Merge branch 'develop' into educoder

app/api/mobile/api.rb

@@ -34,7 +34,7 @@ module Mobile
     version 'v1', using: :path
     format :json
     content_type :json, "application/json;charset=UTF-8"
-    use ActionDispatch::Session::CookieStore,  :expire_after => 8.hours, :key => '_educoder_session', :domain => :all
+    #use ActionDispatch::Session::CookieStore,  :expire_after => 8.hours, :key => '_educoder_session', :domain => :all
 
     require 'digest'
     use Mobile::Middleware::ErrorHandler

app/controllers/account_controller.rb

@@ -456,6 +456,8 @@ class AccountController < ApplicationController
       @pref = @user.pref
       @se = @user.extensions
 
+      old_identity = @se.identity
+
           # 已授权的用户修改单位名称，需要重新授权
       if @se.school_id != params[:occupation].to_i && @user.certification == 1
         @user.certification = 0
@@ -510,10 +512,15 @@ class AccountController < ApplicationController
         @se.technical_title = params[:pro_technical_title] if params[:pro_technical_title]
         @se.student_id = nil
       end
+
       # @se.brief_introduction = params[:brief_introduction]
 
       if @user.save && @se.save
 
+        if old_identity.nil? && @se.identity == 0
+          Trustie::Sms.send(mobile: '17680641960', send_type:'teacher_register', name: @user.login, user_name: "管理员")
+        end
+
         reward_grade(@user, @user.id, 'Account', 500)
 
         if @user.certification != 1

app/controllers/application_controller.rb

@@ -376,7 +376,7 @@ class ApplicationController < ActionController::Base
 
   def require_admin
     return unless require_login
-    if !User.current.admin?
+    if !User.current.admin? && @shixun.status > 1
       render_403
       return false
     end

app/controllers/managements_controller.rb

@@ -2820,17 +2820,17 @@ end
         else
           "status = 1"
         end
-    @users = User.where("#{sql}").includes(:apply_actions, user_extensions: [:department, :school]).order("last_login_on #{@sx_order}")
+    @users = User.where("#{sql}").includes(:real_name_authentication_apply, :professional_authentication_apply,
+                                           user_extensions: [:department, :school]).order("last_login_on #{@sx_order}")
     @has_cer_count = User.where(:status => 1, :certification => 1).count
     @reject_cer_count = User.where(:status => 1, :certification => 2).count
     @deal_cer_count = ApplyAction.where(:status => 0).select("distinct user_id").count
-    time = Time.at(Time.now.to_i - 86400)
-    cer = UserDayCertification.where("created_at > '#{time}'").pluck(:user_id)
-    cer_ids = cer.join(",")
-    @trial_cer_count = cer.blank? ? 0 : User.where("status = 1 and certification != 1 and id in (#{cer_ids})").count
-    apply = ApplyAction.where(:container_type => "TrialAuthorization").pluck(:user_id)
-    apply_ids = apply.join(",")
-    @nonn_cer_count = apply.blank? ? 0 : User.where("status = 1 and certification = 0 and id not in (#{apply_ids}) ").count
+
+    subquery = UserDayCertification.where("created_at > ?", Time.now.ago(1.days)).select(:user_id).to_sql
+    @trial_cer_count = User.where("status = 1 and certification != 1 and id in (#{subquery})").count
+
+    apply_subquery = ApplyAction.where(container_type: "TrialAuthorization").select(:user_id).to_sql
+    @nonn_cer_count = User.where("status = 1 and certification = 0 and id not in (#{apply_subquery}) ").count
 
     @page = (params['page'] || 1).to_i
     @users_count =  @users.count
@@ -3310,83 +3310,82 @@ end
       end
     end
 
