From 1466f0133ccf695100a32f235ad1f7007e880442 Mon Sep 17 00:00:00 2001
From: daiao <358551898@qq.com>
Date: Wed, 15 May 2019 10:26:29 +0800
Subject: [PATCH 1/2] 1

---
 app/controllers/myshixuns_controller.rb | 2 +-
 app/services/games_service.rb           | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/myshixuns_controller.rb b/app/controllers/myshixuns_controller.rb
index 3115befa..e34e4563 100755
--- a/app/controllers/myshixuns_controller.rb
+++ b/app/controllers/myshixuns_controller.rb
@@ -545,7 +545,7 @@ class MyshixunsController < ApplicationController
             challenge.path.split("；").each do |path|
               game_passed_code(game.id, path, myshixun.try(:gpid), 1)
             end
-            if game.answer_open && (challenge.shixun.try(:status) > 1) # 如果没有查看答案，则获得该关卡得分
+            if !game.answer_open && (challenge.shixun.try(:status) > 1) # 如果没有查看答案，则获得该关卡得分
               reward_grade(game.user, game.id, 'Game', challenge.score)
               reward_experience(game.user, game.id, 'Game', challenge.score)
               game.update_attributes!(:final_score => challenge.score)
diff --git a/app/services/games_service.rb b/app/services/games_service.rb
index 5bbf09fd..f338a4a5 100755
--- a/app/services/games_service.rb
+++ b/app/services/games_service.rb
@@ -277,7 +277,7 @@ class GamesService
     challenge_score = challenge.try(:score)
     final_score = @game.final_score
     if current_user.grade.to_i - challenge_score > 0
-      if @game.answer_open # 如果这是第一次查看答案
+      if !@game.answer_open # 如果这是第一次查看答案
         if challenge.st == 0
           final_score = final_score - challenge_score
           # 积分消耗情况记录
@@ -718,7 +718,7 @@ class GamesService
     if had_passed && !game.had_passed?
       game.update_attributes(:status => 2, :end_time => Time.now)
       # TPM实训已发布并且没有查看答案
-      if shixun.is_published? && game.answer_open.to_i == 0
+      if shixun.is_published? && !game.answer_open
         # 查看答案的时候处理final_scor和扣分记录
         experience = score
         reward_grade(myshixun.owner, game.id, 'Game', score)

From e0b7356b02fb6ca94fdd8b86db1ebcfbef05b06f Mon Sep 17 00:00:00 2001
From: daiao <358551898@qq.com>
Date: Wed, 15 May 2019 17:58:44 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E6=B5=B7=E5=86=9B=E5=B7=A5=E7=A8=8B?=
 =?UTF-8?q?=E5=A4=A7=E5=AD=A6=E9=99=90=E5=88=B6ip=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/account_controller.rb         | 19 ++++++++++++++++++-
 app/controllers/local_settings_controller.rb  |  3 ++-
 app/controllers/managements_controller.rb     |  9 +++++++++
 app/helpers/application_helper.rb             |  8 ++++++++
 app/models/login_ip_info.rb                   |  4 ++++
 app/models/user.rb                            |  3 ++-
 app/views/account/login.html.erb              |  3 ++-
 app/views/layouts/login.html.erb              |  2 +-
 app/views/managements/_user_list.html.erb     | 16 +++++++++++++---
 app/views/managements/unlock_user_ip.js.erb   |  1 +
 config/routes.rb                              |  1 +
 .../20190515061953_create_login_ip_infos.rb   | 10 ++++++++++
 spec/factories/login_ip_infos.rb              |  5 +++++
 spec/models/login_ip_info_spec.rb             |  5 +++++
 14 files changed, 81 insertions(+), 8 deletions(-)
 create mode 100644 app/models/login_ip_info.rb
 create mode 100644 app/views/managements/unlock_user_ip.js.erb
 create mode 100644 db/migrate/20190515061953_create_login_ip_infos.rb
 create mode 100644 spec/factories/login_ip_infos.rb
 create mode 100644 spec/models/login_ip_info_spec.rb

