diff --git a/app/controllers/admins/examination_authentications_controller.rb b/app/controllers/admins/examination_authentications_controller.rb index 8045644e1..c68c062b6 100644 --- a/app/controllers/admins/examination_authentications_controller.rb +++ b/app/controllers/admins/examination_authentications_controller.rb @@ -12,7 +12,7 @@ class Admins::ExaminationAuthenticationsController < Admins::BaseController ActiveRecord::Base.transaction do exam = ExaminationBank.find current_apply.container_id current_apply.update!(status: 1) - exam.update!(public: 0) + exam.update!(public: 1) end render_success_js end diff --git a/app/controllers/admins/item_authentications_controller.rb b/app/controllers/admins/item_authentications_controller.rb index 88d833ee9..8da9b232f 100644 --- a/app/controllers/admins/item_authentications_controller.rb +++ b/app/controllers/admins/item_authentications_controller.rb @@ -16,7 +16,7 @@ class Admins::ItemAuthenticationsController < Admins::BaseController ActiveRecord::Base.transaction do item = ItemBank.find current_apply.container_id current_apply.update!(status: 1) - item.update!(public: 0) + item.update!(public: 1) end render_success_js end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b418d528a..f68784db8 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -85,8 +85,8 @@ class ApplicationController < ActionController::Base # 题库的访问权限 def bank_visit_auth - tip_exception(-2,"未通过职业认证") if current_user.is_teacher? && !current_user.certification_teacher? && !current_user.admin? && @bank.user_id != current_user.id && @bank.is_public - tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin? || + tip_exception(-2,"未通过职业认证") if current_user.is_teacher? && !current_user.certification_teacher? && !current_user.admin_or_business? && @bank.user_id != current_user.id && @bank.is_public + tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin_or_business? || (current_user.certification_teacher? && @bank.is_public) end @@ -165,7 +165,7 @@ class ApplicationController < ActionController::Base def find_course return normal_status(2, '缺少course_id参数!') if params[:course_id].blank? @course = Course.find(params[:course_id]) - tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin? + tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin_or_business? rescue Exception => e tip_exception(e.message) end diff --git a/app/controllers/commons_controller.rb b/app/controllers/commons_controller.rb index bcb0fa45a..16e9dc2be 100644 --- a/app/controllers/commons_controller.rb +++ b/app/controllers/commons_controller.rb @@ -58,7 +58,7 @@ class CommonsController < ApplicationController 200 end else - current_user.admin? ? 200 : 403 + current_user.admin_or_business? ? 200 : 403 end return normal_status(code, "你没有权限操作!") if code == 403 end diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb index 599a4440c..da9f8240a 100644 --- a/app/controllers/courses_controller.rb +++ b/app/controllers/courses_controller.rb @@ -396,7 +396,7 @@ class CoursesController < ApplicationController def teachers @search_str = params[:search].present? ? params[:search].strip : "" - if @course.try(:id) != 1309 || current_user.admin? || current_user.try(:id) == 15582 + if @course.try(:id) != 1309 || current_user.admin_or_business? || current_user.try(:id) == 15582 @teacher_list = @course.course_members.joins(:user).where("course_members.role in (1, 2, 3) and LOWER(concat(users.lastname, users.firstname)) LIKE ?", "%#{@search_str}%") else @@ -441,7 +441,7 @@ class CoursesController < ApplicationController @applications = CourseMessage.unhandled_join_course_requests_by_course(@course). joins("join users on course_messages.course_message_id=users.id"). where("LOWER(concat(users.lastname, users.firstname)) LIKE ?", "%#{search_str}%") - if @course.try(:id) != 1309 || current_user.admin? || current_user.try(:id) == 15582 + if @course.try(:id) != 1309 || current_user.admin_or_business? || current_user.try(:id) == 15582 teacher_list = @course.course_members.where("course_members.role in (1, 2, 3)") else teacher_list = @course.course_members.where("(course_members.role in (1, 3) or (course_members.user_id = #{current_user.id} @@ -838,7 +838,7 @@ class CoursesController < ApplicationController # 已通过职业认证的教师复制课堂 def duplicate_course - return tip_exception("没有复制权限") unless current_user.admin? || current_user.is_teacher? || current_user.teacher_of_course?