From 21e58ce3dff58ed79ba733a9ac1f56e0a59c8843 Mon Sep 17 00:00:00 2001
From: z9hang <z9hang@126.com>
Date: Wed, 21 May 2014 17:33:02 +0800
Subject: [PATCH] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E5=88=97=E8=A1=A8=E4=B8=AD?=
 =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E6=88=90=E5=91=98=E6=95=B0=E9=87=8F=E6=98=BE?=
 =?UTF-8?q?=E7=A4=BAn+=EF=BC=88=E4=B8=8D=E6=98=BE=E7=A4=BA=E7=B2=BE?=
 =?UTF-8?q?=E7=A1=AE=E6=95=B0=EF=BC=89=20=E5=8F=AA=E6=9C=89=E8=AF=BE?=
 =?UTF-8?q?=E7=A8=8B=E6=88=90=E5=91=98=E8=83=BD=E7=82=B9=E5=87=BB=E6=95=99?=
 =?UTF-8?q?=E5=B8=88=E6=95=B0=E9=87=8F=E5=AD=A6=E7=94=9F=E6=95=B0=E9=87=8F?=
 =?UTF-8?q?=E7=9A=84=E9=93=BE=E6=8E=A5=E5=92=8C=E6=9F=A5=E7=9C=8B=E5=B7=B2?=
 =?UTF-8?q?=E6=8F=90=E4=BA=A4=E4=BD=9C=E4=B8=9A=E7=9A=84=E5=88=97=E8=A1=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/bids_controller.rb       | 11 ++++++++++-
 app/views/layouts/base_courses.html.erb  | 12 ++++++++++--
 app/views/layouts/base_homework.html.erb |  4 +++-
 app/views/projects/_course.html.erb      |  2 +-
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb
index 2273de4e4..d63f0cfbb 100644
--- a/app/controllers/bids_controller.rb
+++ b/app/controllers/bids_controller.rb
@@ -14,6 +14,8 @@ class BidsController < ApplicationController
   # end
   before_filter :require_login,:only => [:set_reward, :destroy, :add, :new, ]
 
+  before_filter :memberAccess, only: :show_project
+
   helper :watchers
   helper :attachments
   include AttachmentsHelper
@@ -875,7 +877,14 @@ class BidsController < ApplicationController
     end
   rescue
     render_404
-    end
+  end
+
+  def memberAccess
+    # 是课程，则判断当前用户是否参加了课程
+    return 0 if @bid.courses.first.project_type == Project::ProjectType_project
+    currentUser = User.current
+    render_403 unless currentUser.member_of?(@bid.courses.first)
+  end
 
 end
 
diff --git a/app/views/layouts/base_courses.html.erb b/app/views/layouts/base_courses.html.erb
index 785479bd5..4e0135eaa 100644
--- a/app/views/layouts/base_courses.html.erb
+++ b/app/views/layouts/base_courses.html.erb
@@ -114,10 +114,18 @@
 
           <td class="font_index">
             <!-- 1 教师； 2 学生；0 全部-->
-            <%= link_to "#{teacherCount(@project)}", project_member_path(@project, :role => 1), :course => '1' %>
+            <% if User.current.member_of?(@project) %>
+                <%= link_to "#{teacherCount(@project)}", project_member_path(@project, :role => 1), :course => '1' %>
+            <% else %>
+                <span><%= teacherCount(@project)%></span> <!--<%= link_to "#{teacherCount(@project)}", "javascript:void(0)", :course => '1' %>-->
+            <% end%>
           </td>
           <td class="font_index">
-            <%= link_to "#{studentCount(@project)}", project_member_path(@project, :role => 2), :course => '1' %>
+            <% if User.current.member_of?(@project) %>
+                <%= link_to "#{studentCount(@project)}", project_member_path(@project, :role => 2), :course => '1' %>
+            <% else %>
+                <span><%= studentCount(@project)%></span>
+            <% end %>
           </td>
           <td class="font_index"><%= link_to files_count, project_files_path(@project) %></td>
         <tr class="font_aram">
diff --git a/app/views/layouts/base_homework.html.erb b/app/views/layouts/base_homework.html.erb
index aa60f3645..cfdea4a5e 100644
--- a/app/views/layouts/base_homework.html.erb
+++ b/app/views/layouts/base_homework.html.erb
@@ -151,6 +151,7 @@
 									<li>
 										<%= link_to l(:label_question_student), {:controller => 'bids', :action => 'show' },:class => link_class(:respond)%>
 									</li>
+                                  <% if  User.current.member_of? @bid.courses.first%>
 									<li>
 										<% if User.current.logged? && @bid.courses.first && (!Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.nil? && (Member.where('user_id = ? and project_id = ?', User.current.id, @bid.courses.first.id).first.roles&Role.where('id = ? or id = ? or id =?',5, 10, 7)).size >0) %>
 										<%= link_to l(:label_homework_commit), {:controller => 'bids', :action => 'show_project' },:class => link_class(:project)%>
@@ -159,9 +160,10 @@
 
 										<% end %>
 									</li>
+                                  <% end %>
 									<!-- <li><%= link_to l(:label_homework_statistics), { :controller => 'bids', :action => 'homework_statistics' },:class => link_class(:homework_statistics)%></li> -->
 									<!-- <li><%= link_to l(:label_homework_respond), { :controller => 'bids', :action => 'homework_respond' },:class => link_class(:homework_respond)%></li>
-									--><ul>
+									--></ul>
 							</div>
 
 							<%= yield %>
diff --git a/app/views/projects/_course.html.erb b/app/views/projects/_course.html.erb
index adc7c9306..6ea802037 100644
--- a/app/views/projects/_course.html.erb
+++ b/app/views/projects/_course.html.erb
@@ -45,7 +45,7 @@
 		<%= content_tag('span',  l(:label_x_data,:count => files_count)) %>
 	</p>
 	<p class="stats">
-		<%= content_tag('span',  "#{@project.members.count}", :class => "info") %>
+		<%= content_tag('span',  "#{garble @project.members.count}", :class => "info") %>
 		<%= content_tag('span',  l(:label_x_member, :count => @project.members.count)) %>
 	</p>