-    all_user_ids = User.where(:status => 1).pluck(:id)
+    users = User.where(nil)
     if params[:trial] == "-1"
-      apply = ApplyAction.where(:container_type => "TrialAuthorization").pluck(:user_id)
-      apply_id = apply.blank? ? -1 : "(" + apply.join(",") + ")"
-      apply_user_id  = User.where("status = 1 and certification = 0 and id not in #{apply_id} ").pluck(:id)
+      users = users.where(status: 1, certification: 0)
+                .joins('LEFT JOIN apply_actions ON apply_actions.user_id = users.id AND apply_actions.container_type = "TrialAuthorization"')
+                .where('apply_actions.user_id IS NULL')
     elsif params[:trial] == "-2"
-      apply_user_id = all_user_ids
+      users = users.where(status: 1)
     elsif params[:trial] == "0"
-      apply_user_id = ApplyAction.where(:status => 0).pluck(:user_id)
+      users = users.joins('LEFT JOIN apply_actions ON apply_actions.user_id = users.id').where(apply_actions: { status: 0 })
     elsif params[:trial] == "3"
-      time = Time.at(Time.now.to_i - 86400)
-      user_cer = UserDayCertification.where("created_at > '#{time}'").pluck(:user_id)
-      cer_id = user_cer.blank? ? "(-1)" : "(" + user_cer.map{|a| a.user_id}.join(",") + ")"
-      apply_user_id  = User.where("status = 1 and certification != 1 and id in #{cer_id} ").pluck(:id)
+      users = users.joins('LEFT JOIN user_day_certifications udc ON udc.user_id = users.id')
+                .where('users.certification != 1').where('udc.created_at > ?', Time.now.ago(1.days))
     else
-      apply_user_id = User.where(:status => 1, :certification => params[:trial]).pluck(:id)
+      users = users.where(status: 1, certification: params[:trial])
     end
 
-    if params[:school] == ""
-      s_user_id = all_user_ids
-    else
-      school_ids = School.where("name like '%#{params[:school]}%'").pluck(:id)
-      s_user_id = UserExtensions.where(:school_id => school_ids).pluck(:user_id)
+    users = users.joins('LEFT JOIN user_extensions ON user_extensions.user_id = users.id')
+              .joins('LEFT JOIN departments ON departments.id = user_extensions.department_id')
+              .joins('LEFT JOIN schools ON schools.id = user_extensions.school_id')
+
+    if params[:school].present?
+      users = users.where("schools.name LIKE ?", "%#{params[:school]}%")
     end
 
-    if params[:department] == ""
-      d_user_id = all_user_ids
-    else
-      dep_ids = Department.where("name like '%#{params[:department]}%'").pluck(:id)
-      d_user_id = UserExtensions.where(:department_id => dep_ids).pluck(:user_id)
+    if params[:department].present?
+      users = users.where("departments.name LIKE ?", "%#{params[:department]}%")
     end
 
-    ide_user_id = all_user_ids
     if params[:identity] == "1" || (params[:identity] == "0" && params[:te_technical_title] == "0") || (params[:identity] == "2" && params[:pro_technical_title] == "0")
-      ide_user_id = UserExtensions.where("identity = #{params[:identity]}").pluck(:user_id)
+      users = users.where(user_extensions: { identity: params[:identity] })
     elsif (params[:identity] == "0" && params[:te_technical_title] != "0") || (params[:identity] == "2" && params[:pro_technical_title] != "0")
       technical_title = params[:identity] == "0" ? params[:te_technical_title] : params[:pro_technical_title]
-      ide_user_id = UserExtensions.where("identity = #{params[:identity]} and technical_title = '#{technical_title}'").pluck(:user_id)
+      users = users.where(user_extensions: { identity: params[:identity], technical_title: technical_title })
     end
 
-    if params[:student_id] && params[:student_id] != ''
-      stu_user_id = UserExtensions.where("student_id like '%#{params[:student_id]}%'").pluck(:user_id)
-    else
-      stu_user_id = all_user_ids
+    if params[:student_id].present?
+      users = users.where('user_extensions.student_id like ?', "%#{params[:student_id]}%")
     end
 
-    user_id = s_user_id & d_user_id & apply_user_id & stu_user_id & ide_user_id
-    sql = ""
-    sql =
+    if params[:research_contents].present?
+      keyword = "%#{params[:research_contents]}%"
       if params[:research_condition] == "name"
-          "concat(lastname, firstname) like '%#{params[:research_contents]}%'"
+        users = users.where('concat(lastname, firstname) like ?', keyword)
       elsif params[:research_condition] == "email"
-          "mail like '%#{params[:research_contents]}%'"
+        users = users.where("mail like ?", keyword)
       elsif params[:research_condition] == "phone"
-          "phone like '%#{params[:research_contents]}%'"
+        users = users.where("phone like ?", keyword)
       elsif params[:research_condition] == "nickname"
-          if params[:research_contents].present?
-            "nickname like '%#{params[:research_contents]}%'"
-          end
+        users = users.where("nickname like ?", keyword)
       elsif params[:research_condition] == "login"
-          params[:research_contents].present? ? "login like '%#{params[:research_contents]}%'" : ""
+        users = users.where("login like ?", keyword)
+      end
+    end
+
+    if params[:province].present?
+      users = users.where(schools: { province: params[:province] })
     end
 
