Fix authenrization problem for non-admin users.
This commit is contained in:
parent
3eb8af3921
commit
3216f3251c
|
|
@ -74,7 +74,11 @@ class Admin::CoursesController < OrbitMemberController
|
||||||
|
|
||||||
def destroy_assignment
|
def destroy_assignment
|
||||||
@course_assignment.destroy
|
@course_assignment.destroy
|
||||||
|
if( current_user.is_admin? rescue false)
|
||||||
redirect_to course_assignments_admin_courses_path(:page => params[:page])
|
redirect_to course_assignments_admin_courses_path(:page => params[:page])
|
||||||
|
else
|
||||||
|
redirect_to :back
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def update_assignment
|
def update_assignment
|
||||||
|
|
@ -176,4 +180,36 @@ class Admin::CoursesController < OrbitMemberController
|
||||||
end
|
end
|
||||||
@course_assignment = CourseAssignment.find_by(:uid => uid) rescue CourseAssignment.find(params[:id])
|
@course_assignment = CourseAssignment.find_by(:uid => uid) rescue CourseAssignment.find(params[:id])
|
||||||
end
|
end
|
||||||
|
def has_access?
|
||||||
|
if @user_has_privileges
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
if !params[:id].nil?
|
||||||
|
course = Course.find(params[:id]) rescue nil
|
||||||
|
if course.present? && ( course.member_profile_id.to_s == current_user.member_profile_id.to_s rescue false)
|
||||||
|
return true
|
||||||
|
elsif( CourseAssignment.find(params[:id]).course.member_profile_id.to_s == current_user.member_profile_id.to_s rescue false)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
elsif !params[:uid].nil?
|
||||||
|
course_assignment = CourseAssignment.where(:uid=>params[:uid]).first
|
||||||
|
if course_assignment.nil?
|
||||||
|
return false
|
||||||
|
else
|
||||||
|
if( course_assignment.course.member_profile_id.to_s == current_user.member_profile_id.to_s rescue false)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
elsif( Course.find(course_assignment_params[:course_id]).member_profile_id.to_s == current_user.member_profile_id.to_s rescue false)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
@ -18,10 +18,10 @@ class CourseAssignment
|
||||||
}.join("<br>").html_safe
|
}.join("<br>").html_safe
|
||||||
end
|
end
|
||||||
def display_deadline
|
def display_deadline
|
||||||
self.deadline.strftime("%Y-%m-%d %H:%M")
|
self.deadline.strftime("%Y-%m-%d %H:%M") rescue ""
|
||||||
end
|
end
|
||||||
def display_assign_date
|
def display_assign_date
|
||||||
self.assign_date.strftime("%Y-%m-%d %H:%M")
|
self.assign_date.strftime("%Y-%m-%d %H:%M") rescue ""
|
||||||
end
|
end
|
||||||
def deliver_count
|
def deliver_count
|
||||||
StudentAssignment.where(:course_assignment_id => self.id,:member_profile_id.ne=>nil).count rescue 0
|
StudentAssignment.where(:course_assignment_id => self.id,:member_profile_id.ne=>nil).count rescue 0
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
en:
|
en:
|
||||||
|
edit_assignment: Edit assignment
|
||||||
module_name:
|
module_name:
|
||||||
personal_course: Courses
|
personal_course: Courses
|
||||||
courses: Courses
|
courses: Courses
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
zh_tw:
|
zh_tw:
|
||||||
|
edit_assignment: 編輯作業
|
||||||
module_name:
|
module_name:
|
||||||
personal_course: 教學資料
|
personal_course: 教學資料
|
||||||
courses: 教學資料
|
courses: 教學資料
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue