From 036037df2246bff68671d2efb6400bdccad6f1d2 Mon Sep 17 00:00:00 2001
From: daiao <358551898@qq.com>
Date: Thu, 11 Jul 2019 09:31:49 +0800
Subject: [PATCH] =?UTF-8?q?=E8=AF=BE=E7=A8=8B=E5=88=A0=E9=99=A4=E5=B8=96?=
 =?UTF-8?q?=E5=AD=90=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/commons_controller.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/controllers/commons_controller.rb b/app/controllers/commons_controller.rb
index fa5e14dc1..a23d4dba7 100644
--- a/app/controllers/commons_controller.rb
+++ b/app/controllers/commons_controller.rb
@@ -44,12 +44,18 @@ class CommonsController < ApplicationController
   def validate_power
     code =
       case params[:object_type].strip
-      when 'message', 'journals_for_message'
+      when 'message'
         if current_user.course_identity(@object.board.course) >= Course::STUDENT && @object.author != current_user
           403
         else
           200
         end
+      when 'journals_for_message'
+        if current_user.course_identity(@object.jour.course)  >= Course::STUDENT && @object.user != current_user
+          403
+        else
+          200
+        end
       else
         current_user.admin? ? 200 : 403
       end