Merge branch 'szzh' into api

Conflicts:
	Gemfile
	db/schema.rb

.gitignore

@@ -4,6 +4,7 @@
 /.bundle
 *.swp
 /config/database.yml
+/config/configuration.yml
 /files/*
 /log/*
 /tmp/*
@@ -14,7 +15,6 @@
 /db/schema.rb
 /Gemfile.lock
 /lib/plugins/acts_as_versioned/test/debug.log
-/config/configuration.yml
 .rbenv-gemsets
 .DS_Store
 public/api_doc/

.metadata/.plugins/org.eclipse.debug.core/.launches/Firefox - Internal Server.launch

@@ -2,6 +2,7 @@
 <launchConfiguration type="com.aptana.js.debug.core.webbrowserLaunchConfigurationType">
 <booleanAttribute key="advancedRunEnabled" value="false"/>
 <booleanAttribute key="appendProjectName" value="true"/>
+<stringAttribute key="browserCmdLine" value=""/>
 <stringAttribute key="browserExecutable" value=""/>
 <stringAttribute key="browserNature" value="Firefox"/>
 <stringAttribute key="externalBaseUrl" value=""/>

.metadata/.plugins/org.eclipse.debug.core/.launches/Internet Explorer - Internal Server.launch

@@ -2,6 +2,7 @@
 <launchConfiguration type="com.aptana.js.debug.core.webbrowserLaunchConfigurationType">
 <booleanAttribute key="advancedRunEnabled" value="false"/>
 <booleanAttribute key="appendProjectName" value="true"/>
+<stringAttribute key="browserCmdLine" value=""/>
 <stringAttribute key="browserExecutable" value="C:\Program Files (x86)\Internet Explorer\iexplore.exe"/>
 <stringAttribute key="browserNature" value="Internet Explorer"/>
 <stringAttribute key="externalBaseUrl" value=""/>

.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

Gemfile

@@ -1,4 +1,4 @@
-source 'http://ruby.taobao.org'
+source 'http://rubygems.org'
 #source 'http://ruby.sdutlinux.org/'
 
 unless RUBY_PLATFORM =~ /w32/
@@ -20,6 +20,7 @@ gem "builder", "3.0.0"
 gem 'acts-as-taggable-on', '2.4.1'
 gem 'spreadsheet'
 gem 'ruby-ole'
+#gem 'email_verifier'
 
 group :development do
   gem 'grape-swagger'
@@ -38,17 +39,18 @@ group :test do
   gem 'selenium-webdriver', '~> 2.42.0'
 
 
-  platforms :mri, :mingw do
-    group :rmagick do
-      # RMagick 2 supports ruby 1.9
-      # RMagick 1 would be fine for ruby 1.8 but Bundler does not support
-      # different requirements for the same gem on different platforms
-      gem "rmagick", ">= 2.0.0"
-    end
-  end
+  # platforms :mri, :mingw do
+  #   group :rmagick do
+  #     # RMagick 2 supports ruby 1.9
+  #     # RMagick 1 would be fine for ruby 1.8 but Bundler does not support
+  #     # different requirements for the same gem on different platforms
+  #     gem "rmagick", ">= 2.0.0"
+  #   end
+  #end
 end
 
-
+  gem 'rspec-rails' , '2.13.1'
+  gem 'guard-rspec','2.5.0'
 # Gems used only for assets and not required
 # in production environments by default.
 group :assets do

