Merge branch 'pre_trustie_server' into trustie_server

app/controllers/admins/base_controller.rb

@@ -23,10 +23,23 @@ class Admins::BaseController < ApplicationController
   def require_admin!
     return if current_user.blank? || !current_user.logged?
     return if current_user.admin_or_business?
+    return if current_user.admin_or_glcc_admin?
 
     render_forbidden
   end
 
+  def require_admin
+		render_forbidden unless User.current.admin?
+	end
+
+	def require_business
+		render_forbidden unless admin_or_business?
+	end
+
+	def require_glcc_admin 
+		render_forbidden unless admin_or_glcc_admin?
+	end
+
   # 触发after ajax render partial hooks，执行一些因为局部刷新后失效的绑定事件
   def rebind_event_if_ajax_render_partial
     return if request.format.symbol != :js

app/controllers/admins/edu_settings_controller.rb

@@ -1,4 +1,5 @@
 class Admins::EduSettingsController < Admins::BaseController
+  before_action :require_admin
   before_action :find_setting, only: [:edit,:update, :destroy]
 
   def index

app/controllers/admins/faqs_controller.rb

@@ -1,4 +1,5 @@
 class Admins::FaqsController < Admins::BaseController
+  before_action :require_business
   before_action :find_faq, only: [:edit,:update, :destroy]
 
   def index

app/controllers/admins/feedbacks_controller.rb

@@ -1,4 +1,5 @@
 class Admins::FeedbacksController < Admins::BaseController
+  before_action :require_business
   before_action :get_feedback, only: [:new_history, :create_history, :destroy]
 
   def index 

app/controllers/admins/glcc_pr_check_controller.rb

@@ -1,4 +1,6 @@
 class Admins::GlccPrCheckController < Admins::BaseController
+    before_action :require_glcc_admin
+
     def index
         params[:sort_by] = params[:sort_by].presence || 'created_on'
         params[:sort_direction] = params[:sort_direction].presence || 'desc'

app/controllers/admins/identity_verifications_controller.rb

@@ -1,4 +1,5 @@
 class Admins::IdentityVerificationsController < Admins::BaseController
+    before_action :require_business
     before_action :finder_identity_verification, except: [:index]
     def index
         params[:sort_by] = params[:sort_by].presence || 'created_at'

app/controllers/admins/issues_rank_controller.rb

@@ -1,4 +1,5 @@
 class Admins::IssuesRankController < Admins::BaseController
+  before_action :require_admin
 
   def index 
     @statistics = DailyProjectStatistic.where('date >= ? AND date <= ?', begin_date, end_date)

app/controllers/admins/laboratories_controller.rb

@@ -1,4 +1,5 @@
 class Admins::LaboratoriesController < Admins::BaseController
+  before_action :require_admin
   def index
     default_sort('id', 'desc')
 

app/controllers/admins/message_templates_controller.rb

@@ -1,4 +1,5 @@
 class Admins::MessageTemplatesController < Admins::BaseController 
+  before_action :require_admin
   before_action :get_template, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/nps_controller.rb

@@ -1,4 +1,5 @@
 class Admins::NpsController < Admins::BaseController
+  before_action :require_business
   def index
     @on_off_switch = EduSetting.get("nps-on-off-switch").to_s == 'true'
     @user_nps = UserNp.joins(:user).order(created_at: :desc)

app/controllers/admins/organizations_controller.rb

@@ -1,5 +1,6 @@
 class Admins::OrganizationsController < Admins::BaseController
-    before_action :finder_org, except: [:index]
+  before_action :require_admin
+  before_action :finder_org, except: [:index]
 
   def index
     params[:sort_by] = params[:sort_by].presence || 'created_on'

app/controllers/admins/page_themes_controller.rb

@@ -1,4 +1,5 @@
 class Admins::PageThemesController <   Admins::BaseController 
+    before_action :require_admin
     before_action :finder_page_theme, only: [:edit, :update, :destroy]
 
     def index

app/controllers/admins/project_categories_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ProjectCategoriesController < Admins::BaseController 
+  before_action :require_admin
   before_action :get_category, only: [:edit,:update, :destroy]
   before_action :validate_names, only: [:create, :update]
 

app/controllers/admins/project_ignores_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ProjectIgnoresController < Admins::BaseController 
+  before_action :require_admin
   before_action :set_ignore, only: [:edit,:update, :destroy,:show]
   # before_action :validate_params, only: [:create, :update]
 

