Merge branch 'dev_local' of https://bdgit.educoder.net/Hjqreturn/pgfqe6ch8 into dev_local

6 years ago · 9fc7d82a5b
parent d9c76bf381 1d39f457fd
commit 9fc7d82a5b
16 changed files with 84 additions and 11 deletions
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@ -70,7 +70,6 @@ class AccountController < ApplicationController
        login = params[:username].strip
        password = params[:password]
        # 验证用户名密码是否正确
-        @user, last_login_on = User.try_to_login(login, password)
        if @user.present?
          Rails.logger.info("successful_authentication, user is #{@user.try(:login)}")
          # 登录重置session；重新开启session有效时间等
@ -1312,6 +1311,17 @@ class AccountController < ApplicationController

  def password_authentication
    user, last_login_on = User.try_to_login(params[:username], params[:password])
+    logger.info("##############user_id##{user}")
+    if LocalSetting.first.try(:exam) && !user.admin?
+      if user.login_ip_info
+        if request.remote_ip != user.login_ip_info.remote_ip
+          ip_change_limit_login
+          return
+        end
+      else
+        LoginIpInfo.create(user_id:user.id, remote_ip: request.remote_ip)
+      end
+    end
    Rails.logger.info("password_authentication: params[:username] is #{params[:username]}, user is #{user}")

    if user.nil?
@ -1463,6 +1473,13 @@ class AccountController < ApplicationController
    render :action => 'register'
  end

+  def ip_change_limit_login
+    logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
+    flash[:error] = "考试期间不能切换IP登录"
+    redirect_to signin_url
+    #render signin_path
+  end
+
  def invalid_credentials
    logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
    flash[:error] = l(:notice_account_invalid_creditentials)
--- a/app/controllers/local_settings_controller.rb
+++ b/app/controllers/local_settings_controller.rb
@ -58,7 +58,8 @@ class LocalSettingsController < ApplicationController
  # PUT /local_settings/1.json
  def update
    @local_setting = LocalSetting.find(params[:id])
-
+    # 考试模式更新，先清除之前产生的记录
+    LoginIpInfo.destroy_all
    respond_to do |format|
      if @local_setting.update_attributes(params[:local_setting])
        if params[:local_setting][:exam] == "0"
--- a/app/controllers/managements_controller.rb
+++ b/app/controllers/managements_controller.rb
@ -2091,6 +2091,15 @@ end
    end
  end

+  # 解锁IP功能
+  def unlock_user_ip
+    logger.info("####unlock_user_ip user_id: #{params[:user_id]}")
+    if params[:user_id]
+      ip = LoginIpInfo.find_by_user_id(params[:user_id])
+      ip.destroy if ip
+    end
+  end
+
  def shixuns
    @menu_type = 3
    @sub_type = 1
--- a/app/controllers/myshixuns_controller.rb
+++ b/app/controllers/myshixuns_controller.rb
@ -545,7 +545,7 @@ class MyshixunsController < ApplicationController
            challenge.path.split("；").each do |path|
              game_passed_code(game.id, path, myshixun.try(:gpid), 1)
            end
-            if game.answer_open && (challenge.shixun.try(:status) > 1) # 如果没有查看答案，则获得该关卡得分
+            if !game.answer_open && (challenge.shixun.try(:status) > 1) # 如果没有查看答案，则获得该关卡得分
              reward_grade(game.user, game.id, 'Game', challenge.score)
              reward_experience(game.user, game.id, 'Game', challenge.score)
              game.update_attributes!(:final_score => challenge.score)
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -2480,6 +2480,14 @@ module ApplicationHelper
    s.html_safe
  end

+  def render_flash_messages
+    s = ''
+    flash.each do |k,v|
+      s << content_tag('div', v.html_safe, :class => "alert alert-orange mb15 mt15", :id => "flash_#{k}")
+    end
+    s.html_safe
+  end
+
  # Renders tabs and their content
  def render_tabs(tabs)
    if tabs.any?
--- a/app/models/login_ip_info.rb
+++ b/app/models/login_ip_info.rb
@ -0,0 +1,4 @@
+class LoginIpInfo < ActiveRecord::Base
+  # attr_accessible :title, :body
+  belongs_to :user
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -160,6 +160,7 @@ class User < Principal
 ## added by xianbo for delete 
  # has_many :biding_projects, :dependent => :destroy
  belongs_to :softapplication, :foreign_key => 'id', :dependent => :destroy
+  has_one :login_ip_info, :dependent => :destroy
 ##ended by xianbo

