Merge branch 'dev_aliyun' of https://bdgit.educoder.net/Hjqreturn/educoder into dev_aliyun

dev_forum
SylorHuang 5 years ago
commit 277e2a1673

@ -0,0 +1,7 @@
class AdminConstraint
def matches?(request)
return false unless request.session[:user_id]
user = User.find request.session[:user_id]
user && user.admin?
end
end

@ -52,6 +52,8 @@ class AccountsController < ApplicationController
container_type: pre == 'p' ? 'Phone' : 'Mail', container_type: pre == 'p' ? 'Phone' : 'Mail',
score: 500 score: 500
) )
successful_authentication(@user)
session[:user_id] = @user.id
end end
rescue Exception => e rescue Exception => e
uid_logger_error(e.message) uid_logger_error(e.message)
@ -107,6 +109,9 @@ class AccountsController < ApplicationController
set_autologin_cookie(user) set_autologin_cookie(user)
UserAction.create(:action_id => user.try(:id), :action_type => "Login", :user_id => user.try(:id)) UserAction.create(:action_id => user.try(:id), :action_type => "Login", :user_id => user.try(:id))
# 注册完成后有一天的试用申请
UserDayCertification.create(user_id: user.id, status: 1)
end end
def set_autologin_cookie(user) def set_autologin_cookie(user)

@ -1,5 +1,5 @@
class AddDepartmentAppliesController < ApplicationController class AddDepartmentAppliesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
def create def create
CreateAddDepartmentApplyService.call(current_user, create_params) CreateAddDepartmentApplyService.call(current_user, create_params)

@ -1,5 +1,5 @@
class AddSchoolAppliesController < ApplicationController class AddSchoolAppliesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
def create def create
CreateAddSchoolApplyService.call(current_user, create_params) CreateAddSchoolApplyService.call(current_user, create_params)

@ -148,19 +148,7 @@ class ApplicationController < ActionController::Base
# 未授权的捕捉407弹试用申请弹框 # 未授权的捕捉407弹试用申请弹框
def require_login def require_login
#6.13 -hs #6.13 -hs
if User.current.logged? tip_exception(401, "..") unless User.current.logged?
if !current_user.profile_completed?
info_url = "#{edu_setting('old_edu_host')}/account/user_info"
tip_exception(402, info_url)
# render :json => { status: 402, url: info_url }
elsif current_user.certification != 1
day_cer = UserDayCertification.where(user_id: current_user.id).last
tip_exception(407, "系统未授权") unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
end
else
tip_exception(401, "..")
end
end end
# 异常提醒 # 异常提醒
@ -190,33 +178,13 @@ class ApplicationController < ActionController::Base
# 系统全局认证 # 系统全局认证
# #
def check_auth def check_auth
# old_edu_host = edu_setting('old_edu_host') if !current_user.profile_completed?
# ue = current_user.user_extension info_url = '/account/profile'
# tip_exception(402, info_url)
# if current_user.lastname.blank? || ue.school_id.blank? || ue.identity.blank? || current_user.mail.blank? elsif current_user.certification != 1
# info_url = old_edu_host + '/account/user_info' day_cer = UserDayCertification.find_by(user_id: current_user.id)
# render :json => { status: 402, url: info_url } tip_exception(407, "系统未授权") unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
# elsif current_user.certification != 1 end
# day_cer = UserDayCertification.where(user_id: current_user.id).last
# unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
# account_url = old_edu_host + "/my/account"
# render :json => { status: 402, url: account_url }
# end
# end
true
end
# 身份资料的认证:
# 如果试用过期则弹框提示认证,先跳入个人资料页面完善资料,资料完成后,弹框提醒用户试用申请
def check_account
# # todo user_extension
# if User.current.logged?
# ue = current_user.user_extension
# if current_user.lastname.blank? || ue.school_id.blank? || ue.identity.blank? || current_user.mail.blank?
# info_url = "#{edu_setting('old_edu_host')}/account/user_info"
# render :json => { status: 402, url: info_url }
# end
# end
end end
def start_user_session(user) def start_user_session(user)
@ -236,8 +204,10 @@ class ApplicationController < ActionController::Base
User.current = User.find 12 User.current = User.find 12
end end
# User.current = User.find 81403
if params[:debug] == 'teacher' #todo 为了测试,记得讲debug删除 if params[:debug] == 'teacher' #todo 为了测试,记得讲debug删除
User.current = User.find 49610 User.current = User.find 81403
elsif params[:debug] == 'student' elsif params[:debug] == 'student'
User.current = User.find 8686 User.current = User.find 8686
elsif params[:debug] == 'admin' elsif params[:debug] == 'admin'

@ -2,7 +2,7 @@
# #
# 文件上传 # 文件上传
class AttachmentsController < ApplicationController class AttachmentsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_file, only: %i[show destroy] before_action :find_file, only: %i[show destroy]
include ErrorCommon include ErrorCommon

@ -1,5 +1,5 @@
class BoardsController < ApplicationController class BoardsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_course, only: [:create] before_action :find_course, only: [:create]
before_action :set_board, except: [:create] before_action :set_board, except: [:create]
before_action :teacher_allowed before_action :teacher_allowed

@ -1,5 +1,5 @@
class ChallengesController < ApplicationController class ChallengesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_shixun, only: [:new, :create, :index] before_action :find_shixun, only: [:new, :create, :index]
skip_before_action :verify_authenticity_token, only: [:create, :update, :create_choose_question, :crud_answer] skip_before_action :verify_authenticity_token, only: [:create, :update, :create_choose_question, :crud_answer]
before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up, before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up,