-    @users = User.where(:id => user_id).where("#{sql}").includes(:apply_actions, user_extensions: [:department, :school]).order("last_login_on desc")
-    @xls_users = @users.reorder("created_on desc").limit(3000) #导出excel用户
+    users = users.select('distinct users.*').order("last_login_on desc")
+
     @page = (params['page'] || 1).to_i
-    @users_count = @users.count
+    @users_count = users.count
     @limit = 20
     @is_remote = true
     @users_pages = Paginator.new @users_count, @limit, params['page'] || 1
     @offset ||= @users_pages.offset
-    @users = paginateHelper @users, @limit
+    @users = paginateHelper users.includes(:real_name_authentication_apply, :professional_authentication_apply,
+                                           user_extensions: [:department, :school]), @limit
 
     respond_to do |format|
       format.js
       format.xls{
         # @export_shixun_task = @export_shixun_task.all
+        @xls_users = users.reorder("created_on desc").limit(3000) #导出excel用户
+        @xls_users = @xls_users.includes(:real_name_authentication_apply, :professional_authentication_apply,
+                             user_extensions: [:department, :school])
         filename = "用户列表.xls"
         send_data(user_list_xls(@xls_users), :type => 'application/octet-stream', :filename => filename_for_content_disposition(filename))
       }

app/models/discuss.rb

@@ -1,6 +1,7 @@
 class Discuss < ActiveRecord::Base
   belongs_to :user
-  attr_accessible :user_id, :content, :dis_id, :dis_type, :parent_id, :praise_count, :root_id, :challenge_id, :position, :reward
+  attr_accessible :user_id, :content, :dis_id, :dis_type, :parent_id, :praise_count, :root_id, :challenge_id,
+                  :position, :reward, :hidden
   default_scope :order => 'created_at desc'
 
   has_many :praise_tread, as: :praise_tread_object, dependent: :destroy

app/models/school.rb

@@ -81,4 +81,10 @@ class School < ActiveRecord::Base
                                 courses.id LEFT JOIN user_extensions ON courses.tea_id=user_extensions.user_id WHERE
                                 user_extensions.`school_id` = #{self.id}").first.try(:max_update)
   end
+
+  def self.provinces
+    Rails.cache.fetch('china_province_cache', expires_in: 1.days) do
+      School.pluck('distinct province').select(&:present?)
+    end
+  end
 end

app/models/user.rb

@@ -224,6 +224,8 @@ class User < Principal
   ###
   has_many :apply_actions, :dependent => :destroy
   has_many :apply_user_authentications, :dependent => :destroy
+  has_one :real_name_authentication_apply, conditions: 'auth_type = 1 AND status = 0', class_name: 'ApplyUserAuthentication'
+  has_one :professional_authentication_apply, conditions: 'auth_type = 2 AND status = 0', class_name: 'ApplyUserAuthentication'
 
   has_one :user_wechat
 
@@ -993,12 +995,12 @@ class User < Principal
 
   # 实名认证状态
   def authentication_status
-    status = self.authentication ? "已认证" : (self.apply_user_authentications.where(:auth_type => 1, :status => 0).count > 0 ? "待审核" : "未认证")
+    authentication ? "已认证" : (real_name_authentication_apply.present? ? "待审核" : "未认证")
   end
 
   # 职业认证状态
   def professional_status
-    status = self.professional_certification ? "已认证" : (self.apply_user_authentications.where(:auth_type => 2, :status => 0).count > 0 ? "待审核" : "未认证")
+    professional_certification ? "已认证" : (professional_authentication_apply.present? ? "待审核" : "未认证")
   end
 
   def logged?

