@ ActiveRecord::Schema.define(:version => 20140708023356) do end create_table "relative_memos", :force => true do |t| - t.integer "osp_id", :null => false + t.integer "osp_id" t.integer "parent_id" t.string "subject", :null => false t.text "content", :null => false @@ -836,19 +833,6 @@ ActiveRecord::Schema.define(:version => 20140708023356) do add_index "repositories", ["project_id"], :name => "index_repositories_on_project_id" - create_table "rich_rich_files", :force => true do |t| - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "rich_file_file_name" - t.string "rich_file_content_type" - t.integer "rich_file_file_size" - t.datetime "rich_file_updated_at" - t.string "owner_type" - t.integer "owner_id" - t.text "uri_cache" - t.string "simplified_type", :default => "file" - end - create_table "roles", :force => true do |t| t.string "name", :limit => 30, :default => "", :null => false t.integer "position", :default => 1 From 0031f90c649f95ee856a3eae67971f654f77f15d Mon Sep 17 00:00:00 2001 From: nwb Date: Mon, 14 Jul 2014 11:31:24 +0800 Subject: [PATCH 4/4] =?UTF-8?q?1.=E8=AF=BE=E7=A8=8B=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E4=B8=AD=E7=9A=84=E7=A7=81=E6=9C=89=E7=9A=84=E8=B5=84=E6=BA=90?= =?UTF-8?q?=E3=80=81=E6=96=87=E6=A1=A3=E8=BF=9B=E8=A1=8C=E6=9D=83=E9=99=90?= =?UTF-8?q?=E5=88=A4=E6=96=AD=202.=E9=A1=B9=E7=9B=AE=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E4=B8=AD=E7=9A=84=E7=A7=81=E6=9C=89=E7=9A=84=E8=B5=84=E6=BA=90?= =?UTF-8?q?=E3=80=81=E6=96=87=E6=A1=A3=E8=BF=9B=E8=A1=8C=E6=9D=83=E9=99=90?= =?UTF-8?q?=E5=88=A4=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/courses_controller.rb | 8 +++++++- app/controllers/documents_controller.rb | 9 +++++++++ app/controllers/projects_controller.rb | 10 ++++++++-- app/models/attachment.rb | 5 ++++- app/models/document.rb | 3 ++- .../lib/acts_as_activity_provider.rb | 7 ++++++- lib/redmine/activity/fetcher.rb | 2 ++ 7 files changed, 38 insertions(+), 6 deletions(-) diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb index 27851e435..a38d9f9c8 100644 --- a/app/controllers/courses_controller.rb +++ b/app/controllers/courses_controller.rb @@ -630,7 +630,13 @@ class CoursesController < ApplicationController :with_subprojects => false, :author => @author) @activity.scope_select {|t| has["show_#{t}"]} - events = @activity.events(@date_from, @date_to) + # modify by nwb + # 添加私密性判断 + if User.current.member_of_course?(@course)|| User.current.admin? + events = @activity.events(@date_from, @date_to) + else + events = @activity.events(@date_from, @date_to, :is_public => 1) + end @offset, @limit = api_offset_and_limit({:limit => 10}) @events_count = events.count diff --git a/app/controllers/documents_controller.rb b/app/controllers/documents_controller.rb index 464c4a2b8..89bd9dc92 100644 --- a/app/controllers/documents_controller.rb +++ b/app/controllers/documents_controller.rb @@ -23,6 +23,7 @@ class DocumentsController < ApplicationController before_filter :find_model_object, :except => [:index, :new, :create] before_filter :find_project_from_association, :except => [:index, :new, :create] before_filter :authorize , :except => [:index]#Added by young + before_filter :authorize_document helper :attachments @@ -100,4 +101,12 @@ class DocumentsController < ApplicationController end redirect_to document_path(@document) end + + # 权限判断 + # add by nwb + def authorize_document + if !(User.current.admin? || User.current.member_of?(@project) || @document.is_public==1) + render_403 :message => :notice_not_authorized + end + end end diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index a840ee934..1d3f0ec42 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -697,8 +697,14 @@ class ProjectsController < ApplicationController @activity.scope_select {|t| !has["show_#{t}"].nil?