From d81240e63cf0afdbb13832f2cfde70c83e137ad4 Mon Sep 17 00:00:00 2001 From: alan <547533434@qq.com> Date: Mon, 22 Dec 2014 01:29:53 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E3=80=8A=E5=85=B3=E6=B3=A8?= =?UTF-8?q?=E8=80=81=E5=B8=88=E5=90=8E=EF=BC=8C=E8=80=81=E5=B8=88=E5=8F=91?= =?UTF-8?q?=E5=B8=83=E7=9A=84=E4=BD=9C=E4=B8=9A=E9=83=BD=E4=BC=9A=E5=9C=A8?= =?UTF-8?q?=E6=88=91=E4=B8=BB=E9=A1=B5=E7=9A=84=E5=8A=A8=E6=80=81=E4=B8=AD?= =?UTF-8?q?=E6=98=BE=E7=A4=BA=E5=87=BA=E6=9D=A5=EF=BC=8C=E8=8B=A5=E6=88=91?= =?UTF-8?q?=E6=9C=AA=E5=8A=A0=E5=85=A5=E8=AF=A5=E8=AF=BE=E7=A8=8B=E4=BD=86?= =?UTF-8?q?=E6=84=9F=E5=85=B4=E8=B6=A3=E7=82=B9=E5=87=BB=E5=90=8E=E8=BF=94?= =?UTF-8?q?=E5=9B=9E403=E9=A1=B5=E9=9D=A2=EF=BC=8C=E6=8F=90=E7=A4=BA?= =?UTF-8?q?=E4=B8=8D=E5=A4=9F=E4=BA=BA=E6=80=A7=E5=8C=96=E3=80=8Bbug=20Sig?= =?UTF-8?q?ned-off-by:=20alan=20<547533434@qq.com>?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/application_controller.rb | 19 ++++--- app/controllers/users_controller.rb | 9 ++- app/views/users/show.html.erb | 67 ++++++++++++++++------- 3 files changed, 68 insertions(+), 27 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 78ac4d208..54346c0cc 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -236,13 +236,7 @@ class ApplicationController < ActionController::Base # Authorize the user for the requested action def authorize(ctrl = params[:controller], action = params[:action], global = false) #modify by NWB - if @project - allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global) - elsif @course - allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @course || @courses, :global => global) - else - allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global) - end + allowed = authorize_allowed(params[:controller], params[:action],global) if allowed true @@ -255,6 +249,17 @@ class ApplicationController < ActionController::Base end end + def authorize_allowed(ctrl = params[:controller], action = params[:action], global = false) + #modify by NWB + if @project + allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global) + elsif @course + allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @course || @courses, :global => global) + else + allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project || @projects, :global => global) + end + allowed + end def authorize_attachment_download(ctrl = params[:controller], action = params[:action], global = false) case @attachment.container_type when "Memo" diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 4049c2ae8..410818fdb 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -433,9 +433,16 @@ class UsersController < ApplicationController else activity = Activity.where(where_condition).where('user_id = ?', @user.id).order('id desc') end + activity = activity.reject { |e| + ((e.act_type=="Issue") && ( !e.act.visible?(User.current))) || + ((e.act_type == "Journal") && (!e.act.project.visible?(User.current))) || + ((e.act_type == "Bid") && (e.act.homework_for_courses.count > 0 && + (!e.act.homework_for_courses.first.course.visible?(User.current) || + !User.current.member_of_course?(e.act.homework_for_courses.first.course) || !User.current.admin?))) + } @activity_count = activity.count @activity_pages = Paginator.new @activity_count, pre_count, params['page'] - @activity = activity.offset(@activity_pages.offset).limit(@activity_pages.per_page).all + @activity = activity.slice(@activity_pages.offset,@activity_pages.per_page) @state = 0 end diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb index 28994fe29..aac2c72b4 100644 --- a/app/views/users/show.html.erb +++ b/app/views/users/show.html.erb @@ -46,9 +46,10 @@ <% act = e.act %> <% unless act.nil? %> <% if e.act_type == 'JournalsForMessage' || e.act_type == 'Bid' || e.act_type == 'Journal'|| e.act_type == 'Changeset' || e.act_type == 'Message' || e.act_type == 'Principal' || e.act_type == 'News' || e.act_type == 'Issue' || e.act_type == 'Contest'%> - + +
- <% when 'Issue' %> - - <% if e.user == User.current %> + <% if e.user == User.current %> + + - <% else %> - - <% end %> + + + + + + + + <% else %> + + + <% end %> + <% when 'Contest' %> <% if e.user == User.current && @show_contest == 1%> @@ -531,7 +558,9 @@
+ <%= image_tag(url_to_avatar(e.user), :class => "avatar") %> @@ -430,8 +431,9 @@
<%= link_to("#{l(:label_i)}", user_path(e.user_id)) %> @@ -445,20 +447,42 @@ :action => 'show', :id => act.id} %> - - <%= link_to(h(e.user), user_path(e.user_id)) %> -   - - <%= l(:label_new_activity) %> -   - <%= link_to format_activity_title("#{act.source_from} (#{act.status}): #{act.tracker.name} #{act.subject}"), - {:controller => 'issues', - :action => 'show', - :id => act.id} %> -
+ <%= textAreailizable act, :description %> +
+
+ + <%= (l(:label_update_time).to_s << ':' << format_time(e.act.created_on)).to_s %> + +
+
+ + <%= link_to l(:label_find_all_comments), {:controller => 'issues', :action => 'show', :id => act.id} %> + + + <%= l(:label_comments_count, :count => e.act.journals.count) %> + +
+
+ + <%= link_to(h(e.user), user_path(e.user_id)) %> +   + + <%= l(:label_new_activity) %> +   + <%= link_to format_activity_title("#{act.source_from} (#{act.status}): #{act.tracker.name} #{act.subject}"), + {:controller => 'issues', + :action => 'show', + :id => act.id} %> +
@@ -482,6 +506,9 @@
- <% end %> + + + <% end %> <% end %> <% end %>