(@course) + return tip_exception("没有复制权限") unless current_user.admin_or_business? || current_user.is_teacher? || current_user.teacher_of_course?(@course) return tip_exception("教师职业认证未通过") unless current_user.pro_certification? new_course = @course.self_duplicate @@ -1280,7 +1280,7 @@ class CoursesController < ApplicationController end if @all_members.size == 0 - normal_status(-1,"课堂暂时没有学生") + normal_status(-1,"暂无学生数据") elsif params[:export].present? && params[:export] normal_status(0,"正在下载中") else @@ -1308,7 +1308,7 @@ class CoursesController < ApplicationController end if @all_members.length == 0 - normal_status(-1,"课堂暂时没有学生") + normal_status(-1,"暂无学生数据") elsif params[:export].present? && params[:export] normal_status(0,"正在下载中") else @@ -1404,7 +1404,7 @@ class CoursesController < ApplicationController # Use callbacks to share common setup or constraints between actions. def set_course @course = Course.find_by!(id: params[:id]) - tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin? + tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin_or_business? end # Never trust parameters from the scary internet, only allow the white list through. diff --git a/app/controllers/examination_banks_controller.rb b/app/controllers/examination_banks_controller.rb index ef545e06e..7c1f950f3 100644 --- a/app/controllers/examination_banks_controller.rb +++ b/app/controllers/examination_banks_controller.rb @@ -50,8 +50,11 @@ class ExaminationBanksController < ApplicationController end def destroy - @exam.destroy! - render_ok + ActiveRecord::Base.transaction do + ApplyAction.where(container_type: "ExaminationBank", container_id: @exam.id).destroy_all + @exam.destroy! + render_ok + end end def set_public diff --git a/app/controllers/exercise_bank_questions_controller.rb b/app/controllers/exercise_bank_questions_controller.rb index 1fd8ad874..46547ecb0 100644 --- a/app/controllers/exercise_bank_questions_controller.rb +++ b/app/controllers/exercise_bank_questions_controller.rb @@ -372,7 +372,7 @@ class ExerciseBankQuestionsController < ApplicationController private def bank_admin - tip_exception(403, "无权限") unless @exercise.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @exercise.user_id == current_user.id || current_user.admin_or_business? end def get_exercise diff --git a/app/controllers/exercise_banks_controller.rb b/app/controllers/exercise_banks_controller.rb index 9a35bfcdb..556b445ba 100644 --- a/app/controllers/exercise_banks_controller.rb +++ b/app/controllers/exercise_banks_controller.rb @@ -26,7 +26,7 @@ class ExerciseBanksController < ApplicationController search = params[:search] type = params[:type] # 超级管理员用户显示所有未隐藏的实训、非管理员显示所有已发布的实训(对本单位公开且未隐藏未关闭) - if current_user.admin? + if current_user.admin_or_business? @shixuns = Shixun.unhidden else none_shixun_ids = ShixunSchool.where("school_id != #{current_user.school_id}").pluck(:shixun_id) @@ -67,7 +67,7 @@ class ExerciseBanksController < ApplicationController end def bank_admin - tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin_or_business? end #判断实训是否已选择 diff --git a/app/controllers/graduation_works_controller.rb b/app/controllers/graduation_works_controller.rb index 9e119a3c8..fd47df172 100644 --- a/app/controllers/graduation_works_controller.rb +++ b/app/controllers/graduation_works_controller.rb @@ -411,7 +411,7 @@ class GraduationWorksController < ApplicationController # 删除教师/教辅的评分记录 def delete_score score = @work.graduation_work_scores.where(id: params[:comment_id]).first - if