app/controllers/admins/project_languages_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ProjectLanguagesController < Admins::BaseController 
+  before_action :require_admin
   before_action :get_language, only: [:edit,:update, :destroy]
   before_action :validate_names, only: [:create, :update]
 

app/controllers/admins/project_licenses_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ProjectLicensesController < Admins::BaseController 
+  before_action :require_admin
   before_action :set_license, only: [:edit,:update, :destroy,:show]
   # before_action :validate_params, only: [:create, :update]
 

app/controllers/admins/projects_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ProjectsController < Admins::BaseController
+  before_action :require_admin
   before_action :find_project, only: [:edit, :update]
 
   def index

app/controllers/admins/projects_rank_controller.rb

@@ -1,4 +1,6 @@
 class Admins::ProjectsRankController < Admins::BaseController
+  before_action :require_admin
+
   def index 
     @statistics = DailyProjectStatistic.where("date >= ? AND date <= ?", begin_date, end_date)
     @statistics = @statistics.group(:project_id).select("project_id, 

app/controllers/admins/reversed_keywords_controller.rb

@@ -1,4 +1,5 @@
 class Admins::ReversedKeywordsController < Admins::BaseController 
+  before_action :require_admin
   before_action :get_keyword, only: [:edit,:update, :destroy]
   # before_action :validate_identifer, only: [:create, :update]
 

app/controllers/admins/site_pages_controller.rb

@@ -1,4 +1,5 @@
 class Admins::SitePagesController <  Admins::BaseController
+    before_action :require_admin
     before_action :finder_site_page, except: [:index]
 
     def index

app/controllers/admins/sites_controller.rb

@@ -1,4 +1,5 @@
 class Admins::SitesController < Admins::BaseController 
+  before_action :require_admin
   before_action :find_site, only: [:edit,:update, :destroy]
 
   def index

app/controllers/admins/system_notifications_controller.rb

@@ -1,4 +1,5 @@
 class Admins::SystemNotificationsController < Admins::BaseController 
+  before_action :require_business
   before_action :get_notification, only: [:history, :edit,:update, :destroy]
   # before_action :validate_identifer, only: [:create, :update]
 

app/controllers/admins/topic/activity_forums_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::ActivityForumsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_activity_forum, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/banners_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::BannersController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_banner, only: [:edit, :update, :destroy]
 
   def index

app/controllers/admins/topic/cards_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::CardsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_card, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/cooperators_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::CooperatorsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_cooperator, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/excellent_projects_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::ExcellentProjectsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_excellent_project, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/experience_forums_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::ExperienceForumsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_experience_forum, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/glcc_news_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::GlccNewsController < Admins::Topic::BaseController
+  before_action :require_glcc_admin
   before_action :find_glcc, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/topic/pinned_forums_controller.rb

@@ -1,4 +1,5 @@
 class Admins::Topic::PinnedForumsController < Admins::Topic::BaseController
+  before_action :require_business
   before_action :find_pinned_forum, only: [:edit, :update, :destroy]
 
   def index 

app/controllers/admins/users_controller.rb

@@ -1,4 +1,5 @@
 class Admins::UsersController < Admins::BaseController
+  before_action :require_admin
   before_action :finder_user, except: [:index] 
 
   def index
@@ -73,6 +74,6 @@ class Admins::UsersController < Admins::BaseController
   def update_params
     params.require(:user).permit(%i[lastname nickname gender technical_title is_shixun_marker
                                     mail phone location location_city school_id department_id admin
-                                    password  login website_permission])
+                                    password  login website_permission business glcc_admin])
   end
 end

app/controllers/admins/users_rank_controller.rb

@@ -1,4 +1,5 @@
 class Admins::UsersRankController < Admins::BaseController
+  before_action :require_admin
 
   def index 
     @rank_date = rank_date

app/controllers/application_controller.rb

@@ -75,7 +75,11 @@ class ApplicationController < ActionController::Base
 
 
 	def admin_or_business?
-		User.current.admin? || User.current.business?
+		User.current.admin? || User.current.business? 
+	end
+
+	def admin_or_glcc_admin?
+		User.current.admin? || User.current.glcc_admin?
 	end
 
 	# 判断用户的邮箱或者手机是否可用
@@ -195,6 +199,10 @@ class ApplicationController < ActionController::Base
 		normal_status(403, "") unless admin_or_business?
 	end
 