@ -1,7 +1,7 @@
class CommonsController < ApplicationController class CommonsController < ApplicationController
OBJECT_TYPE = %W[message journals_for_message] OBJECT_TYPE = %W[message journals_for_message]
before_action :require_login before_action :require_login, :check_auth
before_action :validate_object_type before_action :validate_object_type
before_action :find_object before_action :find_object
before_action :validate_power before_action :validate_power
@ -45,7 +45,13 @@ class CommonsController < ApplicationController
code = code =
case params[:object_type].strip case params[:object_type].strip
when 'message' when 'message'
if current_user.course_identity(@object.board.course) >= 5 && @object.author != current_user if current_user.course_identity(@object.board.course) >= Course::STUDENT && @object.author != current_user
403
else
200
end
when 'journals_for_message'
if current_user.course_identity(@object.jour.course) >= Course::STUDENT && @object.user != current_user
403 403
else else
200 200

@ -1,5 +1,5 @@
class CourseGroupsController < ApplicationController class CourseGroupsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_group, except: [:create] before_action :set_group, except: [:create]
before_action :find_course, only: [:create] before_action :find_course, only: [:create]
before_action :teacher_or_admin_allowed before_action :teacher_or_admin_allowed

@ -1,5 +1,5 @@
class CourseModulesController < ApplicationController class CourseModulesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_module, except: [:unhidden_modules] before_action :set_module, except: [:unhidden_modules]
before_action :find_course, only: [:unhidden_modules] before_action :find_course, only: [:unhidden_modules]
before_action :teacher_allowed before_action :teacher_allowed

@ -1,5 +1,5 @@
class CourseSecondCategoriesController < ApplicationController class CourseSecondCategoriesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_category before_action :set_category
before_action :teacher_allowed before_action :teacher_allowed

@ -11,7 +11,7 @@ class CoursesController < ApplicationController
render_error(ex.model.errors.full_messages.join(',')) render_error(ex.model.errors.full_messages.join(','))
end end
before_action :require_login, except: [:index, :show, :students, :teachers, :board_list, :mine, :all_course_groups, :left_banner, :top_banner] before_action :require_login, :check_auth, except: [:index, :show, :students, :teachers, :board_list, :mine, :all_course_groups, :left_banner, :top_banner]
before_action :set_course, :user_course_identity, only: [:show, :update, :destroy, :settings, :set_invite_code_halt, before_action :set_course, :user_course_identity, only: [:show, :update, :destroy, :settings, :set_invite_code_halt,
:set_public_or_private, :search_teacher_candidate, :teachers, :apply_teachers, :set_public_or_private, :search_teacher_candidate, :teachers, :apply_teachers,
:top_banner, :left_banner, :add_teacher_popup, :add_teacher, :top_banner, :left_banner, :add_teacher_popup, :add_teacher,

@ -9,13 +9,19 @@ class DiscussesController < ApplicationController
# 总数,分页使用 # 总数,分页使用
if current_user.admin? if current_user.admin?
@disscuss_count = Discuss.where(:dis_id => @container.id, :dis_type => @container.class.to_s, :root_id => nil).count @disscuss_count = Discuss.where(:dis_id => @container.id, :dis_type => @container.class.to_s, :root_id => nil).count
@discusses = Discuss.limit(LIMIT).where(:dis_id => @container.id, :dis_type => @container.class.to_s, disscusses = Discuss.where(:dis_id => @container.id, :dis_type => @container.class.to_s,
:root_id => nil).includes(:user, :praise_treads).offset(offset) :root_id => nil)
else else
disscusses = Discuss.where("dis_id = :dis_id and dis_type = :dis_type and root_id is null and disscusses = Discuss.where("dis_id = :dis_id and dis_type = :dis_type and root_id is null and
(hidden = :hidden or user_id = :user_id)", (discusses.hidden = :hidden or discusses.user_id = :user_id)",
{dis_id: @container.id, dis_type: @container.class.to_s, hidden: false, user_id: current_user.id}) {dis_id: @container.id, dis_type: @container.class.to_s, hidden: false, user_id: current_user.id})
@disscuss_count = disscusses.count @disscuss_count = disscusses.count("discusses.id")
end
@manger = @container.has_manager?(current_user)
if @manger
@discusses = disscusses.limit(LIMIT).joins("left join games on discusses.challenge_id = games.challenge_id and discusses.user_id = games.user_id")
.select("discusses.*, games.identifier").includes(:user, :praise_treads).offset(offset)
else
@discusses = disscusses.limit(LIMIT).includes(:user, :praise_treads).offset(offset) @discusses = disscusses.limit(LIMIT).includes(:user, :praise_treads).offset(offset)
end end

@ -1,6 +1,6 @@
class Ecs::BaseController < ApplicationController class Ecs::BaseController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :check_user_permission! before_action :check_user_permission!
helper_method :current_user, :current_school helper_method :current_user, :current_school

@ -1,5 +1,5 @@
class ExerciseAnswersController < ApplicationController class ExerciseAnswersController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :get_exercise_question before_action :get_exercise_question
include ExercisesHelper include ExercisesHelper

@ -1,5 +1,5 @@
class ExerciseQuestionsController < ApplicationController class ExerciseQuestionsController < ApplicationController
before_action :require_login #用户需登陆 before_action :require_login, :check_auth #用户需登陆
before_action :get_exercise,only:[:new,:create] #获取试卷 before_action :get_exercise,only:[:new,:create] #获取试卷
before_action :get_exercise_question,except: [:new,:create] #获取试卷的问题及试卷 before_action :get_exercise_question,except: [:new,:create] #获取试卷的问题及试卷
before_action :is_course_teacher #是否为老师 before_action :is_course_teacher #是否为老师

@ -1,5 +1,5 @@
class ExercisesController < ApplicationController class ExercisesController < ApplicationController
before_action :require_login,except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course,only: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys, before_action :find_course,only: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys,
:join_exercise_banks,:publish_modal,:publish,:end_modal,:end_exercise] #需要有课堂id参数的 :join_exercise_banks,:publish_modal,:publish,:end_modal,:end_exercise] #需要有课堂id参数的
before_action :get_exercise,except: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys, before_action :get_exercise,except: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys,

