|
|
|
@ -2,9 +2,16 @@ class CommentService
|
|
|
|
|
#评论
|
|
|
|
|
def news_comments params,current_user
|
|
|
|
|
@news = News.find(params[:id])
|
|
|
|
|
raise Unauthorized unless @news.commentable?
|
|
|
|
|
@course = @news.course
|
|
|
|
|
if @course.nil?
|
|
|
|
|
raise 'news in unknown course'
|
|
|
|
|
end
|
|
|
|
|
raise Unauthorized unless @news.commentable?(current_user)
|
|
|
|
|
if current_user.nil? || !(current_user.admin? || @course.is_public == 1 || (@course.is_public == 0 && current_user.member_of_course?(@course)))
|
|
|
|
|
raise '403'
|
|
|
|
|
end
|
|
|
|
|
@comment = Comment.new
|
|
|
|
|
@comment.safe_attributes = params[:comment]
|
|
|
|
|
@comment.send(:safe_attributes=,params[:comment],current_user)
|
|
|
|
|
@comment.author = current_user
|
|
|
|
|
@news.comments << @comment
|
|
|
|
|
@comment
|
|
|
|
|