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 48122e3c..bb5d6d18 100755
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -70,7 +70,6 @@ class AccountController < ApplicationController
         login = params[:username].strip
         password = params[:password]
         # 验证用户名密码是否正确
-        @user, last_login_on = User.try_to_login(login, password)
         if @user.present?
           Rails.logger.info("successful_authentication, user is #{@user.try(:login)}")
           # 登录重置session；重新开启session有效时间等
@@ -1312,6 +1311,17 @@ class AccountController < ApplicationController
 
   def password_authentication
     user, last_login_on = User.try_to_login(params[:username], params[:password])
+    logger.info("##############user_id##{user}")
+    if LocalSetting.first.try(:exam) && !user.admin?
+      if user.login_ip_info
+        if request.remote_ip != user.login_ip_info.remote_ip
+          ip_change_limit_login
+          return
+        end
+      else
+        LoginIpInfo.create(user_id:user.id, remote_ip: request.remote_ip)
+      end
+    end
     Rails.logger.info("password_authentication: params[:username] is #{params[:username]}, user is #{user}")
 
     if user.nil?
@@ -1463,6 +1473,13 @@ class AccountController < ApplicationController
     render :action => 'register'
   end
 
+  def ip_change_limit_login
+    logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
+    flash[:error] = "考试期间不能切换IP登录"
+    redirect_to signin_url
+    #render signin_path
+  end
+
   def invalid_credentials
     logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
     flash[:error] = l(:notice_account_invalid_creditentials)
diff --git a/app/controllers/local_settings_controller.rb b/app/controllers/local_settings_controller.rb
index fad30f60..20076a20 100755
--- a/app/controllers/local_settings_controller.rb
+++ b/app/controllers/local_settings_controller.rb
@@ -58,7 +58,8 @@ class LocalSettingsController < ApplicationController
   # PUT /local_settings/1.json
   def update
     @local_setting = LocalSetting.find(params[:id])
-
+    # 考试模式更新，先清除之前产生的记录
+    LoginIpInfo.destroy_all
     respond_to do |format|
       if @local_setting.update_attributes(params[:local_setting])
         if params[:local_setting][:exam] == "0"
diff --git a/app/controllers/managements_controller.rb b/app/controllers/managements_controller.rb
index cc5db9d2..881c5b25 100755
--- a/app/controllers/managements_controller.rb
+++ b/app/controllers/managements_controller.rb
@@ -2091,6 +2091,15 @@ end
     end
   end
 
+  # 解锁IP功能
+  def unlock_user_ip
+    logger.info("####unlock_user_ip user_id: #{params[:user_id]}")
+    if params[:user_id]
+      ip = LoginIpInfo.find_by_user_id(params[:user_id])
+      ip.destroy if ip
+    end
+  end
+
   def shixuns
     @menu_type = 3
     @sub_type = 1
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 89e0cb70..d7519e23 100755
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -2480,6 +2480,14 @@ module ApplicationHelper
     s.html_safe
   end
 
+  def render_flash_messages
+    s = ''
+    flash.each do |k,v|
+      s << content_tag('div', v.html_safe, :class => "alert alert-orange mb15 mt15", :id => "flash_#{k}")
+    end
+    s.html_safe
+  end
+
   # Renders tabs and their content
   def render_tabs(tabs)
     if tabs.any?
diff --git a/app/models/login_ip_info.rb b/app/models/login_ip_info.rb
new file mode 100644
index 00000000..22077370
--- /dev/null
+++ b/app/models/login_ip_info.rb
@@ -0,0 +1,4 @@
+class LoginIpInfo < ActiveRecord::Base
+  # attr_accessible :title, :body
+  belongs_to :user
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index 6d539017..f2b012e4 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -160,6 +160,7 @@ class User < Principal
 ## added by xianbo for delete 
   # has_many :biding_projects, :dependent => :destroy
   belongs_to :softapplication, :foreign_key => 'id', :dependent => :destroy
+  has_one :login_ip_info, :dependent => :destroy
 ##ended by xianbo
 
 #####fq
@@ -447,7 +448,7 @@ class User < Principal
 
   # 平台认证的老师
   def is_certification_teacher
-    self.user_extensions.identity == 0 && self.certification == 1
+    self.user_extensions.try(:identity) == 0 && self.certification == 1
   end
 
