|
|
|
class CommonsController < ApplicationController
|
|
|
|
OBJECT_TYPE = %W[message journals_for_message]
|
|
|
|
|
|
|
|
before_action :require_login, :check_auth
|
|
|
|
before_action :validate_object_type
|
|
|
|
before_action :find_object
|
|
|
|
before_action :validate_power
|
|
|
|
|
|
|
|
def delete
|
|
|
|
begin
|
|
|
|
@object.destroy!
|
|
|
|
rescue Exception => e
|
|
|
|
uid_logger_error(e.message)
|
|
|
|
tip_exception(e.message)
|
|
|
|
raise ActiveRecord::Rollback
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def hidden
|
|
|
|
action(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
def unhidden
|
|
|
|
action(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
def find_object
|
|
|
|
begin
|
|
|
|
@object = params[:object_type].strip.classify.constantize.find params[:object_id]
|
|
|
|
rescue Exception => e
|
|
|
|
uid_logger_error(e.message)
|
|
|
|
tip_exception(e.message)
|
|
|
|
return
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def validate_object_type
|
|
|
|
return normal_status(2, "缺少object_id参数") if params[:object_id].blank?
|
|
|
|
return normal_status(2, "缺少object_type参数") if params[:object_type].blank?
|
|
|
|
return normal_status(2, "object_type参数格式错误") unless OBJECT_TYPE.include? params[:object_type].strip
|
|
|
|
end
|
|
|
|
|
|
|
|
def validate_power
|
|
|
|
code =
|
|
|
|
case params[:object_type].strip
|
|
|
|
when 'message'
|
|
|
|
if current_user.course_identity(@object.board.course) >= Course::STUDENT && @object.author != current_user
|
|
|
|
403
|
|
|
|
else
|
|
|
|
200
|
|
|
|
end
|
|
|
|
when 'journals_for_message'
|
|
|
|
if current_user.course_identity(@object.jour.course) >= Course::STUDENT && @object.user != current_user
|
|
|
|
403
|
|
|
|
else
|
|
|
|
200
|
|
|
|
end
|
|
|
|
else
|
|
|
|
current_user.admin? ? 200 : 403
|
|
|
|
end
|
|
|
|
return normal_status(code, "你没有权限操作!") if code == 403
|
|
|
|
end
|
|
|
|
|
|
|
|
def action(flag)
|
|
|
|
begin
|
|
|
|
@object.has_attribute?(:is_hidden) ? @object.update_attributes(:is_hidden => flag )
|
|
|
|
: @object.update_attributes(:hidden => flag )
|
|
|
|
rescue Exception => e
|
|
|
|
uid_logger_error(e.message)
|
|
|
|
tip_exception(e.message)
|
|
|
|
raise ActiveRecord::Rollback
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|