登录与认证

dev_forum
cxt 5 years ago
parent 26a9c39f3f
commit 689600314b

@ -1,5 +1,5 @@
class AddDepartmentAppliesController < ApplicationController class AddDepartmentAppliesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
def create def create
CreateAddDepartmentApplyService.call(current_user, create_params) CreateAddDepartmentApplyService.call(current_user, create_params)

@ -1,5 +1,5 @@
class AddSchoolAppliesController < ApplicationController class AddSchoolAppliesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
def create def create
CreateAddSchoolApplyService.call(current_user, create_params) CreateAddSchoolApplyService.call(current_user, create_params)

@ -178,18 +178,12 @@ class ApplicationController < ActionController::Base
# 系统全局认证 # 系统全局认证
# #
def check_auth def check_auth
if User.current.logged?
if !current_user.profile_completed? if !current_user.profile_completed?
info_url = '/account/profile' info_url = '/account/profile'
tip_exception(402, info_url) tip_exception(402, info_url)
elsif current_user.certification != 1 elsif current_user.certification != 1
day_cer = UserDayCertification.find_by(user_id: current_user.id) day_cer = UserDayCertification.find_by(user_id: current_user.id)
unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400 tip_exception(407, "系统未授权") unless (Time.now.to_i - day_cer.try(:created_at).to_i) < 86400
tip_exception(407, "系统未授权")
end
end
else
tip_exception(401, "..")
end end
end end

@ -2,7 +2,7 @@
# #
# 文件上传 # 文件上传
class AttachmentsController < ApplicationController class AttachmentsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_file, only: %i[show destroy] before_action :find_file, only: %i[show destroy]
include ErrorCommon include ErrorCommon

@ -1,5 +1,5 @@
class BoardsController < ApplicationController class BoardsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_course, only: [:create] before_action :find_course, only: [:create]
before_action :set_board, except: [:create] before_action :set_board, except: [:create]
before_action :teacher_allowed before_action :teacher_allowed

@ -1,5 +1,5 @@
class ChallengesController < ApplicationController class ChallengesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_shixun, only: [:new, :create, :index] before_action :find_shixun, only: [:new, :create, :index]
skip_before_action :verify_authenticity_token, only: [:create, :update, :create_choose_question, :crud_answer] skip_before_action :verify_authenticity_token, only: [:create, :update, :create_choose_question, :crud_answer]
before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up, before_action :find_challenge, only: [:edit, :show, :update, :create_choose_question, :index_down, :index_up,

@ -1,7 +1,7 @@
class CommonsController < ApplicationController class CommonsController < ApplicationController
OBJECT_TYPE = %W[message journals_for_message] OBJECT_TYPE = %W[message journals_for_message]
before_action :require_login before_action :require_login, :check_auth
before_action :validate_object_type before_action :validate_object_type
before_action :find_object before_action :find_object
before_action :validate_power before_action :validate_power

@ -1,5 +1,5 @@
class CourseGroupsController < ApplicationController class CourseGroupsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_group, except: [:create] before_action :set_group, except: [:create]
before_action :find_course, only: [:create] before_action :find_course, only: [:create]
before_action :teacher_or_admin_allowed before_action :teacher_or_admin_allowed

@ -1,5 +1,5 @@
class CourseModulesController < ApplicationController class CourseModulesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_module, except: [:unhidden_modules] before_action :set_module, except: [:unhidden_modules]
before_action :find_course, only: [:unhidden_modules] before_action :find_course, only: [:unhidden_modules]
before_action :teacher_allowed before_action :teacher_allowed

@ -1,5 +1,5 @@
class CourseSecondCategoriesController < ApplicationController class CourseSecondCategoriesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :set_category before_action :set_category
before_action :teacher_allowed before_action :teacher_allowed

@ -11,7 +11,7 @@ class CoursesController < ApplicationController
render_error(ex.model.errors.full_messages.join(',')) render_error(ex.model.errors.full_messages.join(','))
end end
before_action :require_login, except: [:index, :show, :students, :teachers, :board_list, :mine, :all_course_groups, :left_banner, :top_banner] before_action :require_login, :check_auth, except: [:index, :show, :students, :teachers, :board_list, :mine, :all_course_groups, :left_banner, :top_banner]
before_action :set_course, :user_course_identity, only: [:show, :update, :destroy, :settings, :set_invite_code_halt, before_action :set_course, :user_course_identity, only: [:show, :update, :destroy, :settings, :set_invite_code_halt,
:set_public_or_private, :search_teacher_candidate, :teachers, :apply_teachers, :set_public_or_private, :search_teacher_candidate, :teachers, :apply_teachers,
:top_banner, :left_banner, :add_teacher_popup, :add_teacher, :top_banner, :left_banner, :add_teacher_popup, :add_teacher,