   def job_title
diff --git a/app/views/account/login.html.erb b/app/views/account/login.html.erb
index a4af9782..100df772 100755
--- a/app/views/account/login.html.erb
+++ b/app/views/account/login.html.erb
@@ -3,7 +3,8 @@
       <div class="login_reg pr">
         <a href="<%= home_path %>" class="logo-redirect"><img src="/images/educoder/headNavLogo.png"></a>
         <div id="register_content">
-            <ul class="log_nav clearfix">
+          <%= render_flash_messages %>
+          <ul class="log_nav clearfix">
               <li class="active">登录</li>
               <% localized_deployment = Setting.find_by_name("localized_deployment")
                  none_visible = localized_deployment && localized_deployment.value == "1"%>
diff --git a/app/views/layouts/login.html.erb b/app/views/layouts/login.html.erb
index 818ba099..48ff4424 100755
--- a/app/views/layouts/login.html.erb
+++ b/app/views/layouts/login.html.erb
@@ -27,7 +27,7 @@
 </head>
 <body>
     <div class="newContainer">
-        <%= yield %>
+      <%= yield %>
     </div>
 </body>
 </html>
\ No newline at end of file
diff --git a/app/views/managements/_user_list.html.erb b/app/views/managements/_user_list.html.erb
index d77fa954..1cba9bca 100755
--- a/app/views/managements/_user_list.html.erb
+++ b/app/views/managements/_user_list.html.erb
@@ -35,9 +35,9 @@
         <td><%= link_to user.experience.to_i, user_experience_user_path(user), :target => '_blank' %></td>
         <td><%= link_to user.grade.to_i, user_grade_user_path(user), :target => '_blank' %></td>
         <td>
-          <!--<a href="<%#= update_user_status_managements_path(:status => user.status, :page => params[:page]) %>" class="mr10 link-color-blue" id="lock_user"><%#= user.status == 3 ? "解锁" : "锁定" %></a>-->
+          <a href="javascript:void(0);" class="mr10 link-color-blue" id="unlock_user" onclick="unlock_user_ip('<%= user.id %>')">解除IP限制</a>
           <a href="javascript:void(0);" class="link-color-blue", onclick="reward('<%= reward_grade_users_path(:user_id => user.id, :container_type => "Feedback") %>')">奖励</a>
-          <%= update_status_link(user) %>
+          <%#= update_status_link(user) %>
           <!--  <a href="javascript:void(0);" methods="delete" class="link-color-blue" id="delete_user">删除</a>-->
           <%= link_to "删除", user_path(user, :back_url => users_managements_path), :method => "delete", :class => "link-color-blue", :confirm => l(:text_are_you_sure)  %>
         </td>
@@ -129,5 +129,15 @@
           dataType: "script",
           data: {us_order : order, order_key: "grade", user_status:user_status, research_condition:research_condition, research_contents:research_contents}
       });
-  })
+  });
+
+  // 解锁ip绑定
+    function unlock_user_ip(id) {
+        $.ajax({
+           url: "<%= unlock_user_ip_managements_path() %>",
+           type: "post",
+           dataType: "script",
+           data: {user_id: id}
+        });
+    }
 </script>
\ No newline at end of file
diff --git a/app/views/managements/unlock_user_ip.js.erb b/app/views/managements/unlock_user_ip.js.erb
new file mode 100644
index 00000000..77eaa11c
--- /dev/null
+++ b/app/views/managements/unlock_user_ip.js.erb
@@ -0,0 +1 @@
+notice_box("解锁成功");
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index 1306f774..e52be2c8 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -722,6 +722,7 @@ RedmineApp::Application.routes.draw do ## oauth相关
       post :add_customers
       delete :delete_customers
       get :customers_list
+      post :unlock_user_ip
     end
   end
   # Enable Grack support
diff --git a/db/migrate/20190515061953_create_login_ip_infos.rb b/db/migrate/20190515061953_create_login_ip_infos.rb
new file mode 100644
index 00000000..9a5e2712
--- /dev/null
+++ b/db/migrate/20190515061953_create_login_ip_infos.rb
@@ -0,0 +1,10 @@
+class CreateLoginIpInfos < ActiveRecord::Migration
+  def change
+    create_table :login_ip_infos do |t|
+      t.references :user
+      t.string :remote_ip
+      t.integer :status
+      t.timestamps
+    end
+  end
+end
diff --git a/spec/factories/login_ip_infos.rb b/spec/factories/login_ip_infos.rb
new file mode 100644
index 00000000..b34860e9
--- /dev/null
+++ b/spec/factories/login_ip_infos.rb
@@ -0,0 +1,5 @@
+FactoryGirl.define do
+  factory :login_ip_info do
+    
+  end
+end
diff --git a/spec/models/login_ip_info_spec.rb b/spec/models/login_ip_info_spec.rb
new file mode 100644
index 00000000..ba1465d3
--- /dev/null
+++ b/spec/models/login_ip_info_spec.rb
@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe LoginIpInfo, :type => :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end