@ -1,7 +1,7 @@
class FilesController < ApplicationController class FilesController < ApplicationController
include MessagesHelper include MessagesHelper
before_action :require_login, except: %i[index] before_action :require_login, :check_auth, except: %i[index]
before_action :find_course, except: %i[public_with_course_and_project mine_with_course_and_project] before_action :find_course, except: %i[public_with_course_and_project mine_with_course_and_project]
before_action :find_ids, only: %i[bulk_delete bulk_send bulk_move bulk_public bulk_publish] before_action :find_ids, only: %i[bulk_delete bulk_send bulk_move bulk_public bulk_publish]
before_action :file_validate_sort_type, only: :index before_action :file_validate_sort_type, only: :index

@ -1,5 +1,5 @@
class GamesController < ApplicationController class GamesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_game before_action :find_game
before_action :find_shixun, only: [:show, :answer, :rep_content, :choose_build, :game_build, :game_status] before_action :find_shixun, only: [:show, :answer, :rep_content, :choose_build, :game_build, :game_status]
@ -710,10 +710,10 @@ class GamesController < ApplicationController
resubmit_identifier = @game.resubmit_identifier resubmit_identifier = @game.resubmit_identifier
# 如果没有超时并且正在评测中 # 如果没有超时并且正在评测中
# 判断评测中的状态有两种1、如果之前没有通关的只需判断status为1即可如果通过关则判断game的resubmit_identifier是否更新 # 判断评测中的状态有两种1、如果之前没有通关的只需判断status为1即可如果通过关则判断game的resubmit_identifier是否更新
uid_logger("################game_status: #{@game.status}") # uid_logger("################game_status: #{@game.status}")
uid_logger("################params[:resubmit]: #{params[:resubmit]}") # uid_logger("################params[:resubmit]: #{params[:resubmit]}")
uid_logger("################resubmit_identifier: #{resubmit_identifier}") # uid_logger("################resubmit_identifier: #{resubmit_identifier}")
uid_logger("################time_out: #{params[:time_out]}") # uid_logger("################time_out: #{params[:time_out]}")
if (params[:time_out] == "false") && ((params[:resubmit].blank? && @game.status == 1) || (params[:resubmit].present? && if (params[:time_out] == "false") && ((params[:resubmit].blank? && @game.status == 1) || (params[:resubmit].present? &&
(params[:resubmit] != resubmit_identifier))) (params[:resubmit] != resubmit_identifier)))
# 代码评测的信息 # 代码评测的信息

@ -32,7 +32,7 @@ class GitsController < ApplicationController
system_user = User.find_by_login(input_username) || User.find_by_mail(input_username) || User.find_by_phone(input_username) system_user = User.find_by_login(input_username) || User.find_by_mail(input_username) || User.find_by_phone(input_username)
# 如果用户名密码错误 # 如果用户名密码错误
if !system_user.check_password?(input_password) if system_user && !system_user.check_password?(input_password)
uid_logger_error("git start: password is wrong") uid_logger_error("git start: password is wrong")
result = false result = false
else else

@ -1,5 +1,5 @@
class GraduationTasksController < ApplicationController class GraduationTasksController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course, except: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment] before_action :find_course, except: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment]
before_action :find_task, only: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment] before_action :find_task, only: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment]
before_action :user_course_identity before_action :user_course_identity
@ -37,7 +37,7 @@ class GraduationTasksController < ApplicationController
@all_count = @course.graduation_tasks.size @all_count = @course.graduation_tasks.size
@published_count = @course.graduation_tasks.where("publish_time <= '#{Time.now}'").size @published_count = @course.graduation_tasks.where("publish_time <= '#{Time.now}'").size
@task_count = @tasks.size @task_count = @tasks.size
@tasks = @tasks.reorder("#{default_order}").page(page).per(15).includes(:graduation_works, course: [course_members: :teacher_course_groups]) @tasks = @tasks.reorder("#{default_order}").page(page).per(15).includes(:graduation_works)
end end
# 任务问答 # 任务问答
@ -55,6 +55,8 @@ class GraduationTasksController < ApplicationController
page = params[:page] || 1 page = params[:page] || 1
limit = params[:limit] || 20 limit = params[:limit] || 20
@work = @task.graduation_works.where(user_id: current_user.id) @work = @task.graduation_works.where(user_id: current_user.id)
@students = @course.students
@assign_power = @user_course_identity < Course::STUDENT && @task.cross_comment && @task.comment_status == 2
#end_time @task.allow_late ? @task.late_time : @task.end_time #end_time @task.allow_late ? @task.late_time : @task.end_time
# 任务发布的情况下: 是老师身份或者任务已截止的情况下公开任务了作品设置的学生也能查看其他人的作品 # 任务发布的情况下: 是老师身份或者任务已截止的情况下公开任务了作品设置的学生也能查看其他人的作品
if @task.published? && (@user_course_identity < Course::STUDENT || if @task.published? && (@user_course_identity < Course::STUDENT ||
@ -72,7 +74,7 @@ class GraduationTasksController < ApplicationController
@work_list = @task.graduation_works.where(user_id: user_ids).includes(user: [:user_extension]) @work_list = @task.graduation_works.where(user_id: user_ids).includes(user: [:user_extension])
@all_work_count = @work_list.count @all_work_count = @work_list.count
@teachers = @course.teachers.where.not(user_id: current_user.id) @teachers = @course.teachers.where.not(user_id: current_user.id).includes(:user)
# 教师评阅搜索 0: 未评, 1 已评 # 教师评阅搜索 0: 未评, 1 已评
unless params[:teacher_comment].blank? unless params[:teacher_comment].blank?
graduation_work_ids = GraduationWorkScore.where(graduation_work_id: @work_list.map(&:id)).pluck(:graduation_work_id) graduation_work_ids = GraduationWorkScore.where(graduation_work_id: @work_list.map(&:id)).pluck(:graduation_work_id)
@ -110,9 +112,9 @@ class GraduationTasksController < ApplicationController
end end
# 排序 # 排序
rorder = params[:order].blank? ? "updated_at" : params[:order] rorder = params[:order].blank? ? "update_time" : params[:order]
b_order = params[:b_order].blank? ? "desc" : params[:b_order] b_order = params[:b_order].blank? ? "desc" : params[:b_order]
if rorder == "created_at" || rorder == "work_score" if rorder == "update_time" || rorder == "work_score"
@work_list = @work_list.order("graduation_works.#{rorder} #{b_order}") @work_list = @work_list.order("graduation_works.#{rorder} #{b_order}")
elsif rorder == "student_id" elsif rorder == "student_id"
@work_list = @work_list.joins(user: :user_extension).order("user_extensions.#{rorder} #{b_order}") @work_list = @work_list.joins(user: :user_extension).order("user_extensions.#{rorder} #{b_order}")