@ -1,6 +1,6 @@
class Ecs::BaseController < ApplicationController class Ecs::BaseController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :check_user_permission! before_action :check_user_permission!
helper_method :current_user, :current_school helper_method :current_user, :current_school

@ -1,5 +1,5 @@
class ExerciseAnswersController < ApplicationController class ExerciseAnswersController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :get_exercise_question before_action :get_exercise_question
include ExercisesHelper include ExercisesHelper

@ -1,5 +1,5 @@
class ExerciseQuestionsController < ApplicationController class ExerciseQuestionsController < ApplicationController
before_action :require_login #用户需登陆 before_action :require_login, :check_auth #用户需登陆
before_action :get_exercise,only:[:new,:create] #获取试卷 before_action :get_exercise,only:[:new,:create] #获取试卷
before_action :get_exercise_question,except: [:new,:create] #获取试卷的问题及试卷 before_action :get_exercise_question,except: [:new,:create] #获取试卷的问题及试卷
before_action :is_course_teacher #是否为老师 before_action :is_course_teacher #是否为老师

@ -1,5 +1,5 @@
class ExercisesController < ApplicationController class ExercisesController < ApplicationController
before_action :require_login,except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course,only: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys, before_action :find_course,only: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys,
:join_exercise_banks,:publish_modal,:publish,:end_modal,:end_exercise] #需要有课堂id参数的 :join_exercise_banks,:publish_modal,:publish,:end_modal,:end_exercise] #需要有课堂id参数的
before_action :get_exercise,except: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys, before_action :get_exercise,except: [:index,:new,:create,:my_exercises,:public_exercises,:set_public,:destroys,

@ -1,7 +1,7 @@
class FilesController < ApplicationController class FilesController < ApplicationController
include MessagesHelper include MessagesHelper
before_action :require_login, except: %i[index] before_action :require_login, :check_auth, except: %i[index]
before_action :find_course, except: %i[public_with_course_and_project mine_with_course_and_project] before_action :find_course, except: %i[public_with_course_and_project mine_with_course_and_project]
before_action :find_ids, only: %i[bulk_delete bulk_send bulk_move bulk_public bulk_publish] before_action :find_ids, only: %i[bulk_delete bulk_send bulk_move bulk_public bulk_publish]
before_action :file_validate_sort_type, only: :index before_action :file_validate_sort_type, only: :index

@ -1,5 +1,5 @@
class GamesController < ApplicationController class GamesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_game before_action :find_game
before_action :find_shixun, only: [:show, :answer, :rep_content, :choose_build, :game_build, :game_status] before_action :find_shixun, only: [:show, :answer, :rep_content, :choose_build, :game_build, :game_status]

@ -1,5 +1,5 @@
class GraduationTasksController < ApplicationController class GraduationTasksController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course, except: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment] before_action :find_course, except: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment]
before_action :find_task, only: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment] before_action :find_task, only: [:edit, :update, :settings, :update_settings, :tasks_list, :show, :show_comment]
before_action :user_course_identity before_action :user_course_identity

@ -1,5 +1,5 @@
class GraduationTopicsController < ApplicationController class GraduationTopicsController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
before_action :find_course before_action :find_course
before_action :teacher_allowed, only: [:new, :create, :update, :edit, :destroys, :set_public, before_action :teacher_allowed, only: [:new, :create, :update, :edit, :destroys, :set_public,
:refuse_student_topic, :accept_student_topic, :export] :refuse_student_topic, :accept_student_topic, :export]

@ -1,5 +1,5 @@
class GraduationWorksController < ApplicationController class GraduationWorksController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_task, only: [:new, :create, :search_member_list, :check_project, :relate_project, before_action :find_task, only: [:new, :create, :search_member_list, :check_project, :relate_project,
:cancel_relate_project] :cancel_relate_project]
before_action :find_work, only: [:show, :edit, :update, :revise_attachment, :supply_attachments, :comment_list, before_action :find_work, only: [:show, :edit, :update, :revise_attachment, :supply_attachments, :comment_list,