Gemfile.lock

@@ -26,7 +26,7 @@ PATH
       rails
 
 GEM
-  remote: http://ruby.taobao.org/
+  remote: http://rubygems.org/
   remote: https://rubygems.org/
   specs:
     actionmailer (3.2.13)
@@ -70,6 +70,8 @@ GEM
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
       xpath (~> 2.0)
+    celluloid (0.16.0)
+      timers (~> 4.0.0)
     childprocess (0.5.3)
       ffi (~> 1.0, >= 1.0.11)
     climate_control (0.0.3)
@@ -88,6 +90,7 @@ GEM
     coffee-script-source (1.7.1)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
+    diff-lcs (1.2.5)
     equalizer (0.0.9)
     erubis (2.7.0)
     execjs (2.2.1)
@@ -96,6 +99,7 @@ GEM
     fastercsv (1.5.5)
     ffi (1.9.3)
     ffi (1.9.3-x86-mingw32)
+    formatador (0.2.5)
     grape (0.9.0)
       activesupport
       builder
@@ -112,8 +116,21 @@ GEM
     grape-swagger (0.8.0)
       grape
       grape-entity
+    guard (2.11.1)
+      formatador (>= 0.2.4)
+      listen (~> 2.7)
+      lumberjack (~> 1.0)
+      nenv (~> 0.1)
+      notiffany (~> 0.0)
+      pry (>= 0.9.12)
+      shellany (~> 0.0)
+      thor (>= 0.18.1)
+    guard-rspec (2.5.0)
+      guard (>= 1.1)
+      rspec (~> 2.11)
     hashie (3.3.1)
     hike (1.2.3)
+    hitimes (1.2.2-x86-mingw32)
     htmlentities (4.3.2)
     i18n (0.6.1)
     ice_nine (0.11.0)
@@ -126,10 +143,16 @@ GEM
       actionpack (>= 3.0.0)
       activesupport (>= 3.0.0)
     libv8 (3.16.14.3)
+    listen (2.8.5)
+      celluloid (>= 0.15.2)
+      rb-fsevent (>= 0.9.3)
+      rb-inotify (>= 0.9)
+    lumberjack (1.0.9)
     mail (2.5.4)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     metaclass (0.0.4)
+    method_source (0.8.2)
     mime-types (1.25.1)
     mini_portile (0.6.0)
     mocha (1.1.0)
@@ -138,17 +161,26 @@ GEM
     multi_xml (0.5.5)
     mysql2 (0.3.11)
     mysql2 (0.3.11-x86-mingw32)
+    nenv (0.2.0)
     net-ldap (0.3.1)
     nokogiri (1.6.3)
       mini_portile (= 0.6.0)
     nokogiri (1.6.3-x86-mingw32)
       mini_portile (= 0.6.0)
+    notiffany (0.0.3)
+      nenv (~> 0.1)
+      shellany (~> 0.0)
     paperclip (3.5.4)
       activemodel (>= 3.0.0)
       activesupport (>= 3.0.0)
       cocaine (~> 0.5.3)
       mime-types
     polyglot (0.3.5)
+    pry (0.9.12.6-x86-mingw32)
+      coderay (~> 1.0)
+      method_source (~> 0.8)
+      slop (~> 3.4)
+      win32console (~> 1.3)
     rack (1.4.5)
     rack-accept (0.4.5)
       rack (>= 0.4)
@@ -181,6 +213,9 @@ GEM
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
     rake (10.3.2)
+    rb-fsevent (0.9.4)
+    rb-inotify (0.9.5)
+      ffi (>= 0.5.0)
     rdoc (3.12.2)
       json (~> 1.4)
     ref (1.0.5)
@@ -192,7 +227,21 @@ GEM
       rack-raw-upload
       rails (>= 3.2.0)
       sass-rails
-    rmagick (2.13.2)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    rspec-rails (2.13.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
     ruby-ole (1.2.11.7)
     ruby-openid (2.1.8)
     rubyzip (1.1.6)
@@ -206,12 +255,14 @@ GEM
       multi_json (~> 1.0)
       rubyzip (~> 1.0)
       websocket (~> 1.0.4)
+    shellany (0.0.1)
     shoulda (3.5.0)
       shoulda-context (~> 1.0, >= 1.0.1)
       shoulda-matchers (>= 1.4.1, < 3.0)
     shoulda-context (1.2.1)
     shoulda-matchers (2.6.1)
       activesupport (>= 3.0.0)
+    slop (3.6.0)
     spreadsheet (1.0.0)
       ruby-ole (>= 1.0)
     sprockets (2.2.2)
@@ -225,6 +276,8 @@ GEM
     thor (0.19.1)
     thread_safe (0.3.4)
     tilt (1.4.1)
+    timers (4.0.1)
+      hitimes
     treetop (1.4.15)
       polyglot
       polyglot (>= 0.3.1)
@@ -238,6 +291,7 @@ GEM
       descendants_tracker (~> 0.0, >= 0.0.3)
       equalizer (~> 0.0, >= 0.0.9)
     websocket (1.0.7)
+    win32console (1.3.2-x86-mingw32)
     xpath (2.0.0)
       nokogiri (~> 1.3)
 