score.present? && (score.is_invalid || score.score.nil?) && (score.user == current_user || current_user.admin?) + if score.present? && (score.is_invalid || score.score.nil?) && (score.user == current_user || current_user.admin_or_business?) begin score.destroy normal_status("删除成功") diff --git a/app/controllers/gtopic_banks_controller.rb b/app/controllers/gtopic_banks_controller.rb index f09a8554c..504868a6e 100644 --- a/app/controllers/gtopic_banks_controller.rb +++ b/app/controllers/gtopic_banks_controller.rb @@ -26,7 +26,7 @@ class GtopicBanksController < ApplicationController end def bank_admin - tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin_or_business? end def gtopic_bank_params diff --git a/app/controllers/homework_banks_controller.rb b/app/controllers/homework_banks_controller.rb index 61bded033..00efbbd5f 100644 --- a/app/controllers/homework_banks_controller.rb +++ b/app/controllers/homework_banks_controller.rb @@ -47,7 +47,7 @@ class HomeworkBanksController < ApplicationController end def bank_admin - tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin_or_business? end def bank_params diff --git a/app/controllers/homework_commons_controller.rb b/app/controllers/homework_commons_controller.rb index f9931c370..1d47fa293 100644 --- a/app/controllers/homework_commons_controller.rb +++ b/app/controllers/homework_commons_controller.rb @@ -145,7 +145,7 @@ class HomeworkCommonsController < ApplicationController @student_works = @homework.teacher_works(@member) @all_member_count = @student_works.size @score_open = true - elsif @user_course_identity > Course::STUDENT && @homework.work_public + elsif @user_course_identity > Course::STUDENT @student_works = student_works @score_open = false else @@ -757,7 +757,7 @@ class HomeworkCommonsController < ApplicationController search = params[:search] type = params[:type] # 超级管理员用户显示所有未隐藏的实训、非管理员显示所有已发布的实训(对本单位公开且未隐藏未关闭) - if current_user.admin? + if current_user.admin_or_business? @shixuns = Shixun.unhidden else none_shixun_ids = ShixunSchool.where("school_id != #{current_user.school_id}").pluck(:shixun_id) diff --git a/app/controllers/item_banks_controller.rb b/app/controllers/item_banks_controller.rb index 8b77e3e9a..221e754a4 100644 --- a/app/controllers/item_banks_controller.rb +++ b/app/controllers/item_banks_controller.rb @@ -31,8 +31,11 @@ class ItemBanksController < ApplicationController end def destroy - @item.destroy! - render_ok + ActiveRecord::Base.transaction do + ApplyAction.where(container_type: "ItemBank", container_id: @item.id).destroy_all + @item.destroy! + render_ok + end end def set_public diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb index 5dcda0e9a..7b096f1ec 100644 --- a/app/controllers/messages_controller.rb +++ b/app/controllers/messages_controller.rb @@ -127,7 +127,7 @@ class MessagesController < ApplicationController end def create - return normal_status(403, "您没有权限进行该操作") unless current_user.admin? || current_user.member_of_course?(@board.course) + return normal_status(403, "您没有权限进行该操作") unless current_user.admin_or_business? || current_user.member_of_course?(@board.course) begin @message = Message.new(message_params) diff --git a/app/controllers/poll_bank_questions_controller.rb b/app/controllers/poll_bank_questions_controller.rb index 71f302115..9e3e890b0 100644 --- a/app/controllers/poll_bank_questions_controller.rb +++ b/app/controllers/poll_bank_questions_controller.rb @@ -114,7 +114,7 @@ class PollBankQuestionsController < ApplicationController private def bank_admin - tip_exception(403, "无权限") unless @poll.