 #####fq
@ -447,7 +448,7 @@ class User < Principal

  # 平台认证的老师
  def is_certification_teacher
-    self.user_extensions.identity == 0 && self.certification == 1
+    self.user_extensions.try(:identity) == 0 && self.certification == 1
  end

  def job_title
--- a/app/services/games_service.rb
+++ b/app/services/games_service.rb
@ -277,7 +277,7 @@ class GamesService
    challenge_score = challenge.try(:score)
    final_score = @game.final_score
    if current_user.grade.to_i - challenge_score > 0
-      if @game.answer_open # 如果这是第一次查看答案
+      if !@game.answer_open # 如果这是第一次查看答案
        if challenge.st == 0
          final_score = final_score - challenge_score
          # 积分消耗情况记录
@ -718,7 +718,7 @@ class GamesService
    if had_passed && !game.had_passed?
      game.update_attributes(:status => 2, :end_time => Time.now)
      # TPM实训已发布并且没有查看答案
-      if shixun.is_published? && game.answer_open.to_i == 0
+      if shixun.is_published? && !game.answer_open
        # 查看答案的时候处理final_scor和扣分记录
        experience = score
        reward_grade(myshixun.owner, game.id, 'Game', score)
--- a/app/views/account/login.html.erb
+++ b/app/views/account/login.html.erb
@ -3,7 +3,8 @@
      <div class="login_reg pr">
        <a href="<%= home_path %>" class="logo-redirect"><img src="/images/educoder/headNavLogo.png"></a>
        <div id="register_content">
-            <ul class="log_nav clearfix">
+          <%= render_flash_messages %>
+          <ul class="log_nav clearfix">
              <li class="active">登录</li>
              <% localized_deployment = Setting.find_by_name("localized_deployment")
                 none_visible = localized_deployment && localized_deployment.value == "1"%>
--- a/app/views/layouts/login.html.erb
+++ b/app/views/layouts/login.html.erb
@ -27,7 +27,7 @@
 </head>
 <body>
    <div class="newContainer">
-        <%= yield %>
+      <%= yield %>
    </div>
 </body>
 </html>
--- a/app/views/managements/_user_list.html.erb
+++ b/app/views/managements/_user_list.html.erb
@ -35,9 +35,9 @@
        <td><%= link_to user.experience.to_i, user_experience_user_path(user), :target => '_blank' %></td>
        <td><%= link_to user.grade.to_i, user_grade_user_path(user), :target => '_blank' %></td>
        <td>
-          <!--<a href="<%#= update_user_status_managements_path(:status => user.status, :page => params[:page]) %>" class="mr10 link-color-blue" id="lock_user"><%#= user.status == 3 ? "解锁" : "锁定" %></a>-->
+          <a href="javascript:void(0);" class="mr10 link-color-blue" id="unlock_user" onclick="unlock_user_ip('<%= user.id %>')">解除IP限制</a>
          <a href="javascript:void(0);" class="link-color-blue", onclick="reward('<%= reward_grade_users_path(:user_id => user.id, :container_type => "Feedback") %>')">奖励</a>
-          <%= update_status_link(user) %>
+          <%#= update_status_link(user) %>
          <!--  <a href="javascript:void(0);" methods="delete" class="link-color-blue" id="delete_user">删除</a>-->
          <%= link_to "删除", user_path(user, :back_url => users_managements_path), :method => "delete", :class => "link-color-blue", :confirm => l(:text_are_you_sure)  %>
        </td>
@ -129,5 +129,15 @@
          dataType: "script",
          data: {us_order : order, order_key: "grade", user_status:user_status, research_condition:research_condition, research_contents:research_contents}
      });
-  })
+  });
+
+  // 解锁ip绑定
+    function unlock_user_ip(id) {
+        $.ajax({
+           url: "<%= unlock_user_ip_managements_path() %>",
+           type: "post",
+           dataType: "script",
+           data: {user_id: id}
+        });
+    }
 </script>
--- a/app/views/managements/unlock_user_ip.js.erb
+++ b/app/views/managements/unlock_user_ip.js.erb
@ -0,0 +1 @@
+notice_box("解锁成功");
--- a/config/routes.rb
+++ b/config/routes.rb
@ -722,6 +722,7 @@ RedmineApp::Application.routes.draw do ## oauth相关
      post :add_customers
      delete :delete_customers
      get :customers_list
+      post :unlock_user_ip
    end
  end
  # Enable Grack support
--- a/db/migrate/20190515061953_create_login_ip_infos.rb
+++ b/db/migrate/20190515061953_create_login_ip_infos.rb
@ -0,0 +1,10 @@
+class CreateLoginIpInfos < ActiveRecord::Migration
+  def change
+    create_table :login_ip_infos do |t|
+      t.references :user
+      t.string :remote_ip
+      t.integer :status
+      t.timestamps
+    end
+  end
+end
--- a/spec/factories/login_ip_infos.rb
+++ b/spec/factories/login_ip_infos.rb
@ -0,0 +1,5 @@
+FactoryGirl.define do
+  factory :login_ip_info do
+    
+  end
+end
--- a/spec/models/login_ip_info_spec.rb
+++ b/spec/models/login_ip_info_spec.rb
@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe LoginIpInfo, :type => :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end