@@ -260,6 +314,7 @@ DEPENDENCIES
   grape-entity
   grape-swagger
   grape-swagger-ui!
+  guard-rspec (= 2.5.0)
   htmlentities
   i18n (~> 0.6.0)
   jquery-rails (~> 2.0.2)
@@ -273,7 +328,7 @@ DEPENDENCIES
   rack-openid
   rails (= 3.2.13)
   rich (= 1.4.6)
-  rmagick (>= 2.0.0)
+  rspec-rails (= 2.13.1)
   ruby-ole
   ruby-openid (~> 2.1.4)
   sass-rails (~> 3.2.3)

app/controllers/account_controller.rb

@@ -367,7 +367,10 @@ class AccountController < ApplicationController
     if user.save and token.save
       UserStatus.create(:user_id => user.id, :changsets_count => 0, :watchers_count => 0)
       Mailer.register(token).deliver
+
+
       flash[:notice] = l(:notice_account_register_done)
+
       render action: 'email_valid', locals: {:mail => user.mail}
     else
       yield if block_given?

app/controllers/application_controller.rb

@@ -156,7 +156,16 @@ class ApplicationController < ActionController::Base
       user
     end
   end
+  def try_to_autologin1
 
+      # auto-login feature starts a new session
+      user = User.try_to_autologin(params[:token])
+      if user
+          start_user_session(user)
+      end
+      user
+
+  end
   # Sets the logged in user
   def logged_user=(user)
     reset_session
@@ -248,7 +257,30 @@ class ApplicationController < ActionController::Base
       end
     end
   end
+  def authorize1(ctrl = params[:controller], action = params[:action],token = params[:token], global = false)
+
+    if(!User.current.logged? && !token.nil?)
 
+      User.current =try_to_autologin1
+    end
+    allowed  = authorize_allowed(params[:controller], params[:action],global)
+
+    if allowed
+      true
+    else
+      if @project && @project.archived?
+        render_403 :message => :notice_not_authorized_archived_project
+      else
+        deny_access
+      end
+    end
+  end
+  def auth_login1(token = params[:token])
+    if(!User.current.logged? && !token.nil?)
+
+      User.current =try_to_autologin1
+    end
+  end
   def authorize_allowed(ctrl = params[:controller], action = params[:action], global = false)
     #modify by NWB
     if  @project
@@ -261,6 +293,7 @@ class ApplicationController < ActionController::Base
     allowed
   end
   def authorize_attachment_download(ctrl = params[:controller], action = params[:action], global = false)
+
     case @attachment.container_type
       when "Memo"
         allowed = User.current.allowed_to?(:memos_attachments_download,nil,:global => true)
@@ -289,6 +322,37 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def authorize_attachment_download1(ctrl = params[:controller], action = params[:action],token = params[:token], global = false)
+    if(!User.current.logged? && !token.nil?)
+      User.current = try_to_autologin1
+    end
+    case @attachment.container_type
+      when "Memo"
+        allowed = User.current.allowed_to?(:memos_attachments_download,nil,:global => true)
+      when "Message"
+        if @project
+          allowed = User.current.allowed_to?(:projects_attachments_download,@project,:global => false)
+        elsif @course
+          allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
+        end
+      when "contest"
+        return true
+      when "Course"
+        allowed = User.current.allowed_to?(:course_attachments_download, @course, :global => false)
+      else
+        return true
+    end
+
+    if allowed
+      true
+    else
+      if @project && @project.archived?
+        render_403 :message => :notice_not_authorized_archived_project
+      else
+        deny_access
+      end
+    end
+  end
   def authorize_course(ctrl = params[:controller], action = params[:action], global = false)
     allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @course || @course, :global => global)
     if allowed
@@ -789,4 +853,29 @@ class ApplicationController < ActionController::Base
     @organizer = WebFooterOranizer.first
     @companies = WebFooterCompany.all
   end
+
+
+
+
+  def password_authentication
+    user, last_login_on = User.try_to_login(params[:user_name], params[:password])
+
+
+      successful_authentication(user, last_login_on)
+
+  end
+
+
+  def successful_authentication(user, last_login_on)
+    logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
+    # Valid user
+    self.logged_user = user
+    # generate a key and set cookie if autologin
+    if params[:autologin] && Setting.autologin?
+      set_autologin_cookie(user)
+    end
+    call_hook(:controller_account_success_authentication_after, {:user => user })
+
+
+  end
 end

