组织权限问题

2021-04-13 16:39:50 +08:00 · 2021-04-13 16:39:50 +08:00 · 07d11737e9
parent dcd4457cf5 1fe9ea126a
commit 07d11737e9
3 changed files with 4 additions and 4 deletions
--- a/app/controllers/members_controller.rb
+++ b/app/controllers/members_controller.rb
@ -47,7 +47,7 @@ class MembersController < ApplicationController
  end

  def member_exists?
-    @project.member?(params[:user_id])
+    @project.members.exists?(params[:user_id])
  end

  def operate!
@ -59,6 +59,6 @@ class MembersController < ApplicationController
  end

  def check_member_not_exists!
-    return render_result(1, "user_id为#{params[:user_id]}的用户还不是项目成员") unless member_exists?
+    return render_result(1, "user_id为#{params[:user_id]}的用户还不是项目成员") unless @project.member?(params[:user_id])
  end
 end
--- a/app/controllers/pull_requests_controller.rb
+++ b/app/controllers/pull_requests_controller.rb
@ -140,7 +140,7 @@ class PullRequestsController < ApplicationController
  end

  def pr_merge
-    return render_forbidden("你没有权限操作.") if @project.reporter?(current_user)
+    return render_forbidden("你没有权限操作.") unless current_user.project_manager?(@project)

    if params[:do].blank?
      normal_status(-1, "请选择合并方式")
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -203,7 +203,7 @@ class User < Owner
  end

  def project_manager?(project)
-    project.managers.exists?(user: self) || self.admin?
+    project.manager?(self) || self.admin?
  end

  # 学号