+	def require_glcc_admin 
+		normal_status(403, "") unless admin_or_glcc_admin?
+	end
+
 	# 前端会捕捉401,弹登录弹框
 	# 未授权的捕捉407，弹试用申请弹框
 	def require_login

app/controllers/projects_controller.rb

@@ -64,7 +64,8 @@ class ProjectsController < ApplicationController
     end
   rescue Gitea::Api::ServerError => ex 
     uid_logger_error(ex.message)
-    tip_exception(ex.http_code, ex.message)
+    # tip_exception(ex.http_code, ex.message)
+    tip_exception(ex.message)
   rescue ApplicationService::Error => e
     uid_logger_error(e.message)
     tip_exception(e.message)

app/controllers/repositories_controller.rb

@@ -7,6 +7,7 @@ class RepositoriesController < ApplicationController
   before_action :require_login, only: %i[edit update create_file update_file delete_file sync_mirror]
   before_action :require_profile_completed, only: [:create_file]
   before_action :load_repository
+  before_action :require_operate_above, only: %i[create_file update_file replace_file delete_file]
   before_action :authorizate!, except: [:sync_mirror, :tags, :commit, :archive]
   before_action :authorizate_user_can_edit_repo!, only: %i[sync_mirror]
   before_action :get_ref, only: %i[entries sub_entries top_counts files archive]
@@ -437,4 +438,8 @@ class RepositoriesController < ApplicationController
     end
   end
 
+  def require_operate_above 
+    return render_forbidden if !current_user.admin? && !@project.operator?(current_user)
+  end
+
 end

app/forms/base_form.rb

@@ -26,6 +26,16 @@ class BaseForm
     raise "项目标识已被使用." if Repository.where(user_id: user_id, identifier: repository_name.strip).exists?
   end
 
+  def check_gitea_repository_name(user_id, repository_name)
+    user_login = User.find_by_id(user_id)&.login
+    begin 
+      gitea_result = $gitea_client.get_repos_by_owner_repo(user_login, repository_name)
+      raise "项目标识已被使用." if gitea_result["id"].present?
+    rescue Gitea::Api::ServerError => e
+      raise "服务器错误，请联系系统管理员！" unless e.http_code.to_i == 404
+    end
+  end
+
   def check_project_name(user_id, project_name)
     raise "项目名称已被使用." if Project.where(user_id: user_id, name: project_name.strip).exists?
   end

app/forms/projects/create_form.rb

@@ -16,6 +16,7 @@ class Projects::CreateForm < BaseForm
     check_project_language(project_language_id)
     check_project_name(user_id, name) unless name.blank?
     check_repository_name(user_id, repository_name) unless repository_name.blank?
+    # check_gitea_repository_name(user_id, repository_name) unless repository_name.blank?
     check_blockchain_token_all(blockchain_token_all) unless blockchain_token_all.blank?
     check_blockchain_init_token(blockchain_init_token) unless blockchain_init_token.blank?
   end

app/forms/projects/migrate_form.rb

@@ -11,6 +11,7 @@ class Projects::MigrateForm < BaseForm
   validate do
     check_project_name(user_id, name) unless name.blank?
     check_repository_name(user_id, repository_name) unless repository_name.blank?
+    # check_gitea_repository_name(user_id, repository_name) unless repository_name.blank?
     check_project_category(project_category_id)
     check_project_language(project_language_id)
     check_owner

app/forms/projects/update_form.rb

@@ -10,6 +10,7 @@ class Projects::UpdateForm < BaseForm
     check_project_language(project_language_id)
 
     check_repository_name(user_id, identifier) unless identifier.blank? || identifier == project_identifier
+    # check_gitea_repository_name(user_id, identifier) unless identifier.blank? || identifier == project_identifier
     check_project_name(user_id, name) unless name.blank? || name == project_name
   end
 