app/services/discusses_service.rb

@@ -56,8 +56,9 @@ class DiscussesService
   # 添加评论
   def create params, current_user
     begin
+      hidden = current_user.admin? ? false : true
       Discuss.create!(:dis_id => params[:shixun_id], :dis_type => "Shixun", :content => params[:content].gsub("&nbsp\;", "").strip, :user_id => current_user.id,
-                      :praise_count => 0, :position => params[:position], :challenge_id => params[:challenge_id])
+                      :praise_count => 0, :position => params[:position], :challenge_id => params[:challenge_id], :hidden => hidden)
       # 发送手机通知
       # status = Trustie::Sms.send(mobile:'18173242757', send_type:'discuss', name:'管理员')
     rescue Exception => e
@@ -69,8 +70,9 @@ class DiscussesService
   def reply params, current_user
     begin
       base_dicuss params[:id]
+      hidden = current_user.admin? ? false : true
       discuss = Discuss.create!(:content => params[:content].gsub("&nbsp\;", "").strip, :user_id => current_user.id, :parent_id => params[:id],
-                       :root_id => @discuss.root_id || params[:id], :praise_count => 0, :challenge_id => @discuss.challenge_id,
+                       :root_id => @discuss.root_id || params[:id], :praise_count => 0, :challenge_id => @discuss.challenge_id, :hidden => hidden,
                        :dis_id => @discuss.dis_id, :dis_type => @discuss.dis_type, :position => @discuss.position)
       return discuss
     rescue Exception => e

app/services/games_service.rb

@@ -32,7 +32,8 @@ class GamesService
     # st：判断是选择类型还是实训类型
     st = game_challenge.st
     game_count = myshixun.games.count
-    discusses_count = shixun.discusses.count
+    discusses_count = (current_user.admin? ? shixun.discusses.count :
+                          shixun.discusses.where("hidden = false or user_id = :user_id", user_id: current_user.id).count)
     mirror_name = myshixun.mirror_name
     user = myshixun.owner
     username = user.show_name

app/services/management/school_report_service.rb

@@ -83,11 +83,11 @@ class Management::SchoolReportService
         .select("#{base_query_column}, COUNT(*) student_count")
     when 'homework_count' then
       schools.joins('LEFT JOIN courses ON courses.school_id = schools.id')
-        .joins('LEFT JOIN homework_commons hc ON shc.course_id = courses.id AND hc.homework_type = 4')
+        .joins('LEFT JOIN homework_commons hc ON hc.course_id = courses.id AND hc.homework_type = 4')
         .select("#{base_query_column}, COUNT(*) homework_count")
     when 'other_homework_count' then
       schools.joins('LEFT JOIN courses ON courses.school_id = schools.id')
-        .joins('LEFT JOIN homework_commons hc ON shc.course_id = courses.id AND hc.homework_type IN (1, 3)')
+        .joins('LEFT JOIN homework_commons hc ON hc.course_id = courses.id AND hc.homework_type IN (1, 3)')
         .select("#{base_query_column}, COUNT(*) other_homework_count")
     when 'course_count' then
       schools.joins('LEFT JOIN courses cs ON cs.school_id = schools.id AND cs.is_delete = 0')

app/services/shixuns_service.rb

@@ -69,8 +69,17 @@ class ShixunsService
     dis = Shixun.select([:id, :user_id]).find(dis_id)
     dis_type = params[:container_type] # 如："Shixun"
     # 总数，分页使用
+    if current_user.admin?
       disscuss_count = Discuss.where(:dis_id => dis_id, :dis_type => dis_type, :root_id => nil).count
-    discusses = Discuss.limit(LIMIT).where(:dis_id => dis_id, :dis_type => dis_type, :root_id => nil).includes(:user, :praise_tread).offset(offset)
+      discusses = Discuss.limit(LIMIT).where(:dis_id => dis_id, :dis_type => dis_type,
+                                             :root_id => nil).includes(:user, :praise_tread).offset(offset)
+    else
+      disscusses = Discuss.where("dis_id = :dis_id and dis_type = :dis_type and root_id is null and
+                                      (hidden = :hidden or user_id = :user_id)",
+                                     {dis_id: dis_id, dis_type: dis_type, hidden: false, user_id: current_user.id})
+      disscuss_count = disscusses.count
+      discusses = disscusses.limit(LIMIT).includes(:user, :praise_tread).offset(offset)
+    end
 
     base_data discusses, dis, current_user
     return {:children_list => @children_list, :disscuss_count => disscuss_count}
@@ -142,7 +151,13 @@ class ShixunsService
                    :user_praise => user_praise, :admin => current_user.admin?}
 