@ -1,5 +1,5 @@
class GraduationTopicsController < ApplicationController class GraduationTopicsController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course before_action :find_course
before_action :teacher_allowed, only: [:new, :create, :update, :edit, :destroys, :set_public, before_action :teacher_allowed, only: [:new, :create, :update, :edit, :destroys, :set_public,
:refuse_student_topic, :accept_student_topic, :export] :refuse_student_topic, :accept_student_topic, :export]

@ -1,5 +1,5 @@
class GraduationWorksController < ApplicationController class GraduationWorksController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_task, only: [:new, :create, :search_member_list, :check_project, :relate_project, before_action :find_task, only: [:new, :create, :search_member_list, :check_project, :relate_project,
:cancel_relate_project] :cancel_relate_project]
before_action :find_work, only: [:show, :edit, :update, :revise_attachment, :supply_attachments, :comment_list, before_action :find_work, only: [:show, :edit, :update, :revise_attachment, :supply_attachments, :comment_list,

@ -3,7 +3,7 @@ class HomeworkCommonsController < ApplicationController
include ApplicationHelper include ApplicationHelper
include ExportHelper include ExportHelper
before_action :require_login, except: [:index, :choose_category] before_action :require_login, :check_auth, except: [:index, :choose_category]
before_action :find_course, only: [:index, :create, :new, :shixuns, :subjects, :create_shixun_homework, :publish_homework, before_action :find_course, only: [:index, :create, :new, :shixuns, :subjects, :create_shixun_homework, :publish_homework,
:end_homework, :set_public, :choose_category, :move_to_category, :choose_category, :end_homework, :set_public, :choose_category, :move_to_category, :choose_category,

@ -3,7 +3,7 @@ class MessagesController < ApplicationController
SORT_TYPE = %w[time hot] SORT_TYPE = %w[time hot]
before_action :require_login, only: %i[create update sticky_top bulk_delete create destroy bulk_send bulk_move bulk_public] before_action :require_login, :check_auth, only: %i[create update sticky_top bulk_delete create destroy bulk_send bulk_move bulk_public]
before_action :find_board, only: [:create, :index, :bulk_delete, :bulk_move, :bulk_send, :bulk_public] before_action :find_board, only: [:create, :index, :bulk_delete, :bulk_move, :bulk_send, :bulk_public]
before_action :find_message, only: [:update, :destroy, :sticky_top, :reply_list, :destroy, :reply] before_action :find_message, only: [:update, :destroy, :sticky_top, :reply_list, :destroy, :reply]
before_action :validate_delete_params, only: %i[bulk_delete bulk_public] before_action :validate_delete_params, only: %i[bulk_delete bulk_public]
@ -87,7 +87,10 @@ class MessagesController < ApplicationController
end end
def show def show
@message = Message.includes(:attachments, :message_detail, :children, :author => :user_extension, :board => [{course: :board_course_modules}]).find_by_id params[:id] @message = Message.includes(:attachments, :message_detail,
:children, :author => :user_extension,
:board => [{course: :board_course_modules}])
.find_by_id params[:id]
return normal_status(-2, "ID为#{params[:id]}的帖子不存在") if @message.nil? return normal_status(-2, "ID为#{params[:id]}的帖子不存在") if @message.nil?
@attachment_size = @message.attachments.size @attachment_size = @message.attachments.size

@ -1,5 +1,5 @@
class MyshixunsController < ApplicationController class MyshixunsController < ApplicationController
before_action :require_login, :except => [:training_task_status, :code_runinng_message] before_action :require_login, :check_auth, :except => [:training_task_status, :code_runinng_message]
before_action :find_myshixun, :except => [:training_task_status, :code_runinng_message] before_action :find_myshixun, :except => [:training_task_status, :code_runinng_message]
before_action :find_repo_name, :except => [:training_task_status, :code_runinng_message] before_action :find_repo_name, :except => [:training_task_status, :code_runinng_message]
skip_before_action :verify_authenticity_token, :only => [:html_content] skip_before_action :verify_authenticity_token, :only => [:html_content]

@ -1,5 +1,5 @@
class PollQuestionsController < ApplicationController class PollQuestionsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :get_poll,only:[:new,:create] before_action :get_poll,only:[:new,:create]
before_action :get_poll_question,except: [:new,:create] before_action :get_poll_question,except: [:new,:create]
before_action :is_course_teacher before_action :is_course_teacher

@ -1,6 +1,6 @@
class PollVotesController < ApplicationController class PollVotesController < ApplicationController
#在开始回答和提交问卷的时候,已经做了判断用户的身份权限 #在开始回答和提交问卷的时候,已经做了判断用户的身份权限
before_action :require_login before_action :require_login, :check_auth
before_action :get_poll_question before_action :get_poll_question
before_action :check_answer_in_question before_action :check_answer_in_question