app/helpers/manage_back_helper.rb

@@ -2,29 +2,33 @@ module ManageBackHelper
   extend ActiveSupport::Concern
 
   def sidebar_item_group(url, text, **opts)
-    link_opts = url.start_with?('/') ? {} : { 'data-toggle': 'collapse', 'aria-expanded': false }
-    content =
-      link_to url, link_opts do
-        content_tag(:i, '', class: "fa fa-#{opts[:icon]}", 'data-toggle': 'tooltip', 'data-placement': 'right', 'data-boundary': 'window', title: text) +
-          content_tag(:span, text)
-      end
-
-    content +=
-      content_tag(:ul, id: url[1..-1], class: 'collapse list-unstyled', "data-parent": '#sidebar') do
-        yield
-      end
-
-    raw content
+    if opts[:has_permission]
+      link_opts = url.start_with?('/') ? {} : { 'data-toggle': 'collapse', 'aria-expanded': false }
+      content =
+        link_to url, link_opts do
+          content_tag(:i, '', class: "fa fa-#{opts[:icon]}", 'data-toggle': 'tooltip', 'data-placement': 'right', 'data-boundary': 'window', title: text) +
+            content_tag(:span, text)
+        end
+
+      content +=
+        content_tag(:ul, id: url[1..-1], class: 'collapse list-unstyled', "data-parent": '#sidebar') do
+          yield
+        end
+
+      raw content
+    end
   end
 
   def sidebar_item(url, text, **opts)
-    content =
-      link_to url, 'data-controller': opts[:controller] do
-        content_tag(:i, '', class: "fa fa-#{opts[:icon]} fa-fw", 'data-toggle': 'tooltip', 'data-placement': 'right', 'data-boundary': 'window', title: text) +
-          content_tag(:span, text)
-      end
-
-    raw content
+    if opts[:has_permission]
+      content =
+        link_to url, 'data-controller': opts[:controller] do
+          content_tag(:i, '', class: "fa fa-#{opts[:icon]} fa-fw", 'data-toggle': 'tooltip', 'data-placement': 'right', 'data-boundary': 'window', title: text) +
+            content_tag(:span, text)
+        end
+
+      raw content
+    end
   end
 
   def admin_sidebar_controller

app/jobs/migrate_remote_repository_job.rb

@@ -10,7 +10,7 @@ class MigrateRemoteRepositoryJob < ApplicationJob
     gitea_repository = Gitea::Repository::MigrateService.new(token, params).call
     puts "#gitea_repository#{gitea_repository}"
     if gitea_repository[0]==201
-      repo&.project&.update_columns(gpid: gitea_repository[2]["id"])
+      repo&.project&.update_columns(gpid: gitea_repository[2]["id"], default_branch: gitea_repository[2]["default_branch"])
       repo&.mirror&.succeeded!
       ## open jianmu devops
       project_id = repo&.project&.id
@@ -24,7 +24,7 @@ class MigrateRemoteRepositoryJob < ApplicationJob
         repo&.mirror&.failed!
         repo&.project&.update_columns(status: 0)
       else
-        repo&.project&.update_columns(gpid: gitea_result["id"])
+        repo&.project&.update_columns(gpid: gitea_repository[2]["id"], default_branch: gitea_repository[2]["default_branch"])
         repo&.mirror&.succeeded!
         project_id = repo&.project&.id
         puts "############ mirror project_id,user_id: #{project_id},#{user_id}  ############"

app/models/user.rb

@@ -833,7 +833,11 @@ class User < Owner
   end
 
   def admin_or_business?
-    admin? || business?
+    admin? || business? 
+  end
+
+  def admin_or_glcc_admin?
+    admin? || glcc_admin? 
   end
 
   def self.generate_login(prefix)

app/services/admins/update_user_service.rb

@@ -31,7 +31,7 @@ class Admins::UpdateUserService < ApplicationService
   private
 
   def user_attributes
-    params.slice(*%i[lastname nickname mail phone admin business is_test login
+    params.slice(*%i[lastname nickname mail phone admin business glcc_admin is_test login
                      professional_certification authentication is_shixun_marker website_permission])
   end
 

app/services/repositories/create_service.rb

@@ -38,18 +38,27 @@ class Repositories::CreateService < ApplicationService
   private
 