app/controllers/attachments_controller.rb

@@ -17,11 +17,12 @@
 
 class AttachmentsController < ApplicationController
   layout "users_base"
+
   before_filter :find_project, :only => [:show, :download, :thumbnail, :destroy, :delete_homework]#, :except => [:upload, :autocomplete]
   before_filter :file_readable, :read_authorize, :only => [:show, :thumbnail]#Modified by young
   before_filter :delete_authorize, :only => :destroy
   before_filter :authorize_global, :only => :upload
-  before_filter :authorize_attachment_download, :only => :download
+  before_filter :authorize_attachment_download1, :only => :download
   #before_filter :login_without_softapplication, only: [:download]
   accept_api_auth :show, :download, :upload
   require 'iconv'

app/controllers/bids_controller.rb

@@ -9,6 +9,8 @@ class BidsController < ApplicationController
   menu_item :homework_statistics, :only => :homework_statistics
   menu_item :edit, :only => :edit
 
+
+
   before_filter :can_show_course,only: []
   before_filter :can_show_contest,only: []
   #Ended by young

app/controllers/courses_controller.rb

@@ -323,6 +323,7 @@ class CoursesController < ApplicationController
 
     if valid_attr.eql?('name')
       faker.name = valid_value
+      faker.course_id =  params[:course_id]
       faker.valid?
       req[:valid] = faker.errors[:name].blank?
       req[:message] = faker.errors[:name]
@@ -572,8 +573,7 @@ class CoursesController < ApplicationController
     # end
   end
 
-  def
-  course
+  def course
      @school_id = params[:school_id]
     per_page_option = 10
     if @school_id == "0" or @school_id.nil?
@@ -882,9 +882,9 @@ class CoursesController < ApplicationController
     # modify by nwb
     # 添加私密性判断
     if User.current.member_of_course?(@course)|| User.current.admin?
-      events = @activity.events(@date_from, @date_to)
+      events = @activity.events(@days, @course.created_at)
     else
-      events = @activity.events(@date_from, @date_to, :is_public => 1)
+      events = @activity.events(@days, @course.created_at, :is_public => 1)
     end
 
     # 无新动态时，显示老动态

app/controllers/forums_controller.rb

@@ -160,12 +160,15 @@ class ForumsController < ApplicationController
   def create
     @forum = Forum.new(params[:forum])
     @forum.creator_id = User.current.id
+    if @forum.save
+      respond_to do |format|
 
-    respond_to do |format|
-      if @forum.save
-        format.html { redirect_to @forum, notice: l(:label_forum_create_succ) }
-        format.json { render json: @forum, status: :created, location: @forum }
-      else
+          format.html { redirect_to @forum, notice: l(:label_forum_create_succ) }
+          format.json { render json: @forum, status: :created, location: @forum }
+      end
+
+    else
+      respond_to do |format|
         flash.now[:error] = "#{l :label_forum_create_fail}: #{@forum.errors.full_messages[0]}"
         format.html { render action: "new" }
         format.json { render json: @forum.errors, status: :unprocessable_entity }

app/controllers/homework_attach_controller.rb

@@ -26,6 +26,7 @@ class HomeworkAttachController < ApplicationController
     get_not_batch_homework_list sort,direction, @bid.id
     @cur_page = params[:page] || 1
     @cur_type = 1
+    @cur_sort,@cur_direction =  params[:sort] || "s_socre", params[:direction] || "desc"
     @direction = direction == 'asc'? 'desc' : 'asc'
     respond_to do |format|
       format.js
@@ -433,7 +434,7 @@ class HomeworkAttachController < ApplicationController
   #添加留言
   def addjours
     @is_teacher,@is_anonymous_comments,@m_score = params[:is_teacher]=="true",params[:is_anonymous_comments]=="true",params[:stars_value]
-    @cur_page,@cur_type = params[:cur_page] || 1,params[:cur_type] || 5
+    @cur_page,@cur_type = params[:page] || 1,params[:cur_type] || 5
     @homework = HomeworkAttach.find(params[:homework_id])
     @stars_reates = @homework.rates(:quality)
     homework = @homework
@@ -479,7 +480,7 @@ class HomeworkAttachController < ApplicationController
 