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @poll.user_id == current_user.id || current_user.admin_or_business? end def get_poll diff --git a/app/controllers/question_banks_controller.rb b/app/controllers/question_banks_controller.rb index ddb0f3ce1..5183c7a96 100644 --- a/app/controllers/question_banks_controller.rb +++ b/app/controllers/question_banks_controller.rb @@ -10,7 +10,7 @@ class QuestionBanksController < ApplicationController def bank_list page = params[:page] || 1 limit = params[:limit] || 15 - @certification_teacher = current_user.is_certification_teacher || current_user.admin? + @certification_teacher = current_user.is_certification_teacher || current_user.admin_or_business? @objects = @object_type.classify.constantize.where(@object_filter) @objects = if params[:search] @@ -134,7 +134,7 @@ class QuestionBanksController < ApplicationController def destroy bank = current_bank - unless current_user.admin? || bank.user_id == current_user.id + unless current_user.admin_or_business? || bank.user_id == current_user.id render_forbidden return end @@ -165,7 +165,7 @@ class QuestionBanksController < ApplicationController def object_banks banks ||= @object_type.classify.constantize.where(@object_filter).where(id: params[:object_id]) - unless current_user.admin? + unless current_user.admin_or_business? banks = banks.where(user_id: current_user.id) end banks @@ -202,7 +202,7 @@ class QuestionBanksController < ApplicationController end def teacher_or_admin - tip_exception(403, "无权限操作") unless current_user.is_certification_teacher || current_user.admin? + tip_exception(403, "无权限操作") unless current_user.is_certification_teacher || current_user.admin_or_business? end def quote_homework_bank homework, course diff --git a/app/controllers/task_banks_controller.rb b/app/controllers/task_banks_controller.rb index 2b1a400ef..768c4cb2a 100644 --- a/app/controllers/task_banks_controller.rb +++ b/app/controllers/task_banks_controller.rb @@ -29,7 +29,7 @@ class TaskBanksController < ApplicationController end def bank_admin - tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin? + tip_exception(403, "无权限") unless @bank.user_id == current_user.id || current_user.admin_or_business? end def gtask_bank_params diff --git a/app/controllers/users/question_banks_controller.rb b/app/controllers/users/question_banks_controller.rb index c5b837d0b..73d1d4dec 100644 --- a/app/controllers/users/question_banks_controller.rb +++ b/app/controllers/users/question_banks_controller.rb @@ -66,9 +66,9 @@ class Users::QuestionBanksController < Users::BaseController def check_user_permission! if params[:type] == 'publicly' - normal_status(-2,"未通过职业认证") unless User.current.admin? || User.current.certification_teacher? + normal_status(-2,"未通过职业认证") unless User.current.admin_or_business? || User.current.certification_teacher? else - render_forbidden unless User.current.admin? || User.current.is_teacher? + render_forbidden unless User.current.admin_or_business? || User.current.is_teacher? end end end \ No newline at end of file diff --git a/app/controllers/weapps/courses_controller.rb b/app/controllers/weapps/courses_controller.rb index cb3c195d6..d732416ba 100644 --- a/app/controllers/weapps/courses_controller.rb +++ b/app/controllers/weapps/courses_controller.rb @@ -39,7 +39,7 @@ class Weapps::CoursesController < Weapps::BaseController @page = (params[:page] || 1).to_i @limit = (params[:limit] || 20).to_i search = params[:search].present? ? params[:search].strip : "" - if @course.try(:id) != 1309 || current_user.admin? || current_user.try(:id) == 15582 + if @course.try(:id) != 1309 || current_user.admin_or_business? || current_user.try(:id) == 15582 @teacher_list = @course.course_members.joins(:user).where("course_members.role in (1, 2, 3)") else @teacher_list = @course.course_members.joins(:user).where("(course_members.role in (1, 3) or (course_members.user_id = #{current_user.id} @@ -203,6 +203,6 @@ class Weapps::CoursesController < Weapps::BaseController def set_course @course = Course.find_by!