   def create_gitea_repository
-    if project.owner.is_a?(User)
-      # @gitea_repository = Gitea::Repository::CreateService.new(user.gitea_token, gitea_repository_params).call
-      @gitea_repository = $gitea_client.post_user_repos({query: {token: user.gitea_token}, body: gitea_repository_params.to_json})
-    elsif project.owner.is_a?(Organization)
-      # @gitea_repository = Gitea::Organization::Repository::CreateService.call(user.gitea_token, project.owner.login, gitea_repository_params)
-      @gitea_repository = $gitea_client.post_orgs_repos_by_org(project.owner.login, {query: {token: user.gitea_token}, body: gitea_repository_params.to_json})
+    begin
+      @gitea_repository = $gitea_client.get_repos_by_owner_repo(project.owner.login, params[:identifier])
+    rescue Gitea::Api::ServerError => e
+      if e.http_code.to_i == 404
+        if project.owner.is_a?(User)
+          # @gitea_repository = Gitea::Repository::CreateService.new(user.gitea_token, gitea_repository_params).call
+          @gitea_repository = $gitea_client.post_user_repos({query: {token: user.gitea_token}, body: gitea_repository_params.to_json})
+        elsif project.owner.is_a?(Organization)
+          # @gitea_repository = Gitea::Organization::Repository::CreateService.call(user.gitea_token, project.owner.login, gitea_repository_params)
+          @gitea_repository = $gitea_client.post_orgs_repos_by_org(project.owner.login, {query: {token: user.gitea_token}, body: gitea_repository_params.to_json})
+        end
+      else
+        raise "服务器错误，请联系系统管理员！"
+      end
     end
   end
 
   def sync_project
     if gitea_repository
       project.update_columns(
+        is_public: !gitea_repository["private"],
         gpid: gitea_repository["id"],
         identifier: repository.identifier,
         default_branch: gitea_repository["default_branch"],
@@ -58,7 +67,7 @@ class Repositories::CreateService < ApplicationService
   end
 
   def sync_repository
-    repository.update_columns(url: remote_repository_url,) if gitea_repository
+    repository.update_columns(url: remote_repository_url, hidden: gitea_repository["private"]) if gitea_repository
   end
 
   def remote_repository_url

app/views/admins/projects_rank/shared/_data_list.html.erb

@@ -16,7 +16,7 @@
     <tbody>
       <% statistics.each_with_index do |item, index| %>
         <tr class="">
-          <td><%= index + 1%></td>
+          <td><%= list_index_no((params[:page] || 1).to_i, index) %></td>
           <td>
             <a target="_blank" href="<%= "/#{item&.project&.owner&.login}/#{item&.project&.identifier}"%>">
               <%= "#{item&.project&.owner&.real_name}/#{item&.project&.name}" %>

app/views/admins/shared/_sidebar.html.erb

@@ -13,85 +13,85 @@
 
   <!-- Sidebar Links -->
   <ul class="list-unstyled components">
-    <li><%= sidebar_item(admins_path, '数据概览', icon: 'dashboard', controller: 'admins-dashboards') %></li>
+    <li><%= sidebar_item(admins_path, '数据概览', icon: 'dashboard', controller: 'admins-dashboards', has_permission: current_user.admin?) %></li>
     <li>
-      <%= sidebar_item_group('#user-submenu', '用户', icon: 'user') do %>
-        <li><%= sidebar_item(admins_users_path, '用户列表', icon: 'user', controller: 'admins-users') %></li>
-        <li><%= sidebar_item(admins_organizations_path, '组织列表', icon: 'user', controller: 'admins-organizations') %></li>
+      <%= sidebar_item_group('#user-submenu', '用户', icon: 'user', has_permission: current_user.admin?) do %>
+        <li><%= sidebar_item(admins_users_path, '用户列表', icon: 'user', controller: 'admins-users', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_organizations_path, '组织列表', icon: 'user', controller: 'admins-organizations', has_permission: current_user.admin?) %></li>
        
