1.优化课程通知动态和权限判断

2.优化课程通知讨论区动态和权限判断
2014-06-16 10:38:38 +08:00 · 2014-06-16 10:38:38 +08:00 · 59a261d96d
parent 755e758596
commit 59a261d96d
6 changed files with 18 additions and 7 deletions
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@ -588,6 +588,7 @@ class CoursesController < ApplicationController

    has = {
        "show_course_files" => true,
+        "show_course_news" => true,
        "show_course_messages" => true,
        "show_bids" => true,
        "show_course_journals_for_messages" => true
@ -599,7 +600,7 @@ class CoursesController < ApplicationController
    @activity = Redmine::Activity::Fetcher.new(User.current, :course => @course,
                                               :with_subprojects => false,
                                               :author => @author)
-    @activity.scope_select {|t| !has["show_#{t}"].nil?}
+    @activity.scope_select {|t| has["show_#{t}"]}
    events = @activity.events(@date_from, @date_to)

    @offset, @limit = api_offset_and_limit({:limit => 10})
--- a/app/models/message.rb
+++ b/app/models/message.rb
@ -67,6 +67,10 @@ class Message < ActiveRecord::Base
    includes(:board => :project).where(Project.allowed_to_condition(args.shift || User.current, :view_messages, *args))
  }

+  scope :course_visible, lambda {|*args|
+    includes(:board => :course).where(Course.allowed_to_condition(args.shift || User.current, :view_course_messages, *args))
+  }
+

  safe_attributes 'subject', 'content'
  safe_attributes 'locked', 'sticky', 'board_id',
--- a/app/models/news.rb
+++ b/app/models/news.rb
@ -38,7 +38,7 @@ class News < ActiveRecord::Base
  #added by nwb
  #课程新闻独立于项目
  acts_as_activity_provider :type => 'course_news',
-                            :find_options => {:include => [:project, :author]},
+                            :find_options => {:include => [:course, :author]},
                            :author_key => :author_id
  acts_as_watchable

@ -52,7 +52,7 @@ class News < ActiveRecord::Base
  }

  scope :course_visible, lambda {|*args|
-    includes(:course).where(Course.allowed_to_condition(args.shift || User.current, :view_news, *args))
+    includes(:course).where(Course.allowed_to_condition(args.shift || User.current, :view_course_news, *args))
  }
  safe_attributes 'title', 'summary', 'description'

--- a/db/migrate/20140606028512_add_course_roles.rb
+++ b/db/migrate/20140606028512_add_course_roles.rb
@ -45,6 +45,8 @@ class AddCourseRoles < ActiveRecord::Migration
        role.permissions.append(:search_course )
      end
      role.permissions.append(:view_course_files )
+      role.permissions.append(:view_course_journals_for_messages )
+      role.permissions.append(:view_course_messages )
      role.save
    end
  end
--- a/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb
+++ b/lib/plugins/acts_as_activity_provider/lib/acts_as_activity_provider.rb
@ -77,7 +77,11 @@ module Redmine
                scope = scope.scoped(:conditions => Project.allowed_to_condition(user, provider_options[:permission] || :view_project, options))
              end
            elsif respond_to?(:visible)
-              scope = scope.visible(user, options)
+              if  options[:course]
+                scope = scope.course_visible(user, options)
+              else
+                scope = scope.visible(user, options)
+              end
            elsif options[:course]
              scope = scope.scoped(:conditions => Course.allowed_to_condition(user, "view_#{self.name.underscore.pluralize}".to_sym, options))
            else
--- a/lib/redmine.rb
+++ b/lib/redmine.rb
@ -106,7 +106,7 @@ Redmine::AccessControl.map do |map|
  map.permission :edit_course, {:courses => [:settings, :edit, :update]}, :require => :member
  map.permission :close_course, {:courses => [:close, :reopen]}, :require => :member, :read => true
  map.permission :select_course_modules, {:courses => :modules}, :require => :member
-  map.permission :view_course_journals_for_messages, {:gantts => [:show, :update]}, :read => true
+  map.permission :view_course_journals_for_messages, {:courses => :feedback}, :require => :member,:read => true

  map.course_module :files do |map|
    map.permission :manage_files, {:files => [:new, :create]}, :require => :loggedin
@ -114,7 +114,7 @@ Redmine::AccessControl.map do |map|
  end
    map.course_module :news do |map|
    map.permission :manage_news, {:news => [:new, :create, :edit, :update, :destroy], :comments => [:destroy]}, :require => :member
-    map.permission :view_news, {:news => [:index, :show]}, :public => true, :read => true
+    map.permission :view_course_news, {:news => [:index, :show]}, :public => true, :read => true
    map.permission :comment_news, {:comments => :create}
    end
  #作业模块权限
@ -124,7 +124,7 @@ Redmine::AccessControl.map do |map|

  map.course_module :boards do |map|
    map.permission :manage_boards, {:boards => [:new, :create, :edit, :update, :destroy]}, :require => :member
-    map.permission :view_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true, :read => true
+    map.permission :view_course_messages, {:boards => [:index, :show], :messages => [:show]}, :public => true, :read => true
    map.permission :add_messages, {:messages => [:new, :reply, :quote]}
    map.permission :edit_messages, {:messages => :edit}, :require => :member
    map.permission :edit_own_messages, {:messages => :edit}, :require => :loggedin