trustieforge/app/controllers/documents_controller.rb

# Redmine - project management software
# Copyright (C) 2006-2013  Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

class DocumentsController < ApplicationController
  layout 'base_projects'#by young
  default_search_scope :documents
  model_object Document
  before_filter :find_project_by_project_id, :only => [:index, :new, :create]
  before_filter :find_model_object, :except => [:index, :new, :create]
  before_filter :find_project_from_association, :except => [:index, :new, :create]
  before_filter :authorize , :except => [:index]#Added by young
  before_filter :authorize_document

  helper :attachments
  helper :project_score

  def index
    @sort_by = %w(category date title author).include?(params[:sort_by]) ? params[:sort_by] : 'category'
    temp = @project.documents.includes(:attachments, :category).all
    documents = []
    temp.each do |doc|
      if doc.has_right?(@project)
        documents << doc
      end
    end
    case @sort_by
    when 'date'
      @grouped = documents.group_by {|d| d.updated_on.to_date }
    when 'title'
      @grouped = documents.group_by {|d| d.title.first.upcase}
    when 'author'
     # @grouped = documents.select{|d| d.attachments.any?}.group_by {|d| d.attachments.last.author}
      @grouped = documents.group_by(&:user)
    else
      @grouped = documents.group_by(&:category)
    end
    @document = @project.documents.build
    if @project.project_type == 1
      render :layout => 'base_courses'
    else
      render :layout => false if request.xhr?
    end
  end

  def show
    @attachments = @document.attachments.all
    if @project.project_type ==1
          render :action => 'show', :layout => 'base_courses'
    end
    respond_to do |format|
      format.html
      format.api
    end
  end

  def new
    @document = @project.documents.build
    @document.safe_attributes = params[:document]
  end

  def create
    @document = @project.documents.build
    @document.safe_attributes = params[:document]
    @document.user = User.current
    @document.save_attachments(params[:attachments])
    if @document.save
      render_attachment_warning_if_needed(@document)
      flash[:notice] = l(:notice_successful_create)
      redirect_to project_documents_url(@project)
    else
      render :action => 'new'
    end
  end

  def edit
  end

  def update
    @document.safe_attributes = params[:document]
    @document.save_attachments(params[:attachments])
    if request.put? and @document.save
      flash[:notice] = l(:notice_successful_update)
      redirect_to document_url(@document)
    else
      render :action => 'edit'
    end
  end

  def destroy
    @document.destroy if request.delete?
    redirect_to project_documents_url(@project)
  end

  def add_attachment
    attachments = Attachment.attach_files(@document, params[:attachments])
    render_attachment_warning_if_needed(@document)

    if attachments.present? && attachments[:files].present? && Setting.notified_events.include?('document_added')
      Mailer.run.attachments_added(attachments[:files])
    end
    redirect_to document_url(@document)
  end

  # 权限判断
  # add by nwb
  def authorize_document
    if !(User.current.admin? || User.current.member_of?(@project) || @document == nil || (@document != nil && @document.is_public==1))
      render_403 :message => :notice_not_authorized
    end
  end
end