       <% end %>
     </li>
     <li>
-      <%= sidebar_item_group('#setting-submenu', '用户支持', icon: 'cogs') do %>
-        <li><%= sidebar_item(admins_faqs_path, 'FAQ', icon: 'question-circle', controller: 'admins-faqs') %></li>
-        <li><%= sidebar_item(admins_nps_path, 'NPS用户调研', icon: 'question-circle', controller: 'admins-nps') %></li>
-        <li><%= sidebar_item(admins_feedbacks_path, '用户反馈', icon: 'question-circle', controller: 'admins-feedbacks') %></li>
-        <li><%= sidebar_item(admins_system_notifications_path, '系统公告配置', icon: 'bell', controller: 'admins-system_notifications') %></li>
+      <%= sidebar_item_group('#setting-submenu', '用户支持', icon: 'cogs', has_permission: current_user.admin? || current_user.business?) do %>
+        <li><%= sidebar_item(admins_faqs_path, 'FAQ', icon: 'question-circle', controller: 'admins-faqs', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_nps_path, 'NPS用户调研', icon: 'question-circle', controller: 'admins-nps', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_feedbacks_path, '用户反馈', icon: 'question-circle', controller: 'admins-feedbacks', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_system_notifications_path, '系统公告配置', icon: 'bell', controller: 'admins-system_notifications', has_permission: current_user.admin? || current_user.business?) %></li>
       <% end %>
     </li>
-    <li><%= sidebar_item(admins_laboratories_path, '导航栏配置', icon: 'cloud', controller: 'admins-laboratories') %></li>
+    <li><%= sidebar_item(admins_laboratories_path, '导航栏配置', icon: 'cloud', controller: 'admins-laboratories', has_permission: current_user.admin?) %></li>
     <li>
-      <%= sidebar_item_group('#setting-system', '开发者配置', icon: 'wrench') do %>
-        <li><%= sidebar_item(admins_sites_path, 'setting接口配置', icon: 'deaf', controller: 'admins-sites') %></li>
-        <li><%= sidebar_item(admins_edu_settings_path, '全局变量配置', icon: 'pencil-square', controller: 'admins-edu_settings') %></li>
-        <li><%= sidebar_item(admins_message_templates_path, '消息模版配置', icon: 'folder', controller: 'admins-message_templates') %></li>
+      <%= sidebar_item_group('#setting-system', '开发者配置', icon: 'wrench', has_permission: current_user.admin?) do %>
+        <li><%= sidebar_item(admins_sites_path, 'setting接口配置', icon: 'deaf', controller: 'admins-sites', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_edu_settings_path, '全局变量配置', icon: 'pencil-square', controller: 'admins-edu_settings', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_message_templates_path, '消息模版配置', icon: 'folder', controller: 'admins-message_templates', has_permission: current_user.admin?) %></li>
       <% end %>
     </li>
-    <li><%= sidebar_item(admins_reversed_keywords_path, '禁用词管理', icon: 'key', controller: 'admins-reversed_keywords') %></li>
+    <li><%= sidebar_item(admins_reversed_keywords_path, '禁用词管理', icon: 'key', controller: 'admins-reversed_keywords', has_permission: current_user.admin?) %></li>
     <li>
-      <%= sidebar_item_group('#projects-submenu', '开源项目', icon: 'database') do %>
-        <li><%= sidebar_item(admins_projects_path, '项目列表', icon: 'database', controller: 'admins-projects') %></li>
-        <li><%= sidebar_item(admins_project_languages_path, '项目语言', icon: 'language', controller: 'admins-project_languages') %></li>
-        <li><%= sidebar_item(admins_project_categories_path, '分类列表', icon: 'sitemap', controller: 'admins-project_categories') %></li>
-        <li><%= sidebar_item(admins_project_licenses_path, '开源许可证', icon: 'file-text-o', controller: 'admins-project_licenses') %></li>
-        <li><%= sidebar_item(admins_project_ignores_path, '忽略文件', icon: 'git', controller: 'admins-project_ignores') %></li>
+      <%= sidebar_item_group('#projects-submenu', '开源项目', icon: 'database', has_permission: current_user.admin?) do %>
+        <li><%= sidebar_item(admins_projects_path, '项目列表', icon: 'database', controller: 'admins-projects', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_project_languages_path, '项目语言', icon: 'language', controller: 'admins-project_languages', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_project_categories_path, '分类列表', icon: 'sitemap', controller: 'admins-project_categories', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_project_licenses_path, '开源许可证', icon: 'file-text-o', controller: 'admins-project_licenses', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_project_ignores_path, '忽略文件', icon: 'git', controller: 'admins-project_ignores', has_permission: current_user.admin?) %></li>
       <% end %>
     </li>
     <li>
-      <%= sidebar_item_group('#setting-index', '首页配置', icon: 'file') do %>
-        <li><%= sidebar_item(admins_topic_banners_path, 'banner管理', icon: 'image', controller: 'admins-topic-banners') %></li>
-        <li><%= sidebar_item(admins_topic_cards_path, '卡片管理', icon: 'archive', controller: 'admins-topic-cards') %></li>
-        <li><%= sidebar_item(admins_topic_activity_forums_path, '平台动态管理', icon: 'bell', controller: 'admins-topic-activity_forums') %></li>
-        <li><%= sidebar_item(admins_topic_excellent_projects_path, '优秀仓库管理', icon: 'git', controller: 'admins-topic-excellent_projects') %></li>
-        <li><%= sidebar_item(admins_topic_pinned_forums_path, '精选文章管理', icon: 'edit', controller: 'admins-topic-pinned_forums') %></li>
-        <li><%= sidebar_item(admins_topic_experience_forums_path, '经验分享管理', icon: 'edit', controller: 'admins-topic-experience_forums') %></li>
-        <li><%= sidebar_item(admins_topic_cooperators_path, '合作伙伴管理', icon: 'user', controller: 'admins-topic-cooperators') %></li>
+      <%= sidebar_item_group('#setting-index', '首页配置', icon: 'file', has_permission: current_user.admin? || current_user.business?) do %>
+        <li><%= sidebar_item(admins_topic_banners_path, 'banner管理', icon: 'image', controller: 'admins-topic-banners', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_cards_path, '卡片管理', icon: 'archive', controller: 'admins-topic-cards', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_activity_forums_path, '平台动态管理', icon: 'bell', controller: 'admins-topic-activity_forums', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_excellent_projects_path, '优秀仓库管理', icon: 'git', controller: 'admins-topic-excellent_projects', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_pinned_forums_path, '精选文章管理', icon: 'edit', controller: 'admins-topic-pinned_forums', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_experience_forums_path, '经验分享管理', icon: 'edit', controller: 'admins-topic-experience_forums', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_topic_cooperators_path, '合作伙伴管理', icon: 'user', controller: 'admins-topic-cooperators', has_permission: current_user.admin? || current_user.business?) %></li>
       <% end %>
     </li>
     <li>
-      <%= sidebar_item_group('#setting-glcc', 'GLCC配置', icon: 'fire') do %>
-        <li><%= sidebar_item(admins_topic_glcc_news_index_path, '新闻稿管理', icon: 'edit', controller: 'admins-topic-glcc_news') %></li>
+      <%= sidebar_item_group('#setting-glcc', 'GLCC配置', icon: 'fire', has_permission: current_user.admin? || current_user.glcc_admin?) do %>
+        <li><%= sidebar_item(admins_topic_glcc_news_index_path, '新闻稿管理', icon: 'edit', controller: 'admins-topic-glcc_news', has_permission: current_user.admin? || current_user.glcc_admin?) %></li>
         <li>
           <% if EduSetting.get("glcc_apply_informations_admin_url")%>
-            <%= sidebar_item(EduSetting.get("glcc_apply_informations_admin_url"), '报名列表', icon: 'user', controller: 'root') %>
+            <%= sidebar_item(EduSetting.get("glcc_apply_informations_admin_url"), '报名列表', icon: 'user', controller: 'root', has_permission: current_user.admin? || current_user.glcc_admin?) %>
           <% end %>
         </li>
-        <li><%= sidebar_item(admins_glcc_pr_check_index_path, '考核PR检测', icon: 'edit', controller: 'admins-glcc_pr_check') %></li>
+        <li><%= sidebar_item(admins_glcc_pr_check_index_path, '考核PR检测', icon: 'edit', controller: 'admins-glcc_pr_check', has_permission: current_user.admin? || current_user.glcc_admin?) %></li>
       <% end %>
     </li>
     <li>
-      <%= sidebar_item_group('#pages-submenu', '个人站点管理', icon: 'cogs') do %>
-        <li><%= sidebar_item(admins_identity_verifications_path, '身份审核列表', icon: 'user', controller: 'admins-identity_verifications') %></li>
-        <li><%= sidebar_item(admins_site_pages_path, '用户站点列表', icon: 'sitemap', controller: 'admins-site_pages') %></li>
-        <li><%= sidebar_item(admins_page_themes_path, '站点主题配置', icon: 'cogs', controller: 'admins-page_themes') %></li>
+      <%= sidebar_item_group('#pages-submenu', '个人站点管理', icon: 'cogs', has_permission: current_user.admin? || current_user.business?) do %>
+        <li><%= sidebar_item(admins_identity_verifications_path, '身份审核列表', icon: 'user', controller: 'admins-identity_verifications', has_permission: current_user.admin? || current_user.business?) %></li>
+        <li><%= sidebar_item(admins_site_pages_path, '用户站点列表', icon: 'sitemap', controller: 'admins-site_pages', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_page_themes_path, '站点主题配置', icon: 'cogs', controller: 'admins-page_themes', has_permission: current_user.admin?) %></li>
        
