diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 686f70a11..ad6d568a5 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -138,6 +138,8 @@ class AccountController < ApplicationController @user.password,@user.password_confirmation = password,password_confirmation elsif !should_confirmation_password && !password.blank? @user.password = password + else + @user.password = "" end case Setting.self_registration when '1' diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb index c8ce6ec31..2997f4205 100644 --- a/app/controllers/bids_controller.rb +++ b/app/controllers/bids_controller.rb @@ -842,7 +842,7 @@ class BidsController < ApplicationController # 编辑作业 def edit @bid = Bid.find(params[:bid_id]) - if (User.current.admin?||User.current.id==@bid.author_id) + if (User.current.admin?||User.current.allowed_to?(:as_teacher,@bid.courses.first)) @course_id = params[:course_id] respond_to do |format| format.html { @@ -868,7 +868,7 @@ class BidsController < ApplicationController @bid.reward_type = 3 @bid.deadline = params[:bid][:deadline] @bid.budget = 0 - @bid.author_id = User.current.id + #@bid.author_id = User.current.id @bid.commit = 0 @bid.homework_type = 1 @bid.save_attachments(params[:attachments] || (params[:bid] && params[:bid][:uploads])) @@ -884,6 +884,7 @@ class BidsController < ApplicationController def new_submit_homework #render html to prepare create submit homework find_bid + find_bid render :layout => 'base_homework' end diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb index 1ed40f691..41518e2f1 100644 --- a/app/controllers/files_controller.rb +++ b/app/controllers/files_controller.rb @@ -133,9 +133,9 @@ class FilesController < ApplicationController end if order_by.count == 1 - sort += "#{Attachment.table_name}.#{attribute} asc " + sort += "#{Attachment.table_name}.#{attribute} asc " if attribute elsif order_by.count == 2 - sort += "#{Attachment.table_name}.#{attribute} #{order_by[1]} " + sort += "#{Attachment.table_name}.#{attribute} #{order_by[1]} " if attribute && order_by[1] end if sort_type != params[:sort].split(",").last sort += "," @@ -176,13 +176,16 @@ class FilesController < ApplicationController end @sort = order_by[0] @order = order_by[1] - if order_by.count == 1 + if order_by.count == 1 && attribute sort += "#{Attachment.table_name}.#{attribute} asc " - elsif order_by.count == 2 + if sort_type != params[:sort].split(",").last + sort += "," + end + elsif order_by.count == 2 && order_by[1] sort += "#{Attachment.table_name}.#{attribute} #{order_by[1]} " - end - if sort_type != params[:sort].split(",").last - sort += "," + if sort_type != params[:sort].split(",").last + sort += "," + end end end end diff --git a/app/controllers/homework_attach_controller.rb b/app/controllers/homework_attach_controller.rb index 6088e2294..d07ee9448 100644 --- a/app/controllers/homework_attach_controller.rb +++ b/app/controllers/homework_attach_controller.rb @@ -305,7 +305,8 @@ class HomeworkAttachController < ApplicationController end def edit - if User.current.admin? || User.current.member_of_course?(@homework.bid.courses.first) + bid = @homework.bid + if (bid.comment_status == 0 || bid.open_anonymous_evaluation == 0) && (User.current.admin? || User.current.member_of_course?(bid.courses.first)) get_homework_member @homework else render_403 :message => :notice_not_authorized @@ -337,7 +338,8 @@ class HomeworkAttachController < ApplicationController end def destroy - if User.current.admin? || User.current == @homework.user + bid = @homework.bid + if (bid.comment_status == 0 || bid.open_anonymous_evaluation == 0) && (User.current.admin? || User.current == @homework.user) if @homework.destroy #respond_to do |format| # format.html { redirect_to course_for_bid_url @homework.bid } diff --git a/app/helpers/watchers_helper.rb b/app/helpers/watchers_helper.rb index 3b49f3d48..ca5efd364 100644 --- a/app/helpers/watchers_helper.rb +++ b/app/helpers/watchers_helper.rb @@ -100,13 +100,12 @@ module WatchersHelper return '' if user.id == course.tea_id joined = user.member_of_course?(course) text = joined ? l(:label_exit_course) : l(:label_new_join) - url_t = join_path(:object_id => course.id) - url_f = try_join_path(:object_id => course.id) + url = joined ? join_path(:object_id => course.id) : try_join_path(:object_id => course.id) method = joined ? 'delete' : 'post' if joined - link_to text, url_t, :remote => true, :method => method, :id => "#{course.id}", :confirm => l(:text_are_you_sure_out), :class => []+options + link_to text, url, :remote => true, :method => method, :id => "#{course.id}", :confirm => l(:text_are_you_sure_out), :class => []+options else - link_to text, url_f, :remote => true, :method => method, :id => "#{course.id}", :class => []+options + link_to text, url, :remote => true, :method => method, :id => "#{course.id}", :class => []+options end end def join_in_course_group(coursegroups,group, user, options=[]) diff --git a/app/models/user.rb b/app/models/user.rb index 57077f167..70e4e8187 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -933,7 +933,7 @@ class User < Principal def validate_password_length # Password length validation based on setting - if password.nil? || password.size < Setting.password_min_length.to_i + if !password.nil? && password.size < Setting.password_min_length.to_i errors.add(:password, :too_short, :count => Setting.password_min_length.to_i) end end diff --git a/app/views/courses/_set_join.js.erb b/app/views/courses/_set_join.js.erb index 39e40d34e..f65d6e98b 100644 --- a/app/views/courses/_set_join.js.erb +++ b/app/views/courses/_set_join.js.erb @@ -1,5 +1,5 @@ <% if object_id%> - $("#<%=object_id%>").replaceWith('<%= escape_javascript join_in_course_for_list(course, user) %>'); + $("#<%=object_id%>").replaceWith('<%= escape_javascript join_in_course(course, user) %>'); <% end %> <% if @state %> <% if @state == 0 %> diff --git a/app/views/news/_course_show.html.erb b/app/views/news/_course_show.html.erb index 6f13c28c7..00cbc17de 100644 --- a/app/views/news/_course_show.html.erb +++ b/app/views/news/_course_show.html.erb @@ -69,9 +69,9 @@ :html => { :id => 'news-form', :multipart => true, :method => :put } do |f| %> <%= render :partial => 'course_form', :locals => { :f => f, :is_new => false } %> <%#= submit_tag l(:button_save) %> - <%= link_to l(:button_save), "#", :onclick => 'submitNews();',:onmouseover => 'this.focus()',:class => 'whiteButton m3p10' %> + <%= link_to l(:button_save), "#", :onclick => 'submitNews();',:onmouseover => 'this.focus()',:class => 'ButtonColor m3p10' %> <%#= preview_link preview_news_path(:course_id => @course, :id => @news), 'news-form',target='preview',{:class => 'whiteButton m3p10'} %> - <%= link_to l(:button_cancel), "#", :onclick => '$("#edit-news").hide(); return false;',:class => 'whiteButton m3p10' %> + <%= link_to l(:button_cancel), "#", :onclick => '$("#edit-news").hide(); return false;',:class => 'ButtonColor m3p10' %> <% end %>
diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 13302a77c..ef90c7d10 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -1900,7 +1900,7 @@ zh: other: 成员 label_bids_task_list: 作业列表 - label_join_course: 加入课程 + label_join_course: 加入 label_exit_course: 退出 label_new_join: 加入 label_new_course_password: 课程密码