From 80bd535b4f508ca0963137fc996ec5aea69367a9 Mon Sep 17 00:00:00 2001
From: chenmin <19763783@qq.com>
Date: Wed, 20 Aug 2014 09:30:26 +0800
Subject: [PATCH 1/2] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E8=AE=A8=E8=AE=BA?=
 =?UTF-8?q?=E5=8C=BA=E5=9B=9E=E5=A4=8D=E5=B8=96=E5=AD=90=E7=9A=84=E5=86=85?=
 =?UTF-8?q?=E5=AE=B9=E5=A2=9E=E5=8A=A0=E5=88=A0=E9=99=A4=E9=99=84=E4=BB=B6?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD=EF=BC=9B=20=E5=A2=9E=E5=8A=A0=E5=8F=AF?=
 =?UTF-8?q?=E4=BB=A5=E7=BC=96=E8=BE=91=E8=87=AA=E5=B7=B1=E5=9B=9E=E5=A4=8D?=
 =?UTF-8?q?=E5=86=85=E5=AE=B9=E7=9A=84=E5=8A=9F=E8=83=BD=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/messages_controller.rb   | 12 ++++++++++--
 app/models/message.rb                    |  8 ++++++++
 app/views/messages/_course_show.html.erb |  4 ++--
 3 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index e840664b4..cdeb17e54 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -103,7 +103,11 @@ class MessagesController < ApplicationController
 
   # Edit a message
   def edit
-    (render_403; return false) unless @message.editable_by?(User.current)
+    if @project
+      (render_403; return false) unless @message.editable_by?(User.current)
+    else
+      (render_403; return false) unless @message.course_editable_by?(User.current)
+    end
     @message.safe_attributes = params[:message]
     if request.post? && @message.save
       attachments = Attachment.attach_files(@message, params[:attachments])
@@ -124,7 +128,11 @@ class MessagesController < ApplicationController
 
   # Delete a messages
   def destroy
-    (render_403; return false) unless @message.destroyable_by?(User.current)
+    if @project
+      (render_403; return false) unless @message.destroyable_by?(User.current)
+    else
+      (render_403; return false) unless @message.course_destroyable_by?(User.current)
+    end
     r = @message.to_param
     @message.destroy
     # modify by nwb
diff --git a/app/models/message.rb b/app/models/message.rb
index 62bfb34a5..0fdfc5b15 100644
--- a/app/models/message.rb
+++ b/app/models/message.rb
@@ -127,6 +127,14 @@ class Message < ActiveRecord::Base
     board.course
   end
 
+  def course_editable_by?(usr)
+    usr && usr.logged? && (usr.allowed_to?(:edit_messages, course) || (self.author == usr && usr.allowed_to?(:edit_own_messages, course)))
+  end
+
+  def course_destroyable_by?(usr)
+    usr && usr.logged? && (usr.allowed_to?(:delete_messages, course) || (self.author == usr && usr.allowed_to?(:delete_own_messages, course)))
+  end
+
   def editable_by?(usr)
     usr && usr.logged? && (usr.allowed_to?(:edit_messages, project) || (self.author == usr && usr.allowed_to?(:edit_own_messages, project)))
   end
diff --git a/app/views/messages/_course_show.html.erb b/app/views/messages/_course_show.html.erb
index 4db903b88..5b8b629d4 100644
--- a/app/views/messages/_course_show.html.erb
+++ b/app/views/messages/_course_show.html.erb
@@ -148,7 +148,7 @@
                               "编辑",
                               {:action => 'edit', :id => message},
                               :title => l(:button_edit)
-                      ) if message.editable_by?(User.current) %>
+                      ) if message.course_editable_by?(User.current) %>
                   <%= link_to(
                               #image_tag('delete.png'),
                               "删除",
@@ -156,7 +156,7 @@
                               :method => :post,
                               :data => {:confirm => l(:text_are_you_sure)},
                               :title => l(:button_delete)
-                      ) if message.destroyable_by?(User.current) %>
+                      ) if message.course_destroyable_by?(User.current) %>
                 </div></td>
             </tr>
             <tr>

From 4905511060f7540cff522eafbc615620d6c272e8 Mon Sep 17 00:00:00 2001
From: zhanghaitao <562681745@qq.com>
Date: Wed, 20 Aug 2014 09:42:01 +0800
Subject: [PATCH 2/2] =?UTF-8?q?#=E8=AF=BE=E7=A8=8B=E8=B5=B7=E6=AD=A2?=
 =?UTF-8?q?=E6=97=B6=E9=97=B4=E6=98=BE=E7=A4=BABug=E7=9A=84=E4=BF=AE?=
 =?UTF-8?q?=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/views/courses/show.html.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/courses/show.html.erb b/app/views/courses/show.html.erb
index d7d579dd1..a3412142b 100644
--- a/app/views/courses/show.html.erb
+++ b/app/views/courses/show.html.erb
@@ -2,7 +2,7 @@
     <div class="content-title-top-avtive">
       <!-- <h3><%= @author.nil? ? l(:label_activity) : l(:label_user_activity, link_to_user(@author)).html_safe %></h3> -->
       <p class="subtitle">
-        <%= l(:label_date_from_to, :start => format_date(@date_from), :end => format_date(@date_to - 1)) %>
+        <%#= l(:label_date_from_to, :start => format_date(@date_from), :end => format_date(@date_to - 1)) %>
       </p>
 
       <% @events_by_day.keys.sort.reverse.each do |day| %>