       <% end %>
     </li>
     <li>
-      <%= sidebar_item_group('#rank-submenu', '活跃度排行', icon: 'calendar') do %>
-        <li><%= sidebar_item(admins_users_rank_index_path, '用户活跃度排行', icon: 'user', controller: 'admins-users_rank') %></li>
-        <li><%= sidebar_item(admins_projects_rank_index_path, '项目活跃度排行', icon: 'database', controller: 'admins-projects_rank') %></li>
-        <li><%= sidebar_item(admins_issues_rank_index_path, '疑修活跃度排行', icon: 'calendar', controller: 'admins-issues_rank') %></li>
+      <%= sidebar_item_group('#rank-submenu', '活跃度排行', icon: 'calendar', has_permission: current_user.admin?) do %>
+        <li><%= sidebar_item(admins_users_rank_index_path, '用户活跃度排行', icon: 'user', controller: 'admins-users_rank', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_projects_rank_index_path, '项目活跃度排行', icon: 'database', controller: 'admins-projects_rank', has_permission: current_user.admin?) %></li>
+        <li><%= sidebar_item(admins_issues_rank_index_path, '疑修活跃度排行', icon: 'calendar', controller: 'admins-issues_rank', has_permission: current_user.admin?) %></li>
       <% end %>
     </li>
 