(id: params[:id]) - tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin? + tip_exception(404, "") if @course.is_delete == 1 && !current_user.admin_or_business? end end \ No newline at end of file diff --git a/app/helpers/export_helper.rb b/app/helpers/export_helper.rb index 22adf3005..8b61ca2b6 100644 --- a/app/helpers/export_helper.rb +++ b/app/helpers/export_helper.rb @@ -47,9 +47,10 @@ module ExportHelper user_name = user.real_name user_mail = user.mail user_stu_id = user.student_id.present? ? (user.student_id.to_s + "\t") : "--" + user_grade = user.grade user_school = user.school_name user_course_group = u.course_group_name - user_info_array = [user_name,user_login,user_mail,user_stu_id,user_school,user_course_group] #用户的信息集合 + user_info_array = [user_name,user_login,user_mail,user_stu_id,user_grade,user_school,user_course_group] #用户的信息集合 user_work_scores = [] #学生总成绩 @@ -150,7 +151,7 @@ module ExportHelper course_user_score_title = "学生总成绩" score_title_cells = shixun_titles + common_titles + group_titles + task_titles + exercise_titles score_title_counts = [shixun_titles.count,common_titles.count,group_titles.count,task_titles.count,exercise_titles.count] - score_cell_head = %w(序号 真实姓名 登录名 邮箱 学号 学校 分班 个人总成绩) + score_title_cells + score_cell_head = %w(序号 真实姓名 登录名 邮箱 学号 金币 学校 分班 个人总成绩) + score_title_cells @course_user_scores = [course_user_score_title,score_cell_head,score_title_counts,total_user_score_array] #作业的全部集合 diff --git a/app/models/course.rb b/app/models/course.rb index 9100f8470..83d2bb56e 100644 --- a/app/models/course.rb +++ b/app/models/course.rb @@ -251,7 +251,7 @@ class Course < ApplicationRecord member = course_member(user.id) group_ids = if member.present? member.teacher_course_groups.size > 0 ? member.teacher_course_groups.pluck(:course_group_id) : course_groups.pluck(:id) - elsif user.admin? + elsif user.admin_or_business? course_groups.pluck(:id) else [] diff --git a/app/models/graduation_work.rb b/app/models/graduation_work.rb index 96dce0c49..7fb0ecc24 100644 --- a/app/models/graduation_work.rb +++ b/app/models/graduation_work.rb @@ -55,7 +55,7 @@ class GraduationWork < ApplicationRecord end def delete_atta atta - last_score = graduation_work_scores.where.not(score: nil).last + last_score = graduation_work_scores.last (atta.author_id == User.current.id) && (last_score.blank? || last_score.try(:created_at) < atta.created_on) end diff --git a/app/models/student_work.rb b/app/models/student_work.rb index 4da23a30f..473efa756 100644 --- a/app/models/student_work.rb +++ b/app/models/student_work.rb @@ -105,7 +105,7 @@ class StudentWork < ApplicationRecord end def delete_atta atta - last_score = student_works_scores.where.not(score: nil).last + last_score = student_works_scores.last (atta.author_id == User.current.id) && (last_score.blank? || last_score.try(:created_at) < atta.created_on) end diff --git a/app/models/student_works_score.rb b/app/models/student_works_score.rb index af4405958..f9f4f4220 100644 --- a/app/models/student_works_score.rb +++ b/app/models/student_works_score.rb @@ -17,7 +17,7 @@ class StudentWorksScore < ApplicationRecord end def allow_delete current_user - (self.is_invalid || self.score.nil?) && (current_user == self.user || current_user.admin?) + (self.is_invalid || self.score.nil?) && (current_user == self.user || current_user.admin_or_business?) end # 匿评分 diff --git a/app/models/test_set.rb b/app/models/test_set.rb index f774610ee..1fae89afa 100644 --- a/app/models/test_set.rb +++ b/app/models/test_set.rb @@ -1,7 +1,7 @@ class TestSet < ApplicationRecord # match_rule: 匹配规则: full: 完全匹配, last: 末尾匹配 # - validates :input, length: { maximum: 500 } - validates :input, length: { maximum: 500 } + validates :input, length: { maximum: 5000 } + validates :input, length: { maximum: 5000 } end diff --git a/app/views/admins/shixuns/index.html.erb b/app/views/admins/shixuns/index.html.erb index 4348f0f45..7c6264928 100644 --- a/app/views/admins/shixuns/index.html.erb +++ b/app/views/admins/shixuns/index.html.erb @@ -23,20 +23,21 @@ <%= select_tag(:search_type, options_for_select(auto_trial_options), class: 'form-control') %> <%= text_field_tag(:keyword, params[:keyword], class: 'form-control col-sm-2 ml-3', placeholder: '输入关键字搜索') %> -
- 导出 -