     if @cur_type == "1" #如果当前是老师未批列表，需要刷新整个作业列表界面
       @bid = @homework.bid
-      get_not_batch_homework_list "s_socre","desc",@homework.bid_id
+      get_not_batch_homework_list params[:cur_sort] || "s_socre",params[:cur_direction] || "desc",@homework.bid_id
     elsif @cur_type == "2" #老师已批列表
       @result_homework = HomeworkAttach.find_by_sql("SELECT homework_attaches.*,
             (SELECT stars FROM seems_rateable_rates WHERE rateable_type = 'HomeworkAttach' AND rateable_id = homework_attaches.id AND is_teacher_score = 1 AND stars IS NOT NULL ORDER BY updated_at DESC limit 0,1) AS t_score,

app/controllers/issues_controller.rb

@@ -19,10 +19,13 @@ class IssuesController < ApplicationController
   layout 'base_projects'#Added by young
   default_search_scope :issues
 
+  before_filter :authorize1, :only => [:show]
   before_filter :find_issue, :only => [:show, :edit, :update]
   before_filter :find_issues, :only => [:bulk_edit, :bulk_update, :destroy]
   before_filter :find_project, :only => [:new, :create, :update_form]
+  #before_filter :authorize, :except => [:index, :show]
   before_filter :authorize, :except => [:index]
+
   before_filter :find_optional_project, :only => [:index]
   before_filter :check_for_default_issue_status, :only => [:new, :create]
   before_filter :build_new_issue_from_params, :only => [:new, :create, :update_form]
@@ -107,7 +110,7 @@ class IssuesController < ApplicationController
   end
 
   def show
-    
+
     @journals = @issue.journals.includes(:user, :details).reorder("#{Journal.table_name}.id ASC").all
     @journals.each_with_index {|j,i| j.indice = i+1}
     @journals.reject!(&:private_notes?) unless User.current.allowed_to?(:view_private_notes, @issue.project)

app/controllers/my_controller.rb

@@ -17,6 +17,9 @@
 
 class MyController < ApplicationController
   layout "users_base"
+  # edit
+  before_filter :auth_login1, :only => [:account]
+  #
   before_filter :require_login
 
   helper :issues

app/controllers/poll_answer_controller.rb

@@ -1,2 +0,0 @@
-class PollAnswerController < ApplicationController
-end

app/controllers/poll_question_controller.rb

@@ -1,2 +0,0 @@
-class PollQuestionController < ApplicationController
-end

app/controllers/poll_user_controller.rb

@@ -1,2 +0,0 @@
-class PollUserController < ApplicationController
-end

app/controllers/poll_vote_controller.rb

@@ -1,2 +0,0 @@
-class PollVoteController < ApplicationController
-end

app/controllers/projects_controller.rb

@@ -31,14 +31,16 @@ class ProjectsController < ApplicationController
   menu_item :feedback, :only => :feedback
   menu_item l(:label_course_file), :only => :index
   menu_item l(:label_course_news), :only => :index
-  
 
-  before_filter :find_project, :except => [ :index, :search,:list, :new, :create, :copy, :statistics, :new_join, :course, :enterprise_course, :course_enterprise,:view_homework_attaches]
+# edit
+  before_filter :authorize1, :only => [:show]
+#
+  before_filter :find_project, :except => [ :index, :search,:list, :new, :create, :copy, :statistics, :new_join, :course, :enterprise_course, :course_enterprise,:view_homework_attaches,:join_project]
   # before_filter :authorize, :except => [:new_join, :new_homework, :homework, :statistics, :search, :watcherlist, :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy, :member, :focus, :file, 
   #               :statistics, :feedback, :course, :enterprise_course, :course_enterprise, :project_respond, :share,
   #               :show_projects_score, :issue_score_index, :news_score_index, :file_score_index, :code_submit_score_index, :projects_topic_score_index]
   #此条勿删 课程相关权限  ,:new_homework,:homework,:feedback,,:member
-  before_filter :authorize, :only => [:show, :settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course]
+  before_filter :authorize, :only => [:settings, :edit, :sort_project_members, :update, :modules, :close, :reopen,:view_homework_attaches,:course]
   before_filter :authorize_global, :only => [:new, :create,:view_homework_attaches]
   before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy, :calendar]
   before_filter :file, :statistics, :watcherlist
@@ -116,8 +118,8 @@ class ProjectsController < ApplicationController
                       joins("LEFT JOIN #{ProjectStatus.table_name} ON #{Project.table_name}.id = #{ProjectStatus.table_name}.project_id").joins("LEFT JOIN #{ProjectScore.table_name} ON #{Project.table_name}.id = #{ProjectScore.table_name}.project_id").
                       where("#{Project.table_name}.project_type = ? ", Project::ProjectType_project)
 