@ -1,6 +1,6 @@
class PollsController < ApplicationController class PollsController < ApplicationController
# before_action :check_poll_status 问卷的发消息和定时任务没有做 # before_action :check_poll_status 问卷的发消息和定时任务没有做
before_action :require_login,except: [:index] before_action :require_login, :check_auth,except: [:index]
before_action :find_course, except: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,:commit_poll, before_action :find_course, except: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,:commit_poll,
:commit_result,:poll_lists,:cancel_publish,:cancel_publish_modal,:common_header] :commit_result,:poll_lists,:cancel_publish,:cancel_publish_modal,:common_header]
before_action :get_poll_and_course, only: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer, before_action :get_poll_and_course, only: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,

@ -1,6 +1,6 @@
class PraiseTreadController < ApplicationController class PraiseTreadController < ApplicationController
include MessagesHelper include MessagesHelper
before_action :require_login before_action :require_login, :check_auth
before_action :validate_params, only: [:like, :unlike] before_action :validate_params, only: [:like, :unlike]
before_action :find_object before_action :find_object

@ -1,5 +1,5 @@
class QuestionBanksController < ApplicationController class QuestionBanksController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :params_filter before_action :params_filter
# 题库选用列表 # 题库选用列表

@ -1,6 +1,6 @@
class ShixunsController < ApplicationController class ShixunsController < ApplicationController
before_action :require_login, except: [:download_file, :index, :menus] before_action :require_login, :check_auth, except: [:download_file, :index, :menus]
before_action :check_auth, except: [:download_file, :index] before_action :check_auth, except: [:download_file, :index, :menus]
before_action :find_shixun, :shixun_access_allowed, except: [:index, :new, :create, :menus, :get_recommend_shixuns, before_action :find_shixun, :shixun_access_allowed, except: [:index, :new, :create, :menus, :get_recommend_shixuns,
:propaedeutics, :departments, :apply_shixun_mirror, :propaedeutics, :departments, :apply_shixun_mirror,
@ -44,11 +44,12 @@ class ShixunsController < ApplicationController
## 搜索关键字 匹配关卡名, 用户名, 实训名 和 空格多搜索 ## 搜索关键字 匹配关卡名, 用户名, 实训名 和 空格多搜索
if params[:keyword].present? if params[:keyword].present?
keyword = params[:keyword].strip keyword = params[:keyword].strip
@shixuns = @shixuns.joins(:users, challenges: :challenge_tags). @shixuns = @shixuns.joins(:user, challenges: :challenge_tags).
where("challenge_tags.name like '%#{keyword}%' where("challenge_tags.name like :keyword
or challenges.subject like '%#{keyword}%' or challenges.subject like :keyword
or concat(lastname, firstname) like '%#{keyword}%' or concat(lastname, firstname) like :keyword
or shixuns.name like '%#{keyword.split(" ").join("%")}%'").distinct or shixuns.name like :name",
keyword: "%#{keyword}%", name: "%#{keyword.split(" ").join("%")}%").distinct
end end
## 筛选 状态 ## 筛选 状态
@ -68,15 +69,15 @@ class ShixunsController < ApplicationController
when 'new' when 'new'
@shixuns = @shixuns.order("shixuns.status = 2 desc, shixuns.created_at #{bsort}") @shixuns = @shixuns.order("shixuns.status = 2 desc, shixuns.created_at #{bsort}")
when 'hot' when 'hot'
@shixuns = @shixuns.order("shixuns.status = 2 desc, myshixuns_count #{bsort}") @shixuns = @shixuns.order("shixuns.status = 2 desc, shixuns.myshixuns_count #{bsort}")
when 'mine' when 'mine'
@shixuns = @shixuns.order("shixuns.created_at #{bsort}") @shixuns = @shixuns.order("shixuns.created_at #{bsort}")
else else
@shixuns = @shixuns.order("shixuns.status = 2 desc, publish_time #{bsort}") @shixuns = @shixuns.order("shixuns.status = 2 desc, shixuns.publish_time #{bsort}")
end end
# 用id计数会快10+MS左右,对于搜索的内容随着数据的增加,性能会提升一些。
@total_count = @shixuns.count @total_count = @shixuns.count("shixuns.id")
## 分页参数 ## 分页参数
page = params[:page] || 1 page = params[:page] || 1
@ -128,7 +129,7 @@ class ShixunsController < ApplicationController
select m.user_id, u.login, u.lastname, m.updated_at, select m.user_id, u.login, u.lastname, m.updated_at,
(select sum(cost_time) from games g where g.myshixun_id = m.id) as time, (select sum(cost_time) from games g where g.myshixun_id = m.id) as time,
(select sum(final_score) from games g where g.myshixun_id = m.id) as score (select sum(final_score) from games g where g.myshixun_id = m.id) as score
from (myshixuns m join users u on m.user_id = u.id) where m.shixun_id = #{@shixun.id} and m.status = 1 from (users u left join myshixuns m on m.user_id = u.id) where m.shixun_id = #{@shixun.id} and m.status = 1
order by score desc, time asc limit 10 order by score desc, time asc limit 10
" "
@myshixuns = Myshixun.find_by_sql(sql) @myshixuns = Myshixun.find_by_sql(sql)

@ -1,5 +1,5 @@
class StagesController < ApplicationController class StagesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_subject, only: [:create, :index] before_action :find_subject, only: [:create, :index]
before_action :find_stage, only: [:update, :destroy, :edit, :up_position, :down_position] before_action :find_stage, only: [:update, :destroy, :edit, :up_position, :down_position]
before_action :allowed, except: [:index] before_action :allowed, except: [:index]

@ -2,7 +2,7 @@ class StudentWorksController < ApplicationController
include HomeworkCommonsHelper include HomeworkCommonsHelper
include StudentWorksHelper include StudentWorksHelper
before_action :require_login before_action :require_login, :check_auth
before_action :find_homework, only: [:new, :create, :search_member_list, :check_project, :relate_project, before_action :find_homework, only: [:new, :create, :search_member_list, :check_project, :relate_project,
:cancel_relate_project] :cancel_relate_project]
before_action :find_work, only: [:shixun_work_report, :adjust_review_score, :shixun_work, :commit_des, :update_des, before_action :find_work, only: [:shixun_work_report, :adjust_review_score, :shixun_work, :commit_des, :update_des,