-
+
<% fork_status_options = [['全部', ''], ["全部fork实训", "Fork"], ["实训内容升级", 'Shixun'], ["课堂教学使用", 'Course'],["实践课程使用",'Subject'],["其他原因",'Other']] %> <%= select_tag(:fork_status, options_for_select(fork_status_options), class: 'form-control') %>
- <%= submit_tag('搜索', class: 'btn btn-primary ml-3','data-disable-with': '搜索中...') %> - <%= link_to "清除", admins_shixuns_path,class: "btn btn-default",id:"shixuns-clear-search",'data-disable-with': '清除中...' %> +
+ <%= submit_tag('搜索', class: 'btn btn-primary ml-3','data-disable-with': '搜索中...') %> + <%= link_to "清除", admins_shixuns_path,class: "btn btn-default",id:"shixuns-clear-search",'data-disable-with': '清除中...' %> +
+ + 导出
<% end %> diff --git a/app/views/exercise_banks/show.json.jbuilder b/app/views/exercise_banks/show.json.jbuilder index 802e863cb..4c01f1fd1 100644 --- a/app/views/exercise_banks/show.json.jbuilder +++ b/app/views/exercise_banks/show.json.jbuilder @@ -2,7 +2,7 @@ if @bank.container_type == "Exercise" json.exercise do json.extract! @bank, :id, :name, :description, :is_public end - json.authorize @bank.user_id == current_user.id || current_user.admin? + json.authorize @bank.user_id == current_user.id || current_user.admin_or_business? json.partial! "exercises/exercise_scores" @@ -21,7 +21,7 @@ else json.poll do json.extract! @bank, :id, :name, :description, :is_public end - json.authorize @bank.user_id == current_user.id || current_user.admin? + json.authorize @bank.user_id == current_user.id || current_user.admin_or_business? json.question_types do json.q_counts @poll_questions_count diff --git a/app/views/graduation_tasks/show.json.jbuilder b/app/views/graduation_tasks/show.json.jbuilder index 814cc62ce..8b2a553b1 100644 --- a/app/views/graduation_tasks/show.json.jbuilder +++ b/app/views/graduation_tasks/show.json.jbuilder @@ -1,7 +1,7 @@ json.partial! "public_navigation", locals: {graduation: @task, course: @course} json.description @task.description json.user_id @task.user_id -json.authorize @task.user_id == current_user.id || current_user.admin? +json.authorize @task.user_id == current_user.id || current_user.admin_or_business? # 附件 json.attachments @attachments do |attachment| json.partial! "attachments/attachment_simple", locals: {attachment: attachment} diff --git a/app/views/graduation_works/comment_list.json.jbuilder b/app/views/graduation_works/comment_list.json.jbuilder index 77898c91d..5f59a8bcf 100644 --- a/app/views/graduation_works/comment_list.json.jbuilder +++ b/app/views/graduation_works/comment_list.json.jbuilder @@ -15,7 +15,7 @@ json.comment_scores @comment_scores do |score| json.score score.score json.content score.comment json.is_invalid score.is_invalid - json.delete (@current_user == score.user || @current_user.admin?) && (score.is_invalid || score.score.nil?) + json.delete (@current_user == score.user || @current_user.admin_or_business?) && (score.is_invalid || score.score.nil?) json.attachments score.attachments do |atta| json.partial! "attachments/attachment_simple", locals: {attachment: atta, delete: false} end diff --git a/app/views/gtopic_banks/show.json.jbuilder b/app/views/gtopic_banks/show.json.jbuilder index 7ab86674d..0d32b17a3 100644 --- a/app/views/gtopic_banks/show.json.jbuilder +++ b/app/views/gtopic_banks/show.json.jbuilder @@ -1,6 +1,6 @@ json.(@bank, :id, :name, :description, :is_public, :topic_type, :topic_source, :topic_property_first, :topic_property_second, :source_unit, :topic_repeat, :province, :city) -json.authorize @bank.user_id == current_user.id || current_user.admin? +json.authorize @bank.user_id == current_user.id || current_user.admin_or_business? json.attachment_list @bank_attachments do |attachment| json.partial! "attachments/attachment_simple", locals: {attachment: attachment} diff --git a/app/views/homework_banks/show.json.jbuilder b/app/views/homework_banks/show.json.jbuilder index f3785173a..82be072cf 100644 --- a/app/views/homework_banks/show.json.jbuilder +++ b/app/views/homework_banks/show.json.jbuilder @@ -1,5 +1,5 @@ json.