@ -3,7 +3,7 @@ class HomeworkCommonsController < ApplicationController
include ApplicationHelper include ApplicationHelper
include ExportHelper include ExportHelper
before_action :require_login, except: [:index, :choose_category] before_action :require_login, :check_auth, except: [:index, :choose_category]
before_action :find_course, only: [:index, :create, :new, :shixuns, :subjects, :create_shixun_homework, :publish_homework, before_action :find_course, only: [:index, :create, :new, :shixuns, :subjects, :create_shixun_homework, :publish_homework,
:end_homework, :set_public, :choose_category, :move_to_category, :choose_category, :end_homework, :set_public, :choose_category, :move_to_category, :choose_category,

@ -3,7 +3,7 @@ class MessagesController < ApplicationController
SORT_TYPE = %w[time hot] SORT_TYPE = %w[time hot]
before_action :require_login, only: %i[create update sticky_top bulk_delete create destroy bulk_send bulk_move bulk_public] before_action :require_login, :check_auth, only: %i[create update sticky_top bulk_delete create destroy bulk_send bulk_move bulk_public]
before_action :find_board, only: [:create, :index, :bulk_delete, :bulk_move, :bulk_send, :bulk_public] before_action :find_board, only: [:create, :index, :bulk_delete, :bulk_move, :bulk_send, :bulk_public]
before_action :find_message, only: [:update, :destroy, :sticky_top, :reply_list, :destroy, :reply] before_action :find_message, only: [:update, :destroy, :sticky_top, :reply_list, :destroy, :reply]
before_action :validate_delete_params, only: %i[bulk_delete bulk_public] before_action :validate_delete_params, only: %i[bulk_delete bulk_public]

@ -1,5 +1,5 @@
class MyshixunsController < ApplicationController class MyshixunsController < ApplicationController
before_action :require_login, :except => [:training_task_status, :code_runinng_message] before_action :require_login, :check_auth, :except => [:training_task_status, :code_runinng_message]
before_action :find_myshixun, :except => [:training_task_status, :code_runinng_message] before_action :find_myshixun, :except => [:training_task_status, :code_runinng_message]
before_action :find_repo_name, :except => [:training_task_status, :code_runinng_message] before_action :find_repo_name, :except => [:training_task_status, :code_runinng_message]
skip_before_action :verify_authenticity_token, :only => [:html_content] skip_before_action :verify_authenticity_token, :only => [:html_content]

@ -1,5 +1,5 @@
class PollQuestionsController < ApplicationController class PollQuestionsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :get_poll,only:[:new,:create] before_action :get_poll,only:[:new,:create]
before_action :get_poll_question,except: [:new,:create] before_action :get_poll_question,except: [:new,:create]
before_action :is_course_teacher before_action :is_course_teacher

@ -1,6 +1,6 @@
class PollVotesController < ApplicationController class PollVotesController < ApplicationController
#在开始回答和提交问卷的时候,已经做了判断用户的身份权限 #在开始回答和提交问卷的时候,已经做了判断用户的身份权限
before_action :require_login before_action :require_login, :check_auth
before_action :get_poll_question before_action :get_poll_question
before_action :check_answer_in_question before_action :check_answer_in_question

@ -1,6 +1,6 @@
class PollsController < ApplicationController class PollsController < ApplicationController
# before_action :check_poll_status 问卷的发消息和定时任务没有做 # before_action :check_poll_status 问卷的发消息和定时任务没有做
before_action :require_login,except: [:index] before_action :require_login, :check_auth,except: [:index]
before_action :find_course, except: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,:commit_poll, before_action :find_course, except: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,:commit_poll,
:commit_result,:poll_lists,:cancel_publish,:cancel_publish_modal,:common_header] :commit_result,:poll_lists,:cancel_publish,:cancel_publish_modal,:common_header]
before_action :get_poll_and_course, only: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer, before_action :get_poll_and_course, only: [:show,:poll_setting,:commit_setting,:edit,:update,:start_answer,