} # logger.debug "=========================================#{@activity.scope}" # @activity.scope = (@author.nil? ? :default : :all) if @activity.scope.empty? - #Added by young - events = @activity.events(@date_from, @date_to) + + # modify by nwb + # 添加私密性判断 + if User.current.member_of?(@project)|| User.current.admin? + events = @activity.events(@date_from, @date_to) + else + events = @activity.events(@date_from, @date_to, :is_public => 1) + end @offset, @limit = api_offset_and_limit({:limit => 10}) @events_count = events.count diff --git a/app/models/attachment.rb b/app/models/attachment.rb index 0eb3e7666..b301ba73c 100644 --- a/app/models/attachment.rb +++ b/app/models/attachment.rb @@ -39,19 +39,22 @@ class Attachment < ActiveRecord::Base #课程资源文件 acts_as_activity_provider :type => 'course_files', + :is_public => 'attachments.is_public', :permission => :view_files, :author_key => :author_id, :find_options => {:select => "#{Attachment.table_name}.*", :joins => "LEFT JOIN #{Course.table_name} ON ( #{Attachment.table_name}.container_type='Course' AND #{Attachment.table_name}.container_id = #{Course.table_name}.id )"} acts_as_activity_provider :type => 'files', + :is_public => 'attachments.is_public', :permission => :view_files, :author_key => :author_id, - :find_options => {:select => "#{Attachment.table_name}.*", + :find_options => { :select => "#{Attachment.table_name}.*", :joins => "LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " + "LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )"} acts_as_activity_provider :type => 'documents', + :is_public => 'documents.is_public', :permission => :view_documents, :author_key => :author_id, :find_options => {:select => "#{Attachment.table_name}.*", diff --git a/app/models/document.rb b/app/models/document.rb index 661949ca9..5cfce896b 100644 --- a/app/models/document.rb +++ b/app/models/document.rb @@ -30,7 +30,8 @@ class Document < ActiveRecord::Base acts_as_event :title => Proc.new {|o| "#{l(:label_document)}: #{o.title}"}, :author => Proc.new {|o| o.attachments.reorder("#{Attachment.table_name}.created_on ASC").first.try(:author) }, :url => Proc.new {|o| {:controller => 'documents', :action => 'show', :id => o.id}} - acts_as_activity_provider :find_options => {:include => :project} + acts_as_activity_provider :find_options => {:include => :project}, + :is_public => 'documents.is_public' validates_presence_of :project, :title, :category validates_length_of :title, :maximum => 60 diff --git a/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb b/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb index 3875d5c04..e671c3e22 100644 --- a/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb +++ b/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb @@ -29,7 +29,7 @@ module Redmine send :include, Redmine::Acts::ActivityProvider::InstanceMethods end - options.assert_valid_keys(:type, :permission, :timestamp, :author_key, :find_options, :func) + options.assert_valid_keys(:type, :permission, :timestamp, :author_key, :find_options, :func,:is_public) self.activity_provider_options ||= {} # One model can provide different event types @@ -65,6 +65,11 @@ module Redmine scope = scope.scoped(:conditions => ["#{provider_options[:author_key]} = ?", options[:author].id]) end + # add by nwb + if options[:is_public] && !provider_options[:is_public].nil? + scope = scope.scoped(:conditions => ["#{provider_options[:is_public]} = ?", options[:is_public]]) + end + if options[:limit] # id and creation time should be in same order in most cases scope = scope.scoped(:order => "#{table_name}.id DESC", :limit => options[:limit]) diff --git a/lib/redmine/activity/fetcher.rb b/lib/redmine/activity/fetcher.rb index b95ae2bc3..2caef48b8 100644 --- a/lib/redmine/activity/fetcher.rb +++ b/lib/redmine/activity/fetcher.rb @@ -82,6 +82,8 @@ module Redmine def events(from = nil, to = nil, options={}) e = [] @options[:limit] = options[:limit] + # modify by nwb + @options[:is_public] = options[:is_public] @scope.each do |event_type| constantized_providers(event_type).each do |provider|