         # 现在没有二级回复，所以查询的时候直接从root_id取
-        children = Discuss.where(:root_id => d.id).includes(:user).reorder("created_at asc")
+        children =
+            if current_user.admin?
+              Discuss.where(root_id: d.id).includes(:user).reorder("created_at asc")
+            else
+              Discuss.where("root_id = :root_id and (hidden = :hidden or user_id = :user_id)",
+                            {root_id: d.id, hidden: false, user_id: current_user.id}).includes(:user).reorder("created_at asc")
+            end
 
         @children_list << parents.merge({:children => (children.map{|child| [:content => child.content, :time => time_from_now(child.created_at), :position => child.position , :reward => child.reward,:hidden => child.hidden,
                                                                             :image_url => url_to_avatar(child.user), :username => child.username, :user_id => child.user_id, :user_login => child.user.try(:login),

app/views/managements/schools/_data_contrast_list.html.erb

@@ -21,8 +21,8 @@
     <th width="6%">序号</th>
     <th width="10%">ID</th>
     <th width="20%" class="edu-txt-left">单位名称</th>
-    <th width="22%">时段一<br><%= "（#{params[:begin_date]} 05:00至#{params[:end_date]} 05:00）" %></th>
-    <th width="22%">时段二<br><%= "（#{params[:other_begin_date]} 05:00至#{params[:other_end_date]} 05:00）" %></th>
+    <th width="22%">时段一<br><%= "（#{params[:begin_date]} 05:00至#{(Time.zone.parse(params[:end_date]) + 1.days).strftime('%Y-%m-%d')} 05:00）" %></th>
+    <th width="22%">时段二<br><%= "（#{params[:other_begin_date]} 05:00至#{(Time.zone.parse(params[:other_end_date]) + 1.days).strftime('%Y-%m-%d')} 05:00）" %></th>
     <th width="20%" colspan="2">
       <%= sort_tag('变化情况', name: 'percentage', path: school_data_contrast_managements_path) %>
       <br>（  新  增  数   | 新增百分比）

app/views/managements/schools/_data_grow_list.html.erb

@@ -1,12 +1,7 @@
 <div style="background-color: #fafafa;">
   统计总计：
   <% if params[:grow_begin_date].present? %>
-    <% if params[:grow_begin_date] == params[:grow_end_date] %>
-      <%= Time.zone.parse(params[:grow_begin_date]).beginning_of_day.strftime('%Y-%m-%d') %> 05:00至
-      <%= (Time.zone.parse(params[:grow_begin_date]).beginning_of_day + 1.days).strftime('%Y-%m-%d') %> 05:00
-    <% else %>
     <%= params[:grow_begin_date] %> 05:00至<%= (Time.zone.parse(params[:grow_end_date]) + 1.days).strftime('%Y-%m-%d') %> 05:00
-    <% end %>
   <% else %>
     <%= (Time.current - 5.hour).beginning_of_day.ago(1.days).strftime('%Y-%m-%d') %> 05:00至
     <%= (Time.current - 5.hour).beginning_of_day.strftime('%Y-%m-%d') %> 05:00，

app/views/managements/users_trial.html.erb

@@ -19,20 +19,20 @@
     <div class="fl with20 mr10">
       <input type="text" name="department" class="fl task-form-100 task-height-40 panel-box-sizing" placeholder="子单位">
     </div>
-    <select id="user_identity" name="identity" class="fl winput-240-40 mr10">
+    <select id="user_identity" name="identity" class="fl winput-120-40 mr10">
       <option value="-1">请选择职业</option>
       <option value="0">教师</option>
       <option value="1">学生</option>
       <option value="2">专业人士</option>
     </select>
-    <select id="te_technical_title" name="te_technical_title" class="fl winput-240-40">
+    <select id="te_technical_title" name="te_technical_title" class="fl winput-200-40">
       <option value="0">请选择职称</option>
       <option value="教授">教授</option>
       <option value="副教授">副教授</option>
       <option value="讲师">讲师</option>
       <option value="助教">助教</option>
     </select>
-    <select id="pro_technical_title" name="pro_technical_title" class="fl winput-240-40 none">
+    <select id="pro_technical_title" name="pro_technical_title" class="fl winput-200-40 none">
       <option value="0">请选择职称</option>
       <option value="企业管理者">企业管理者</option>
       <option value="部门管理者">部门管理者</option>
@@ -41,6 +41,8 @@
       <option value="助理工程师">助理工程师</option>
     </select>
 