-    <%= render_admin_statistics_item %>
+    <%= render_admin_statistics_item if current_user.admin? || current_user.business? %>
 
     <li>
-      <%= sidebar_item('/admins/sidekiq', '定时任务', icon: 'bell', controller: 'root') %>
+      <%= sidebar_item('/admins/sidekiq', '定时任务', icon: 'bell', controller: 'root', has_permission: current_user.admin?) %>
     </li>
     
 
-    <li><%= sidebar_item('/', '返回主站', icon: 'sign-out', controller: 'root') %></li>
+    <li><%= sidebar_item('/', '返回主站', icon: 'sign-out', controller: 'root', has_permission: current_user.admin?) %></li>
   </ul>
 </nav>

app/views/admins/users/edit.html.erb

@@ -89,6 +89,8 @@
           <%= f.label :role, label: '角色' %>
           <div class="d-flex">
             <%= f.input :admin, as: :boolean, label: '管理员', checked_value: 1, unchecked_value: 0 %>
+            <%= f.input :business, as: :boolean, label: '运营人员', wrapper_html: { class: 'ml-3' }, checked_value: 1, unchecked_value: 0 %>
+            <%= f.input :glcc_admin, as: :boolean, label: 'GLCC管理员', wrapper_html: { class: 'ml-3' }, checked_value: 1, unchecked_value: 0 %>
           </div>
         </div>
       <% end %>

app/views/api/v1/projects/tags/_simple_gitea_index_detail.json.jbuilder

@@ -12,6 +12,7 @@ if tag.present? && tag.is_a?(Hash)
   end
   json.time_ago time_from_now(tag['tagger']['date'].to_time)
   json.created_at_unix tag['tagger']['date'].to_time.to_i
+  json.created_time tag['tagger']['date'].to_time
   json.message tag['message']
   json.commit do
     json.sha tag['commit']['sha']

app/views/pull_requests/index.json.jbuilder

@@ -32,6 +32,7 @@ json.issues do
     json.id issue.id
     json.name issue.subject
     json.pr_time time_from_now(pr.status == 1 ? pr.updated_at : issue.updated_on)
+    json.pr_full_time pr.status == 1 ? pr.updated_at : issue.updated_on
     json.assign_user_name issue.get_assign_user.try(:show_real_name)
     json.assign_user_login issue.get_assign_user.try(:login)
     json.author_name issue.user.try(:show_real_name)

app/views/repositories/tags.json.jbuilder

@@ -10,6 +10,7 @@ json.tags @tags do |tag|
     end
     json.time_ago time_from_now(tag['tagger']['date'].to_time)
     json.created_at_unix tag['tagger']['date'].to_time.to_i
+    json.created_time tag['tagger']['date'].to_time
     json.message tag['message']
     json.commit do
       json.sha tag['commit']['sha']

db/migrate/20240628023909_add_glcc_admin_field_to_users.rb

@@ -0,0 +1,5 @@
+class AddGlccAdminFieldToUsers < ActiveRecord::Migration[5.2]
+  def change
+    add_column :users, :glcc_admin, :boolean, default: false
+  end
+end