From 40d06011f82cf236333138cf192fd3b7566360df Mon Sep 17 00:00:00 2001 From: z9hang Date: Tue, 23 Dec 2014 15:38:45 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=A8=E6=88=B7=E7=9A=84?= =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E5=88=97=E8=A1=A8=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/api/mobile/api.rb | 1 - app/services/users_service.rb | 7 ++++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/api/mobile/api.rb b/app/api/mobile/api.rb index 7d6aec11e..064641de3 100644 --- a/app/api/mobile/api.rb +++ b/app/api/mobile/api.rb @@ -15,7 +15,6 @@ module Mobile raise('Unauthorized. Invalid or expired token.') unless current_user end - def current_user token = ApiKey.where(access_token: params[:token]).first if token && !token.expired? diff --git a/app/services/users_service.rb b/app/services/users_service.rb index 9fb698056..2996bc91d 100644 --- a/app/services/users_service.rb +++ b/app/services/users_service.rb @@ -114,12 +114,13 @@ class UsersService end #用户课程列表 - def user_courses_list params - if !User.current.admin? && !@user.active? + def user_courses_list params,current_user + @user = User.find(params[:id]) + if !current_user.admin? && !@user.active? raise '404' return end - if User.current == @user || User.current.admin? + if current_user == @user || current_user.admin? membership = @user.coursememberships.all else membership = @user.coursememberships.all(:conditions => Course.visible_condition(User.current))