修改权限代码:判断用户是否为项目的管理员、判断用户是否为课程的老师、学生由根据role_id判断改为根据其权限判断

app/controllers/softapplications_controller.rb

@@ -108,11 +108,16 @@ class SoftapplicationsController < ApplicationController
     # @contesting_project_pages = Paginator.new @contesting_project_count, per_page_option, params['page']
     @membership.each do |membership|
       unless(membership.project.project_type==1)
-        membership.member_roles.each{|role|
+        #membership.member_roles.each{|role|
-          if(role.role_id == 3)
+        #  if(role.role_id == 3)
+        #  @option << membership.project
+        #  end
+        #}
+
+        #拥有编辑项目权限的可操作该项目
+        if User.current.allowed_to?({:controller => "projects", :action => "edit"}, membership.project, :global => false)
           @option << membership.project
-          end
+        end
-        }
       end
     end
     

app/helpers/bids_helper.rb

@@ -157,13 +157,24 @@ module BidsHelper
   end
   #当前用户是不是指定课程的学生
   def is_cur_course_student? course
-  people = []
+  #people = []
-  course.members.includes(:user, :roles).each do |member|
+  #course.members.includes(:user, :roles).each do |member|
-    if [5,10].include? member.roles.first.id
+  #  if [5,10].include? member.roles.first.id
-      people <<  member.user
+  #    people <<  member.user
+  #  end
+  #end
+  #people.include?(User.current)
+  #修改：能新建占位且不能新建任务的角色判定为学生
+  is_student = false
+  @membership = User.current.memberships.all(:conditions => Project.visible_condition(User.current))
+  @membership.each do |membership|
+    unless(membership.project.project_type==0)
+      if !User.current.allowed_to?({:controller => "projects", :action => "new_homework"}, membership.project, :global => false) && User.current.allowed_to?({:controller => "homework_attach", :action => "new"}, membership.project, :global => false)
+        is_student = true
+      end
     end
   end
-  people.include?(User.current)
+  is_student
   end
 
   # def select_option_helper option

app/helpers/courses_helper.rb

@@ -137,25 +137,47 @@ module CoursesHelper
     Course.find_by_extra(try(extra))
   end
   #判断制定用户是不是当前课程的老师
-  def is_course_teacher user,course
+  def is_course_teacher (user,course)
-    people = []
+    #people = []
-    course.members.includes(:roles, :user).each do |member|
+    #course.members.includes(:roles, :user).each do |member|
-      role_id = member.roles.first.id
+    #  role_id = member.roles.first.id
-      if TeacherRoles.include? role_id
+    #  if TeacherRoles.include? role_id
-        people <<  member.user
+    #    people <<  member.user
+    #  end
+    #end
+    #people.include?(user)
+    #修改为根据用户是否有发布任务的权限来判断用户是否是课程的老师
+    is_teacher = false
+    @membership = user.memberships.all(:conditions => Project.visible_condition(User.current))
+    @membership.each do |membership|
+      unless(membership.project.project_type==0)
+        if user.allowed_to?({:controller => "projects", :action => "new_homework"}, membership.project, :global => false)
+          is_teacher = true
+        end
       end
     end
-    people.include?(user)
+    is_teacher
   end
   #当前用户是不是指定课程的学生
   def is_cur_course_student? course
-    people = []
+    #people = []
-    course.members.includes(:roles, :user).each do |member|
+    #course.members.includes(:roles, :user).each do |member|
-      if StudentRoles.include? member.roles.first.id
+    #  if StudentRoles.include? member.roles.first.id
-        people <<  member.user
+    #    people <<  member.user
+    #  end
+    #end
+    #people.include?(User.current)
+    #修改：能新建占位且不能新建任务的角色判定为学生
+    is_student = false
+    @membership = User.current.memberships.all(:conditions => Project.visible_condition(User.current))
+    @membership.each do |membership|
+      unless(membership.project.project_type==0)
+        if !User.current.allowed_to?({:controller => "projects", :action => "new_homework"}, membership.project, :global => false) && User.current.allowed_to?({:controller => "homework_attach", :action => "new"}, membership.project, :global => false)
+          is_student = true
+        end
       end
     end
-    people.include?(User.current)
+    is_student
   end
   #获取当前用户在指定作业下提交的作业的集合
   def cur_user_homework_for_bid bid

app/helpers/shares_helper.rb

@@ -4,11 +4,15 @@ def options_from_select_project(user)
   @option = []
     @membership.each do |membership|
       unless(membership.project.project_type==1)
-        membership.member_roles.each{|role|
+        #membership.member_roles.each{|role|
-          if(role.role_id == 3)
+        #  if(role.role_id == 3)
+        #  @option << membership.project
+        #  end
+        #}
+        #拥有编辑项目权限的可操作该项目
+        if user.allowed_to?({:controller => "projects", :action => "edit"}, membership.project, :global => false)
           @option << membership.project
-          end
+        end
-        }
       end
     end
   options_for_select(@option)

app/helpers/user_score_helper.rb

@@ -228,12 +228,21 @@ module UserScoreHelper
     isManager = 0
     members = Member.where('user_id = ?', user.id)
     members.each do |m|
-      roles = m.member_roles
+      #roles = m.member_roles
-      roles.each do |r|
+      #roles.each do |r|
-        if r.role_id == 3
+      #  if r.role_id == 3
+      #    isManager = 1
+      #  end
+      #end
+      @membership = m.memberships.all(:conditions => Project.visible_condition(User.current))
+      @membership.each do |membership|
+        #拥有编辑项目权限的可操作该项目
+        if m.allowed_to?({:controller => "projects", :action => "edit"}, membership.project, :global => false)
           isManager = 1
         end
       end
+
+
     end
     
     level = 0