@ -1,5 +1,5 @@
class SubjectsController < ApplicationController class SubjectsController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
# before_action :check_auth, except: [:index] # before_action :check_auth, except: [:index]
before_action :find_subject, except: [:index, :create, :append_to_stage] before_action :find_subject, except: [:index, :create, :append_to_stage]
before_action :allowed, only: [:update, :edit, :destroy, :publish, :cancel_publish, :cancel_has_publish, before_action :allowed, only: [:update, :edit, :destroy, :publish, :cancel_publish, :cancel_has_publish,
@ -22,17 +22,17 @@ class SubjectsController < ApplicationController
# 最热排序 # 最热排序
if reorder == "myshixun_count" if reorder == "myshixun_count"
if select if select
@subjects = Subject.find_by_sql("SELECT subjects.id, subjects.name, subjects.stages_count, subjects.repertoire_id, subjects.status, @subjects = Subject.find_by_sql("SELECT subjects.id, subjects.user_id, subjects.name, subjects.stages_count, subjects.repertoire_id, subjects.status,
subjects.shixuns_count, COUNT(myshixuns.id) AS myshixun_member_count FROM myshixuns, stage_shixuns, subjects subjects.shixuns_count, sum(shixuns.myshixuns_count) AS myshixun_member_count FROM subjects join stage_shixuns
WHERE myshixuns.shixun_id = stage_shixuns.shixun_id AND stage_shixuns.subject_id = subjects.id on stage_shixuns.subject_id = subjects.id join shixuns on shixuns.id = stage_shixuns.shixun_id where
AND `subjects`.`hidden` = 0 AND `subjects`.`status` = 2 AND `subjects`.`name` like '%#{search}%' subjects.hidden = 0 AND subjects.status = 2 AND subjects.name like '%#{search}%'
AND `subjects`.`repertoire_id` = #{select} GROUP BY subjects.id ORDER BY myshixun_member_count DESC") AND subjects.repertoire_id = #{select} GROUP BY subjects.id ORDER BY myshixun_member_count DESC")
else else
@subjects = Subject.find_by_sql("SELECT subjects.id, subjects.name, subjects.stages_count, subjects.repertoire_id, subjects.status, @subjects = Subject.find_by_sql("SELECT subjects.id, subjects.user_id, subjects.name, subjects.stages_count, subjects.repertoire_id, subjects.status,
subjects.shixuns_count, COUNT(myshixuns.id) AS myshixun_member_count FROM myshixuns, stage_shixuns, subjects subjects.shixuns_count, sum(shixuns.myshixuns_count) AS myshixun_member_count FROM subjects join stage_shixuns
WHERE myshixuns.shixun_id = stage_shixuns.shixun_id AND stage_shixuns.subject_id = subjects.id on stage_shixuns.subject_id = subjects.id join shixuns on shixuns.id = stage_shixuns.shixun_id where
AND `subjects`.`hidden` = 0 AND `subjects`.`status` = 2 AND `subjects`.`name` like '%#{search}%' subjects.hidden = 0 AND subjects.status = 2 AND subjects.name like '%#{search}%'
GROUP BY subjects.id ORDER BY myshixun_member_count DESC") GROUP BY subjects.id ORDER BY myshixun_member_count DESC")
end end
else else
# 我的路径 # 我的路径
@ -65,9 +65,11 @@ class SubjectsController < ApplicationController
@total_count = @subjects.size @total_count = @subjects.size
if reorder != "myshixun_count" if reorder != "myshixun_count"
@subjects = @subjects.page(page).per(limit).includes(:shixuns) @subjects = @subjects.page(page).per(limit).includes(:shixuns, :repertoire)
else else
@subjects = @subjects[offset, limit] @subjects = @subjects[offset, limit]
subject_ids = @subjects.pluck(:id)
@subjects = Subject.where(id: subject_ids).order("field(id,#{subject_ids.join(',')})").includes(:shixuns, :repertoire)
end end
end end

@ -1,4 +1,4 @@
class Users::AccountsController < Users::BaseController class Users::AccountsController < Users::BaseAccountController
before_action :private_user_resources! before_action :private_user_resources!
def show def show

@ -1,7 +1,15 @@
class Users::BaseAccountController < Users::BaseController class Users::BaseAccountController < Users::BaseController
before_action :require_login before_action :require_login, :check_auth
def observed_user def observed_user
@_observed_user ||= (User.find_by_id(params[:account_id]) || User.find_by_login(params[:account_id])) @_observed_user ||= (User.find_by_id(params[:account_id]) || User.find_by_login(params[:account_id]))
end end
private
def require_login
return if User.current.logged?
tip_exception(401, "..")
end
end end

@ -1,6 +1,6 @@
class Users::InterestsController < Users::BaseController class Users::InterestsController < Users::BaseController
skip_before_action :check_observed_user_exists! skip_before_action :check_observed_user_exists!
before_action :require_login before_action :require_login, :check_auth
def create def create
identity = params[:identity].to_s.strip identity = params[:identity].to_s.strip

@ -1,5 +1,5 @@
class Users::WatchesController < Users::BaseController class Users::WatchesController < Users::BaseController
before_action :require_login before_action :require_login, :check_auth
def create def create
if observed_logged_user? if observed_logged_user?