-    @project_count = @projects_all.count
-    @project_pages = Paginator.new @project_count, per_page_option, params['page']
+    @poll_questions_count = @projects_all.count
+    @poll_questions_pages = Paginator.new @project_count, per_page_option, params['page']
 
 #gcm activity count
 
@@ -556,6 +558,11 @@ class ProjectsController < ApplicationController
 
   # Show @project
   def show
+    if(@project && !@project.is_public && !User.current.member_of?(@project))
+      render_403
+      return
+    end
+
     @project_type = params[:project_type]
     
     # try to redirect to the requested menu item
@@ -597,8 +604,8 @@ class ProjectsController < ApplicationController
       "show_wiki_edits"=>true,
       "show_journals_for_messages" => true
     }
-    @date_to ||= Date.today + 1
-    @date_from = @date_to - @days-1.years
+
+
     @with_subprojects = params[:with_subprojects].nil? ? Setting.display_subprojects_issues? : (params[:with_subprojects] == '1')
     @author = (params[:user_id].blank? ? nil : User.active.find(params[:user_id]))
     # 决定显示所用用户或单个用户活动
@@ -612,9 +619,9 @@ class ProjectsController < ApplicationController
     # modify by nwb
     # 添加私密性判断
     if User.current.member_of?(@project)|| User.current.admin?
-      events = @activity.events(@date_from, @date_to)
+      events = @activity.events(@days)
     else
-      events = @activity.events(@date_from, @date_to, :is_public => 1)
+      events = @activity.events(@days,nil, :is_public => 1)
     end
 
     @offset, @limit = api_offset_and_limit({:limit => 10})
@@ -910,6 +917,14 @@ class ProjectsController < ApplicationController
       end
     end
   end
+
+  #加入私有项目
+  def join_project
+    respond_to do |format|
+      format.js
+    end
+  end
+
   private
 
   def memberAccess

app/controllers/users_controller.rb

@@ -15,8 +15,10 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 class UsersController < ApplicationController
+
   layout :setting_layout
   #Added by young
+  before_filter :auth_login1, :only => [:show, :user_activities]
   menu_item :activity
   menu_item :user_information, :only => :info
   menu_item :user_course, :only => :user_courses
@@ -29,6 +31,9 @@ class UsersController < ApplicationController
  
   #Ended by young
 
+  # edit
+
+  #
   before_filter :can_show_course, :only => [:user_courses,:user_homeworks]
   before_filter :require_admin, :except => [:show, :index, :search, :tag_save, :tag_saveEx,:user_projects, :user_newfeedback, :user_comments, :watch_bids, :watch_contests, :info,
     :user_watchlist, :user_fanslist,:update, :user_courses, :user_homeworks, :watch_projects, :show_score, :topic_score_index, :project_score_index,

app/controllers/zipdown_controller.rb

@@ -7,17 +7,6 @@ class ZipdownController < ApplicationController
   SAVE_FOLDER = "#{Rails.root}/files"
   OUTPUT_FOLDER = "#{Rails.root}/tmp/archiveZip"
 
-  #通过作业Id找到项目（课程）
-  def find_project_by_bid_id
-    obj_class = params[:obj_class]
-    obj_id = params[:obj_id]
-    obj = obj_class.constantize.find(obj_id)
-    case obj.class.to_s.to_sym
-      when :Bid
-        @project = obj.courses[0]
-    end
-  end
-
   def assort
     if params[:obj_class] == "Bid"
       bid = Bid.find params[:obj_id]
@@ -33,8 +22,8 @@ class ZipdownController < ApplicationController
     end
     send_file zipfile, :filename => bid.name + ".zip", :type => detect_content_type(zipfile) if zipfile
 
-  rescue Exception => e
-    render file: 'public/no_file_found.html'
+  #rescue Exception => e
+  #  render file: 'public/no_file_found.html'
   end
 