@ -1,6 +1,6 @@
class PraiseTreadController < ApplicationController class PraiseTreadController < ApplicationController
include MessagesHelper include MessagesHelper
before_action :require_login before_action :require_login, :check_auth
before_action :validate_params, only: [:like, :unlike] before_action :validate_params, only: [:like, :unlike]
before_action :find_object before_action :find_object

@ -1,5 +1,5 @@
class QuestionBanksController < ApplicationController class QuestionBanksController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :params_filter before_action :params_filter
# 题库选用列表 # 题库选用列表

@ -1,5 +1,5 @@
class ShixunsController < ApplicationController class ShixunsController < ApplicationController
before_action :require_login, except: [:download_file, :index, :menus] before_action :require_login, :check_auth, except: [:download_file, :index, :menus]
before_action :check_auth, except: [:download_file, :index, :menus] before_action :check_auth, except: [:download_file, :index, :menus]
before_action :find_shixun, :shixun_access_allowed, except: [:index, :new, :create, :menus, :get_recommend_shixuns, before_action :find_shixun, :shixun_access_allowed, except: [:index, :new, :create, :menus, :get_recommend_shixuns,

@ -1,5 +1,5 @@
class StagesController < ApplicationController class StagesController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :find_subject, only: [:create, :index] before_action :find_subject, only: [:create, :index]
before_action :find_stage, only: [:update, :destroy, :edit, :up_position, :down_position] before_action :find_stage, only: [:update, :destroy, :edit, :up_position, :down_position]
before_action :allowed, except: [:index] before_action :allowed, except: [:index]

@ -2,7 +2,7 @@ class StudentWorksController < ApplicationController
include HomeworkCommonsHelper include HomeworkCommonsHelper
include StudentWorksHelper include StudentWorksHelper
before_action :require_login before_action :require_login, :check_auth
before_action :find_homework, only: [:new, :create, :search_member_list, :check_project, :relate_project, before_action :find_homework, only: [:new, :create, :search_member_list, :check_project, :relate_project,
:cancel_relate_project] :cancel_relate_project]
before_action :find_work, only: [:shixun_work_report, :adjust_review_score, :shixun_work, :commit_des, :update_des, before_action :find_work, only: [:shixun_work_report, :adjust_review_score, :shixun_work, :commit_des, :update_des,

@ -1,5 +1,5 @@
class SubjectsController < ApplicationController class SubjectsController < ApplicationController
before_action :require_login, except: [:index] before_action :require_login, :check_auth, except: [:index]
# before_action :check_auth, except: [:index] # before_action :check_auth, except: [:index]
before_action :find_subject, except: [:index, :create, :append_to_stage] before_action :find_subject, except: [:index, :create, :append_to_stage]
before_action :allowed, only: [:update, :edit, :destroy, :publish, :cancel_publish, :cancel_has_publish, before_action :allowed, only: [:update, :edit, :destroy, :publish, :cancel_publish, :cancel_has_publish,

@ -1,5 +1,5 @@
class Users::BaseAccountController < Users::BaseController class Users::BaseAccountController < Users::BaseController
before_action :require_login before_action :require_login, :check_auth
def observed_user def observed_user
@_observed_user ||= (User.find_by_id(params[:account_id]) || User.find_by_login(params[:account_id])) @_observed_user ||= (User.find_by_id(params[:account_id]) || User.find_by_login(params[:account_id]))

@ -1,6 +1,6 @@
class Users::InterestsController < Users::BaseController class Users::InterestsController < Users::BaseController
skip_before_action :check_observed_user_exists! skip_before_action :check_observed_user_exists!
before_action :require_login before_action :require_login, :check_auth
def create def create
identity = params[:identity].to_s.strip identity = params[:identity].to_s.strip

@ -1,5 +1,5 @@
class Users::WatchesController < Users::BaseController class Users::WatchesController < Users::BaseController
before_action :require_login before_action :require_login, :check_auth
def create def create
if observed_logged_user? if observed_logged_user?

@ -1,5 +1,5 @@
class ZipsController < ApplicationController class ZipsController < ApplicationController
before_action :require_login before_action :require_login, :check_auth
before_action :load_homework, only: [:shixun_report] before_action :load_homework, only: [:shixun_report]
before_action :get_exercise, only: [:export_exercises] before_action :get_exercise, only: [:export_exercises]

Loading…
Cancel
Save