@ -1,5 +1,5 @@
class ZipsController < ApplicationController class ZipsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :load_homework, only: [:shixun_report] before_action :load_homework, only: [:shixun_report]
before_action :get_exercise, only: [:export_exercises] before_action :get_exercise, only: [:export_exercises]

@ -67,7 +67,7 @@ module GraduationTasksHelper
# 作品数统计type 1 已提交 0 未提交 # 作品数统计type 1 已提交 0 未提交
def grduationwork_count task, type def grduationwork_count task, type
works = task.graduation_works works = task.graduation_works
type == 1 ? works.where("work_status !=?", 0).size : works.where("work_status =?", 0).size type == 1 ? works.select{|work| work.work_status != 0}.size : works.select{|work| work.work_status == 0}.size
end end
# 普通/分组 作业作品状态数组 # 普通/分组 作业作品状态数组

@ -16,6 +16,8 @@ class Challenge < ApplicationRecord
# 参考答案 # 参考答案
has_many :challenge_answers, :dependent => :destroy has_many :challenge_answers, :dependent => :destroy
has_many :exercise_bank_shixun_challenges, :dependent => :destroy has_many :exercise_bank_shixun_challenges, :dependent => :destroy
# 回复
has_many :discusses, :dependent => :destroy
# acts_as_attachable # acts_as_attachable

@ -148,7 +148,7 @@ class CourseMember < ApplicationRecord
if teacher_groups.count > 0 if teacher_groups.count > 0
member_ids = teacher_groups.where(course_group_id: self.try(:course_group_id)).pluck(:course_member_id).compact member_ids = teacher_groups.where(course_group_id: self.try(:course_group_id)).pluck(:course_member_id).compact
none_group_teachers = teacher_groups.pluck(:course_member_id).size > 0 ? teacher_groups.pluck(:course_member_id).compact.join(',') : -1 none_group_teachers = teacher_groups.pluck(:course_member_id).compact.size > 0 ? teacher_groups.pluck(:course_member_id).compact.join(',') : -1
teachers = course.teachers.where("course_members.id not in (#{none_group_teachers}) or teachers = course.teachers.where("course_members.id not in (#{none_group_teachers}) or
course_members.id in (#{member_ids.size > 0 ? member_ids.join(',') : -1})") course_members.id in (#{member_ids.size > 0 ? member_ids.join(',') : -1})")
else else

@ -9,6 +9,7 @@ class Discuss < ApplicationRecord
has_many :tidings, as: :container, dependent: :destroy has_many :tidings, as: :container, dependent: :destroy
has_one :praise_tread_cache, as: :object, dependent: :destroy has_one :praise_tread_cache, as: :object, dependent: :destroy
belongs_to :challenge
after_create :send_tiding after_create :send_tiding
scope :children, -> (discuss_id){ where(parent_id: discuss_id).includes(:user).reorder(created_at: :asc) } scope :children, -> (discuss_id){ where(parent_id: discuss_id).includes(:user).reorder(created_at: :asc) }

@ -68,7 +68,7 @@ class GraduationWork < ApplicationRecord
# 作品是否能够分配指导老师 # 作品是否能够分配指导老师
def assign_power?(course_identity) def assign_power?(course_identity)
course_identity < Course::STUDENT && self.graduation_task.cross_comment.present? && self.graduation_task.comment_status == 2 course_identity < Course::STUDENT && graduation_task.cross_comment && graduation_task.comment_status == 2
end end
# 老师评阅分 # 老师评阅分

@ -73,7 +73,7 @@ class Message < ApplicationRecord
# 包含二级回复的总点赞数 # 包含二级回复的总点赞数
def total_praises_count def total_praises_count
descendants.sum(:praises_count) praises_count + descendants.sum(:praises_count)
end end
# 包含二级回复数的总回复数 # 包含二级回复数的总回复数

@ -52,7 +52,7 @@ class Shixun < ApplicationRecord
end end
} }
scope :visible, -> { where("status != -1") } scope :visible, -> { where.not(status: -1) }
scope :published, lambda{ where(status: 2) } scope :published, lambda{ where(status: 2) }
scope :unhidden, lambda{ where(hidden: 0, status: 2) } scope :unhidden, lambda{ where(hidden: 0, status: 2) }
scope :field_for_recommend, lambda{ select([:id, :name, :identifier, :myshixuns_count]) } scope :field_for_recommend, lambda{ select([:id, :name, :identifier, :myshixuns_count]) }

@ -31,7 +31,7 @@ class Subject < ApplicationRecord
# 挑战过路径的成员数 # 挑战过路径的成员数
def member_count def member_count
shixuns.sum(:myshixuns_count) shixuns.pluck(:myshixuns_count).sum
end end
def all_score def all_score

@ -7,9 +7,10 @@ json.time time_from_now(discuss.created_at)
json.position discuss.position json.position discuss.position
json.shixun_id discuss.dis_id json.shixun_id discuss.dis_id
json.hidden discuss.hidden json.hidden discuss.hidden
json.manage current_user.manager_of_shixun?(container) json.manage @manger
json.reward discuss.reward json.reward discuss.reward
json.game_url discuss.game_url(container, current_user) #json.game_url discuss.game_url(container, current_user)
json.game_url "/tasks/#{discuss.identifier}" if @manger && !children
# 主贴和回复有一些不同点 # 主贴和回复有一些不同点
if discuss.parent_id if discuss.parent_id
json.can_delete discuss.can_deleted?(current_user) json.can_delete discuss.can_deleted?(current_user)

@ -1,8 +1,8 @@
json.disscuss_count @disscuss_count json.disscuss_count @disscuss_count
json.all @current_user.admin? json.all @current_user.admin?
json.comments @discusses do |discuss| json.comments @discusses do |discuss|
json.partial! 'discusses/discuss', locals: { discuss: discuss, container: @container, current_user: @current_user } json.partial! 'discusses/discuss', locals: { discuss: discuss, container: @container, current_user: @current_user, children: false}
json.children discuss.child_discuss(current_user) do |c_d| json.children discuss.child_discuss(current_user) do |c_d|
json.partial! 'discusses/discuss', locals: { discuss: c_d, container: @container, current_user: @current_user } json.partial! 'discusses/discuss', locals: { discuss: c_d, container: @container, current_user: @current_user, children: true }
end end
end end