+    <%= select_tag :province, options_for_select(School.provinces.unshift(['请选择地区', ''])), class: 'fr winput-200-40'%>
+
     <div class="cl mb15"></div>
     <div class="edu-position edu-admin-select fl mr10" style="width:140px;">
       <p>真实姓名搜索<i class="fa fa-caret-down ml10"></i></p>

app/views/users/_course_item.html.erb

@@ -1,5 +1,5 @@
 <% objects.each do |object| %>
-  <% allow_visit = object.is_public == 1 || User.current.admin? || User.current.member_of_course?(object) %>
+  <% allow_visit = object.is_public == 1 || User.current.admin? || User.current.member_of_course?(object) || User.current.business? %>
   <div class="square-Item" onclick="open_course(<%= object.id %>, <%= allow_visit %>)" style="cursor: pointer;">
     <% if object.is_public == 1 %>
       <div class="publicpart <%= object.id == 1309 ? 'orangeBlack' : '' %>"></div>

db/migrate/20190605063236_modify_hidden_defualt_for_discusses.rb

@@ -0,0 +1,8 @@
+class ModifyHiddenDefualtForDiscusses < ActiveRecord::Migration
+  def up
+    change_column :discusses, :hidden, :boolean, :default => true
+  end
+
+  def down
+  end
+end

db/migrate/20190606030046_add_index_to_apply_actions.rb

@@ -0,0 +1,5 @@
+class AddIndexToApplyActions < ActiveRecord::Migration
+  def change
+    add_index :apply_actions, :user_id
+  end
+end

lib/trustie/sms/sms.rb

@@ -31,6 +31,8 @@ module  Trustie
       params['text'] = ""
       if send_type.nil?
         params['text'] = "【Edu实训】" + code + "（手机验证码）。如非本人操作，请忽略。"
+      elsif send_type == "teacher_register"
+        params['text'] = "【Edu实训】亲爱的#{user_name}，有新的老师#{name}注册啦，请尽快处理"
       elsif send_type == 'competition_start'
         params['text'] = "【Edu实训】亲爱的#{user_name}，你参与的#{name}将于#{result}开始，请及时参赛"
         Rails.logger.info "#{params['text']}"

public/react/src/modules/comment/Comments.js

@@ -213,11 +213,12 @@ class Comments extends Component {
 
 				<div className="comment_content  clearfix" id={`reply_content_${item.id}`}>
 					<div className="color-grey-3 break_word_comments" id={`reply_content_${item.id}`}>
-					
-						{ item.hidden && comment.admin === false && comment.manager === false 
+						{/* 改成后端返回了的，都是要显示的，不管hidden的值是true还是false */}
+						{/* { item.hidden && comment.admin === false && comment.manager === false 
 								? <p className="color-orange font-16">违规评论已被屏蔽！</p>
-								: <div dangerouslySetInnerHTML={{__html: _content}}></div> 
-							}
+								:  */}
+								<div dangerouslySetInnerHTML={{__html: _content}}></div> 
+							{/* } */}
 
 						<div className="cl"></div>
 					</div>
@@ -309,10 +310,12 @@ class Comments extends Component {
 
 								<div className="comment_content  clearfix" id={`reply_content_${item.id}`}>
 									<div className="color-grey-3 break_word_comments" id={`reply_content_${item.id}`}>
-										{ item.hidden && item.admin === false && (item.manager === false || item.manager == undefined)
+										{/* 改成后端返回了的，都是要显示的，不管hidden的值是true还是false */}
+										{/* { item.hidden && item.admin === false && (item.manager === false || item.manager == undefined)
 											? <p className="color-orange font-16">违规评论已被屏蔽！</p>
-											: <div dangerouslySetInnerHTML={{__html: _content}}></div> 
-										}
+											:  */}
+											<div dangerouslySetInnerHTML={{__html: _content}}></div> 
+										{/* } */}
 										<div className="cl"></div>
 									</div>
 								</div>