diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb index 0c39ee5c6..f61ed35f6 100644 --- a/app/controllers/bids_controller.rb +++ b/app/controllers/bids_controller.rb @@ -373,6 +373,7 @@ class BidsController < ApplicationController #by xianbo def homework_destroy @bid_to_destroy = Bid.find params[:course_id] + (render_403; return false) unless User.current.admin?||User.current.id==bid.author_id @bid_to_destroy.destroy respond_to do |format| format.html { redirect_to :back } diff --git a/app/views/bids/_bid_homework_show.html.erb b/app/views/bids/_bid_homework_show.html.erb index 840a661cc..78a4d6f40 100644 --- a/app/views/bids/_bid_homework_show.html.erb +++ b/app/views/bids/_bid_homework_show.html.erb @@ -7,22 +7,34 @@ - + +
<%= link_to(bid.author.lastname+bid.author.firstname, user_path(bid.author), :class => 'bid_user') %>:  <%= link_to(bid.name, respond_path(bid), :class => 'bid_path') %><%= link_to(bid.author.lastname+bid.author.firstname, user_path(bid.author), :class => 'bid_user') %>:  <%= link_to(bid.name, respond_path(bid), :class => 'bid_path') %> + + <%= link_to( + l(:button_delete), + {:action => 'homework_destroy', :controller=>'bids', :course_id => bid.id}, + :method => :post, + :data => {:confirm => l(:text_are_you_sure)}, + :class => 'icon icon-del' + ) if (User.current.admin?||User.current.id==bid.author_id)&&(bid.homework_type == 1)%>
diff --git a/app/views/messages/show.html.erb b/app/views/messages/show.html.erb index 0529de844..3787efe4a 100644 --- a/app/views/messages/show.html.erb +++ b/app/views/messages/show.html.erb @@ -20,7 +20,7 @@ :method => :post, :data => {:confirm => l(:text_are_you_sure)}, :class => 'icon icon-del' - ) if @message.destroyable_by?(User.current) %> + ) if @bid.destroyable_by?(User.current) %>

<%= avatar(@topic.author, :size => "24") %><%=h @topic.subject %>

diff --git a/app/views/users/_my_create_homework.html.erb b/app/views/users/_my_create_homework.html.erb index 845fb093e..6f17ab265 100644 --- a/app/views/users/_my_create_homework.html.erb +++ b/app/views/users/_my_create_homework.html.erb @@ -13,13 +13,14 @@ + <%= l(:label_course_homework) %> : <%= link_to(bid.courses.first.name, project_path(bid.courses.first)) %> + <%= link_to( + l(:button_delete), + {:action => 'homework_destroy', :controller=>'bids', :course_id => bid.id}, + :method => :post, + :data => {:confirm => l(:text_are_you_sure)}, + :class => 'icon icon-del' + ) if User.current.admin?||User.current.id==bid.author_id%>
<% if bid.reward_type.nil? or bid.reward_type == 1 %> <%= l(:label_bids_reward_method) %><%= l(:label_call_bonus) %> <%= l(:label_RMB_sign) %> - <%= bid.budget%> <% elsif bid.reward_type == 2 %> <%= l(:label_bids_reward_method) %><%= bid.budget%> <% else %> + <%= bid.budget%> <% elsif bid.reward_type == 2 %> <%= l(:label_bids_reward_method) %><%= bid.budget%> + <% else %> <% end %>
<% if bid.homework_type == 1%> + <%= l(:label_x_homework_project, :count => bid.homeworks.count) %>(<%= link_to bid.homeworks.count, project_for_bid_path(bid.id) %>) - <% else %><%= l(:label_x_homework_project, :count => bid.biding_projects.count) %>(<%= link_to bid.biding_projects.count, project_for_bid_path(bid.id) %>)<% end %> + <% else %><%= l(:label_x_homework_project, :count => bid.biding_projects.count) %>(<%= link_to bid.biding_projects.count, project_for_bid_path(bid.id) %> + )<% end %> <%= l(:label_x_responses, :count => bid.commit) %>(<%= link_to bid.commit, respond_path(bid) %>)
<%= link_to(bid.author.lastname+bid.author.firstname, user_path(bid.author), :class => 'bid_user') %>:   <%= link_to(bid.name, respond_path(bid), :class => 'bid_path') %>    - <%= l(:label_course_homework) %> : <%= link_to(bid.courses.first.name, project_path(bid.courses.first)) %> <%= link_to( - l(:button_delete), - {:action => 'homework_destroy', :controller=>'bids', :course_id => bid.id}, - :method => :post, - :data => {:confirm => l(:text_are_you_sure)}, - :class => 'icon icon-del' - ) %>