@ -1,10 +1,6 @@
json.course_identity @identity json.course_identity @identity
json.course_public @course.is_public == 1 json.course_public @course.is_public == 1
json.is_end @course.is_end json.is_end @course.is_end
json.all_count @all_count
json.published_count @published_count
json.unpublished_count @all_count - @published_count
json.task_count @task_count
json.tasks @tasks.each do |task| json.tasks @tasks.each do |task|
# task_private = @identity > Course::STUDENT && !task.is_public # task_private = @identity > Course::STUDENT && !task.is_public
@ -29,3 +25,7 @@ json.tasks @tasks.each do |task|
end end
end end
json.all_count @all_count
json.published_count @published_count
json.unpublished_count @all_count - @published_count
json.task_count @task_count

@ -26,6 +26,9 @@ if @task.published? || @user_course_identity < Course::STUDENT
# 是否具有分组 # 是否具有分组
json.have_grouping @task.have_grouping? json.have_grouping @task.have_grouping?
# 是否关联项目
json.have_project @task.have_grouping? && @task.base_on_project
if @user_course_identity == Course::STUDENT if @user_course_identity == Course::STUDENT
json.commit_count grduationwork_count @task, 1 json.commit_count grduationwork_count @task, 1
json.uncommit_count grduationwork_count @task, 0 json.uncommit_count grduationwork_count @task, 0
@ -34,6 +37,7 @@ if @task.published? || @user_course_identity < Course::STUDENT
json.work_count @work_count json.work_count @work_count
json.all_work_count @all_work_count json.all_work_count @all_work_count
end end
# 学生数据 # 学生数据
json.work_lists do json.work_lists do
json.array! @work_list do |work| json.array! @work_list do |work|
@ -41,7 +45,7 @@ if @task.published? || @user_course_identity < Course::STUDENT
json.user_id work.user.id json.user_id work.user.id
json.name work.user.real_name json.name work.user.real_name
json.student_id work.user.student_id json.student_id work.user.student_id
json.class_grouping_name work.class_grouping_name json.class_grouping_name @students.select{|student| student.user_id == work.user_id}.first.try(:course_group_name)
json.ultimate_score work.ultimate_score json.ultimate_score work.ultimate_score
if @task.have_grouping? if @task.have_grouping?
json.grouping_name work.grouping_name json.grouping_name work.grouping_name
@ -58,7 +62,7 @@ if @task.published? || @user_course_identity < Course::STUDENT
end end
json.late_penalty work.late_penalty if @task.allow_late json.late_penalty work.late_penalty if @task.allow_late
json.final_score work_final_score work, @current_user, @user_course_identity json.final_score work_final_score work, @current_user, @user_course_identity
json.assign work.assign_power?(@user_course_identity) json.assign @assign_power
json.view_work @view_work || @current_user.id == work.user_id json.view_work @view_work || @current_user.id == work.user_id
end end
end end

@ -16,7 +16,7 @@ json.commits commits do |commit|
json.login nil json.login nil
json.image_url "avatars/User/b" json.image_url "avatars/User/b"
json.name commit["author_name"] json.name commit["author_name"]
json.email commit["author_email"] # json.email commit["author_email"]
end end
end end
end end

@ -1,7 +1,8 @@
Rails.application.routes.draw do Rails.application.routes.draw do
require 'sidekiq/web' require 'sidekiq/web'
mount Sidekiq::Web => '/sidekiq' require 'admin_constraint'
mount Sidekiq::Web => '/sidekiq', :constraints => AdminConstraint.new
resources :edu_settings resources :edu_settings
scope '/api' do scope '/api' do

@ -0,0 +1,11 @@
class ModifyChallengeIdForDiscusses < ActiveRecord::Migration[5.2]
def change
discusses = Discuss.where(challenge_id: nil)
discusses.each do |dis|
challenge_id = Shixun.find(dis.dis_id).challenges.first.id
dis.update_column(:challenge_id, challenge_id)
end
add_index :discusses, :challenge_id
end
end

@ -0,0 +1,30 @@
class ModifyMdAttachmentUrlForMdCotents < ActiveRecord::Migration[5.2]
def change
# 更新MarkDown图片的URL
homework_commons = HomeworkCommon.all
homework_commons.find_each do |hc|
hc.update_column(:description, hc.description.gsub("![](/attachments/download", "![](/api/attachments")) if hc.description.present?
end
challenges = Challenge.all.unscoped
challenges.find_each do |c|
c.update_column(:task_pass, c.task_pass.gsub("![](/attachments/download", "![](/api/attachments")) if c.task_pass.present?
end
challenge_answers = ChallengeAnswer.all.unscoped
challenge_answers.find_each do |ca|
ca.update_column(:contents, ca.contents.gsub("![](/attachments/download", "![](/api/attachments")) if ca.contents.present?
end
shixun_infos = ShixunInfo.all
shixun_infos.find_each do |si|
si.update_column(:propaedeutics, si.propaedeutics.gsub("![](/attachments/download", "![](/api/attachments")) if si.propaedeutics.present?
si.update_column(:description, si.description.gsub("![](/attachments/download", "![](/api/attachments")) if si.description.present?
end
subjects = Subject.all
subjects.find_each do |s|
s.update_column(:description, s.description.gsub("![](/attachments/download", "![](/api/attachments")) if s.description.present?
end
end
end

@ -70,6 +70,7 @@ module Educoder
response = http.start { |http| http.request(request) } response = http.start { |http| http.request(request) }
ActiveSupport::JSON.decode(response.body) ActiveSupport::JSON.decode(response.body)
rescue =>err rescue =>err
Rails.logger.error("#############sendYunpian_error: #{err.message}")
return nil return nil
end end
end end

Loading…
Cancel
Save