(@bank, :id, :name, :description, :homework_type, :is_public, :min_num, :max_num, :base_on_project, :reference_answer) -json.authorize @bank.user_id == current_user.id || current_user.admin? +json.authorize @bank.user_id == current_user.id || current_user.admin_or_business? json.attachments @bank_attachments do |attachment| json.partial! "attachments/attachment_simple", locals: {attachment: attachment} diff --git a/app/views/shixun_lists/index.json.jbuilder b/app/views/shixun_lists/index.json.jbuilder index e926ee927..9526b0173 100644 --- a/app/views/shixun_lists/index.json.jbuilder +++ b/app/views/shixun_lists/index.json.jbuilder @@ -21,7 +21,7 @@ json.shixun_list do json.pic url_to_avatar(obj) json.content highlights json.level level_to_s(obj.trainee) - json.subjects obj.subjects.uniq do |subject| + json.subjects obj.subjects.visible.unhidden.uniq do |subject| json.(subject, :id, :name) end end diff --git a/app/views/student_works/show.json.jbuilder b/app/views/student_works/show.json.jbuilder index 7b3a91b5e..8cb3ee7ca 100644 --- a/app/views/student_works/show.json.jbuilder +++ b/app/views/student_works/show.json.jbuilder @@ -11,7 +11,7 @@ json.update_user_name @is_evaluation ? "匿名" : @work.update_user.try(:real_na json.update_atta @homework.late_duration && @is_author json.attachments @attachments do |atta| - json.partial! "attachments/attachment_simple", locals: {attachment: atta, delete: false, } + json.partial! "attachments/attachment_simple", locals: {attachment: atta, delete: false } end unless @is_evaluation diff --git a/app/views/task_banks/show.json.jbuilder b/app/views/task_banks/show.json.jbuilder index ab53399e1..bc9e6d70e 100644 --- a/app/views/task_banks/show.json.jbuilder +++ b/app/views/task_banks/show.json.jbuilder @@ -1,6 +1,6 @@ json.(@bank, :id, :name, :description, :task_type, :is_public) # 附件 -json.authorize @bank.user_id == current_user.id || current_user.admin? +json.authorize @bank.user_id == current_user.id || current_user.admin_or_business? json.attachments @bank_attachments do |attachment| json.partial! "attachments/attachment_simple", locals: {attachment: attachment} end diff --git a/app/views/users/question_banks/index.json.jbuilder b/app/views/users/question_banks/index.json.jbuilder index 018e78254..d39341e08 100644 --- a/app/views/users/question_banks/index.json.jbuilder +++ b/app/views/users/question_banks/index.json.jbuilder @@ -14,5 +14,5 @@ json.question_banks @question_banks do |question_bank| json.course_list_name question_bank.course_list&.name json.updated_at question_bank.updated_at json.solve_count @solve_count_map.fetch(question_bank.id, 0) - json.authorize question_bank.user_id == current_user.id || current_user.admin? + json.authorize question_bank.user_id == current_user.id || current_user.admin_or_business? end diff --git a/db/migrate/20200109095357_add_uniq_index_to_evaluation_distribution.rb b/db/migrate/20200109095357_add_uniq_index_to_evaluation_distribution.rb new file mode 100644 index 000000000..6bf860ef6 --- /dev/null +++ b/db/migrate/20200109095357_add_uniq_index_to_evaluation_distribution.rb @@ -0,0 +1,11 @@ +class AddUniqIndexToEvaluationDistribution < ActiveRecord::Migration[5.2] + def change + sql = %Q(delete from student_works_evaluation_distributions where (user_id, student_work_id) in + (select * from (select user_id, student_work_id from student_works_evaluation_distributions group by user_id, student_work_id having count(*) > 1) a) + and id not in (select * from (select min(id) from student_works_evaluation_distributions group by user_id, student_work_id having count(*) > 1 order by id) b)) + ActiveRecord::Base.connection.execute sql + + add_index :student_works_evaluation_distributions, [:student_work_id, :user_id], name: "index_on_student_work_id_and_user_id", unique: true + remove_index :student_works_evaluation_distributions, :user_id + end +end