From 029aac355491a4ee5a44823ea0cc55875719dab4 Mon Sep 17 00:00:00 2001
From: jasder <jasder@jasderdeMacBook-Pro.local>
Date: Mon, 1 Jul 2019 11:35:27 +0800
Subject: [PATCH] FIX delete message permission

---
 app/controllers/messages_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index bad54b88e..f684b27f3 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -128,7 +128,7 @@ class MessagesController < ApplicationController
 
   def destroy
     begin
-      return normal_status(403, "您没有权限进行该操作") unless @message.author == current_user || current_user.teacher_of_course?(@message.board.course)
+      return normal_status(403, "您没有权限进行该操作") if current_user.course_identity(@message.board.course) >= 5 || @message.author != current_user
       @message.destroy!
     rescue Exception => e
       uid_logger_error(e.message)