   #下载某一学生的作业的所有文件
@@ -56,12 +45,23 @@ class ZipdownController < ApplicationController
     else
       render_403
     end
-  rescue => e
-    render file: 'public/file_not_found.html'
+  #rescue => e
+  #  render file: 'public/file_not_found.html'
   end
 
   private
 
+  #通过作业Id找到项目（课程）
+  def find_project_by_bid_id
+    obj_class = params[:obj_class]
+    obj_id = params[:obj_id]
+    obj = obj_class.constantize.find(obj_id)
+    case obj.class.to_s.to_sym
+      when :Bid
+        @project = obj.courses[0]
+    end
+  end
+
   def zip_bid(bid)
     # Todo: User Access Controll
     bid_homework_path = []
@@ -101,10 +101,20 @@ class ZipdownController < ApplicationController
 
     Zip::File.open(zipfile_name, Zip::File::CREATE) do |zipfile|
       input_filename.each do |filename|
+        flag = true
+        index = 1
         rename_file = ic.iconv( (File.basename(filename)) ).to_s
         rename_file = ic.iconv( filename_to_real( File.basename(filename))).to_s if is_attachment
 
-        zipfile.add(rename_file, filename)
+        begin
+          zipfile.add(rename_file, filename)
+          flag = false
+        rescue Exception => e
+          zipfile.get_output_stream('FILE_NOTICE.txt') do |os|
+            os.write l(:label_file_exist)
+          end
+          next
+        end
       end
       unless not_exist_file.empty?
         zipfile.get_output_stream('FILE_LOST.txt') do |os|
@@ -113,9 +123,9 @@ class ZipdownController < ApplicationController
       end
     end
     zipfile_name
-  rescue Errno => e
-    logger.error "[zipdown#zipping] ===> #{e}"
-    @error = e
+  #rescue Errno => e
+  #  logger.error "[zipdown#zipping] ===> #{e}"
+  #  @error = e
   end
   def detect_content_type(name)
     content_type = Redmine::MimeType.of(name)

app/helpers/application_helper.rb

@@ -140,10 +140,12 @@ module ApplicationHelper
   # * :text - Link text (default to attachment filename)
   # * :download - Force download (default: false)
   def link_to_attachment(attachment, options={})
+    token = options[:token] if options[:token]
     text = options.delete(:text) || attachment.filename
     route_method = options.delete(:download) ? :download_named_attachment_path : :named_attachment_path
     html_options = options.slice!(:only_path)
     url = send(route_method, attachment, attachment.filename, options)
+     url << "?token=#{token}" unless token.nil?
     link_to text, url, html_options
   end
 
@@ -492,7 +494,7 @@ module ApplicationHelper
   def principals_check_box_tags_ex(name, principals)
     s = ''
     principals.each do |principal|
-      s << "<label>#{ check_box_tag name, principal.id, false, :id => nil } #{h principal.userInfo }</label>\n"
+      s << "<label>#{ check_box_tag name, principal.id, false, :id => nil } #{h link_to principal.userInfo, user_path( principal.id)}</label>\n"
     end
     s.html_safe
   end

app/helpers/courses_helper.rb

@@ -111,6 +111,10 @@ module CoursesHelper
     #garble count
  # end
 
+  #获取课程所有成员
+  def course_all_member course
+    course.members
+  end
   # 学生人数计算
   # add by nwb
   def studentCount course
@@ -561,12 +565,13 @@ module CoursesHelper
   def course_in_current_or_next_term course
     is_current_term = false
     is_next_term = false
-    if course.time == Time.now.year && course.term == cur_course_term
+    year_now = Time.now.month < 3 ? Time.now.year - 1:Time.now.year
+    if course.time == year_now && course.term == cur_course_term
       is_current_term = true
     end
-    if cur_course_term == "秋季学期" && course.time == (Time.now.year + 1) && course.term == "春季学期"
+    if cur_course_term == "秋季学期" && course.time == (year_now + 1) && course.term == "春季学期"
       is_next_term = true
-    elsif cur_course_term == "春季学期" && course.time == Time.now.year && course.term == "秋季学期"
+    elsif cur_course_term == "春季学期" && course.time == year_now && course.term == "秋季学期"
       is_next_term = true
     end
     is_current_term || is_next_term